ReactOS  0.4.15-dev-5112-g22d8c0f
ketypes.h
Go to the documentation of this file.
1 /*++ NDK Version: 0098
2 
3 Copyright (c) Alex Ionescu. All rights reserved.
4 
5 Header Name:
6 
7  ketypes.h
8 
9 Abstract:
10 
11  Type definitions for the Kernel services.
12 
13 Author:
14 
15  Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16 
17 --*/
18 
19 #ifndef _KETYPES_H
20 #define _KETYPES_H
21 
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26 #ifndef NTOS_MODE_USER
27 #include <haltypes.h>
28 #include <potypes.h>
29 #include <ifssupp.h>
30 #endif
31 
32 //
33 // A system call ID is formatted as such:
34 // .________________________________________________________________.
35 // | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
36 // |--------------|-------------------------------------------------|
37 // | TABLE NUMBER | TABLE OFFSET |
38 // \----------------------------------------------------------------/
39 //
40 // The table number is then used as an index into the service descriptor table.
41 #define TABLE_NUMBER_BITS 1
42 #define TABLE_OFFSET_BITS 12
43 
44 //
45 // There are 2 tables (kernel and shadow, used by Win32K)
46 //
47 #define NUMBER_SERVICE_TABLES 2
48 #define NTOS_SERVICE_INDEX 0
49 #define WIN32K_SERVICE_INDEX 1
50 
51 //
52 // NB. From assembly code, the table number must be computed as an offset into
53 // the service descriptor table.
54 //
55 // Each entry into the table is 16 bytes long on 32-bit architectures, and
56 // 32 bytes long on 64-bit architectures.
57 //
58 // Thus, Table Number 1 is offset 16 (0x10) on x86, and offset 32 (0x20) on
59 // x64.
60 //
61 #ifdef _WIN64
62 #define BITS_PER_ENTRY 5 // (1 << 5) = 32 bytes
63 #else
64 #define BITS_PER_ENTRY 4 // (1 << 4) = 16 bytes
65 #endif
66 
67 //
68 // We want the table number, but leave some extra bits to we can have the offset
69 // into the descriptor table.
70 //
71 #define SERVICE_TABLE_SHIFT (12 - BITS_PER_ENTRY)
72 
73 //
74 // Now the table number (as an offset) is corrupted with part of the table offset
75 // This mask will remove the extra unwanted bits, and give us the offset into the
76 // descriptor table proper.
77 //
78 #define SERVICE_TABLE_MASK (((1 << TABLE_NUMBER_BITS) - 1) << BITS_PER_ENTRY)
79 
80 //
81 // To get the table offset (ie: the service call number), just keep the 12 bits
82 //
83 #define SERVICE_NUMBER_MASK ((1 << TABLE_OFFSET_BITS) - 1)
84 
85 //
86 // We'll often need to check if this is a graphics call. This is done by comparing
87 // the table number offset with the known Win32K table number offset.
88 // This is usually index 1, so table number offset 0x10 (x86) or 0x20 (x64)
89 //
90 #define SERVICE_TABLE_TEST (WIN32K_SERVICE_INDEX << BITS_PER_ENTRY)
91 
92 //
93 // Context Record Flags
94 //
95 #define CONTEXT_DEBUGGER (CONTEXT_FULL | CONTEXT_FLOATING_POINT)
96 
97 //
98 // Maximum System Descriptor Table Entries
99 //
100 #define SSDT_MAX_ENTRIES 2
101 
102 //
103 // Processor Architectures
104 //
105 #define PROCESSOR_ARCHITECTURE_INTEL 0
106 #define PROCESSOR_ARCHITECTURE_MIPS 1
107 #define PROCESSOR_ARCHITECTURE_ALPHA 2
108 #define PROCESSOR_ARCHITECTURE_PPC 3
109 #define PROCESSOR_ARCHITECTURE_SHX 4
110 #define PROCESSOR_ARCHITECTURE_ARM 5
111 #define PROCESSOR_ARCHITECTURE_IA64 6
112 #define PROCESSOR_ARCHITECTURE_ALPHA64 7
113 #define PROCESSOR_ARCHITECTURE_MSIL 8
114 #define PROCESSOR_ARCHITECTURE_AMD64 9
115 #define PROCESSOR_ARCHITECTURE_UNKNOWN 0xFFFF
116 
117 //
118 // Object Type Mask for Kernel Dispatcher Objects
119 //
120 #define KOBJECT_TYPE_MASK 0x7F
121 #define KOBJECT_LOCK_BIT 0x80
122 
123 //
124 // Dispatcher Priority increments
125 //
126 #define THREAD_ALERT_INCREMENT 2
127 
128 //
129 // Physical memory offset of KUSER_SHARED_DATA
130 //
131 #define KI_USER_SHARED_DATA_PHYSICAL 0x41000
132 
133 //
134 // Quantum values and decrements
135 //
136 #define MAX_QUANTUM 0x7F
137 #define WAIT_QUANTUM_DECREMENT 1
138 #define CLOCK_QUANTUM_DECREMENT 3
139 
140 //
141 // Kernel Feature Bits
142 //
143 #define KF_V86_VIS 0x00000001
144 #define KF_RDTSC 0x00000002
145 #define KF_CR4 0x00000004
146 #define KF_CMOV 0x00000008
147 #define KF_GLOBAL_PAGE 0x00000010
148 #define KF_LARGE_PAGE 0x00000020
149 #define KF_MTRR 0x00000040
150 #define KF_CMPXCHG8B 0x00000080
151 #define KF_MMX 0x00000100
152 #define KF_WORKING_PTE 0x00000200
153 #define KF_PAT 0x00000400
154 #define KF_FXSR 0x00000800
155 #define KF_FAST_SYSCALL 0x00001000
156 #define KF_XMMI 0x00002000
157 #define KF_3DNOW 0x00004000
158 #define KF_AMDK6MTRR 0x00008000
159 #define KF_XMMI64 0x00010000
160 #define KF_DTS 0x00020000
161 #define KF_BRANCH 0x00020000 // from ksamd64.inc
162 #define KF_SSE3 0x00080000
163 #define KF_CMPXCHG16B 0x00100000
164 #define KF_XSTATE 0x00800000 // from ks386.inc, ksamd64.inc
165 #define KF_NX_BIT 0x20000000
166 #define KF_NX_DISABLED 0x40000000
167 #define KF_NX_ENABLED 0x80000000
168 
169 #define KF_XSAVEOPT_BIT 15
170 #define KF_XSTATE_BIT 23
171 #define KF_RDWRFSGSBASE_BIT 28
172 
173 //
174 // Internal Exception Codes
175 //
176 #define KI_EXCEPTION_INTERNAL 0x10000000
177 #define KI_EXCEPTION_ACCESS_VIOLATION (KI_EXCEPTION_INTERNAL | 0x04)
178 
179 typedef struct _FIBER /* Field offsets: */
180 { /* i386 arm x64 */
181  PVOID FiberData; /* 0x000 0x000 0x000 */
182  struct _EXCEPTION_REGISTRATION_RECORD *ExceptionList;/* 0x004 0x004 0x008 */
183  PVOID StackBase; /* 0x008 0x008 0x010 */
184  PVOID StackLimit; /* 0x00C 0x00C 0x018 */
185  PVOID DeallocationStack; /* 0x010 0x010 0x020 */
186  CONTEXT FiberContext; /* 0x014 0x018 0x030 */
187 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
188  PVOID Wx86Tib; /* 0x2E0 0x1b8 0x500 */
189  struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer; /* 0x2E4 0x1bc 0x508 */
190  PVOID FlsData; /* 0x2E8 0x1c0 0x510 */
191  ULONG GuaranteedStackBytes; /* 0x2EC 0x1c4 0x518 */
192  ULONG TebFlags; /* 0x2F0 0x1c8 0x51C */
193 #else
194  ULONG GuaranteedStackBytes; /* 0x2E0 */
195  PVOID FlsData; /* 0x2E4 */
196  struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer;
197 #endif
198 } FIBER, *PFIBER;
199 
200 #ifndef NTOS_MODE_USER
201 //
202 // Number of dispatch codes supported by KINTERRUPT
203 //
204 #ifdef _M_AMD64
205 #define DISPATCH_LENGTH 4
206 #elif (NTDDI_VERSION >= NTDDI_LONGHORN)
207 #define DISPATCH_LENGTH 135
208 #else
209 #define DISPATCH_LENGTH 106
210 #endif
211 
212 #else // NTOS_MODE_USER
213 
214 //
215 // KPROCESSOR_MODE Type
216 //
217 typedef CCHAR KPROCESSOR_MODE;
218 
219 //
220 // Dereferencable pointer to KUSER_SHARED_DATA in User-Mode
221 //
222 #define SharedUserData ((KUSER_SHARED_DATA *)USER_SHARED_DATA)
223 
224 #ifdef _X86_
225 /* Macros for user-mode run-time checks of X86 system architecture */
226 
227 #ifndef IsNEC_98
228 #define IsNEC_98 (SharedUserData->AlternativeArchitecture == NEC98x86)
229 #endif
230 
231 #ifndef IsNotNEC_98
232 #define IsNotNEC_98 (SharedUserData->AlternativeArchitecture != NEC98x86)
233 #endif
234 
235 /* User-mode cannot override the architecture */
236 #ifndef SetNEC_98
237 #define SetNEC_98
238 #endif
239 
240 /* User-mode cannot override the architecture */
241 #ifndef SetNotNEC_98
242 #define SetNotNEC_98
243 #endif
244 
245 #else // !_X86_
246 /* Correctly define these run-time definitions for non X86 machines */
247 
248 #ifndef IsNEC_98
249 #define IsNEC_98 (FALSE)
250 #endif
251 
252 #ifndef IsNotNEC_98
253 #define IsNotNEC_98 (TRUE)
254 #endif
255 
256 #ifndef SetNEC_98
257 #define SetNEC_98
258 #endif
259 
260 #ifndef SetNotNEC_98
261 #define SetNotNEC_98
262 #endif
263 
264 #endif // _X86_
265 
266 //
267 // Maximum WOW64 Entries in KUSER_SHARED_DATA
268 //
269 #define MAX_WOW64_SHARED_ENTRIES 16
270 
271 //
272 // Maximum Processor Features supported in KUSER_SHARED_DATA
273 //
274 #define PROCESSOR_FEATURE_MAX 64
275 
276 //
277 // Event Types
278 //
279 typedef enum _EVENT_TYPE
280 {
281  NotificationEvent,
282  SynchronizationEvent
283 } EVENT_TYPE;
284 
285 //
286 // Timer Types
287 //
288 typedef enum _TIMER_TYPE
289 {
290  NotificationTimer,
291  SynchronizationTimer
292 } TIMER_TYPE;
293 
294 //
295 // Wait Types
296 //
297 typedef enum _WAIT_TYPE
298 {
299  WaitAll,
300  WaitAny
301 } WAIT_TYPE;
302 
303 //
304 // Processor Execution Modes
305 //
306 typedef enum _MODE
307 {
308  KernelMode,
309  UserMode,
310  MaximumMode
311 } MODE;
312 
313 //
314 // Wait Reasons
315 //
316 typedef enum _KWAIT_REASON
317 {
318  Executive,
319  FreePage,
320  PageIn,
321  PoolAllocation,
322  DelayExecution,
323  Suspended,
324  UserRequest,
325  WrExecutive,
326  WrFreePage,
327  WrPageIn,
328  WrPoolAllocation,
329  WrDelayExecution,
330  WrSuspended,
331  WrUserRequest,
332  WrEventPair,
333  WrQueue,
334  WrLpcReceive,
335  WrLpcReply,
336  WrVirtualMemory,
337  WrPageOut,
338  WrRendezvous,
339  Spare2,
340  WrGuardedMutex,
341  Spare4,
342  Spare5,
343  Spare6,
344  WrKernel,
345  WrResource,
346  WrPushLock,
347  WrMutex,
348  WrQuantumEnd,
349  WrDispatchInt,
350  WrPreempted,
351  WrYieldExecution,
352  MaximumWaitReason
353 } KWAIT_REASON;
354 
355 //
356 // Profiling Sources
357 //
358 typedef enum _KPROFILE_SOURCE
359 {
360  ProfileTime,
361  ProfileAlignmentFixup,
362  ProfileTotalIssues,
363  ProfilePipelineDry,
364  ProfileLoadInstructions,
365  ProfilePipelineFrozen,
366  ProfileBranchInstructions,
367  ProfileTotalNonissues,
368  ProfileDcacheMisses,
369  ProfileIcacheMisses,
370  ProfileCacheMisses,
371  ProfileBranchMispredictions,
372  ProfileStoreInstructions,
373  ProfileFpInstructions,
374  ProfileIntegerInstructions,
375  Profile2Issue,
376  Profile3Issue,
377  Profile4Issue,
378  ProfileSpecialInstructions,
379  ProfileTotalCycles,
380  ProfileIcacheIssues,
381  ProfileDcacheAccesses,
382  ProfileMemoryBarrierCycles,
383  ProfileLoadLinkedIssues,
384  ProfileMaximum
385 } KPROFILE_SOURCE;
386 
387 //
388 // NT Product and Architecture Types
389 //
390 typedef enum _NT_PRODUCT_TYPE
391 {
392  NtProductWinNt = 1,
393  NtProductLanManNt,
394  NtProductServer
395 } NT_PRODUCT_TYPE, *PNT_PRODUCT_TYPE;
396 
397 typedef enum _ALTERNATIVE_ARCHITECTURE_TYPE
398 {
399  StandardDesign,
400  NEC98x86,
401  EndAlternatives
402 } ALTERNATIVE_ARCHITECTURE_TYPE;
403 
404 //
405 // Flags for NXSupportPolicy
406 //
407 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
408 #define NX_SUPPORT_POLICY_ALWAYSOFF 0
409 #define NX_SUPPORT_POLICY_ALWAYSON 1
410 #define NX_SUPPORT_POLICY_OPTIN 2
411 #define NX_SUPPORT_POLICY_OPTOUT 3
412 #endif
413 
414 #endif // NTOS_MODE_USER
415 
416 //
417 // Thread States
418 //
419 typedef enum _KTHREAD_STATE
420 {
421  Initialized,
422  Ready,
423  Running,
424  Standby,
425  Terminated,
426  Waiting,
427  Transition,
428  DeferredReady,
429 #if (NTDDI_VERSION >= NTDDI_WS03)
430  GateWait
431 #endif
432 } KTHREAD_STATE, *PKTHREAD_STATE;
433 
434 //
435 // Kernel Object Types
436 //
437 typedef enum _KOBJECTS
438 {
439  EventNotificationObject = 0,
440  EventSynchronizationObject = 1,
441  MutantObject = 2,
442  ProcessObject = 3,
443  QueueObject = 4,
444  SemaphoreObject = 5,
445  ThreadObject = 6,
446  GateObject = 7,
447  TimerNotificationObject = 8,
448  TimerSynchronizationObject = 9,
449  Spare2Object = 10,
450  Spare3Object = 11,
451  Spare4Object = 12,
452  Spare5Object = 13,
453  Spare6Object = 14,
454  Spare7Object = 15,
455  Spare8Object = 16,
456  Spare9Object = 17,
457  ApcObject = 18,
458  DpcObject = 19,
459  DeviceQueueObject = 20,
460  EventPairObject = 21,
461  InterruptObject = 22,
462  ProfileObject = 23,
463  ThreadedDpcObject = 24,
464  MaximumKernelObject = 25
465 } KOBJECTS;
466 
467 //
468 // Adjust reasons
469 //
470 typedef enum _ADJUST_REASON
471 {
472  AdjustNone = 0,
473  AdjustUnwait = 1,
474  AdjustBoost = 2
475 } ADJUST_REASON;
476 
477 //
478 // Continue Status
479 //
480 typedef enum _KCONTINUE_STATUS
481 {
482  ContinueError = 0,
483  ContinueSuccess,
484  ContinueProcessorReselected,
485  ContinueNextProcessor
486 } KCONTINUE_STATUS;
487 
488 //
489 // Process States
490 //
491 typedef enum _KPROCESS_STATE
492 {
493  ProcessInMemory,
494  ProcessOutOfMemory,
495  ProcessInTransition,
496  ProcessInSwap,
497  ProcessOutSwap,
498 } KPROCESS_STATE, *PKPROCESS_STATE;
499 
500 //
501 // NtVdmControl Classes
502 //
503 typedef enum _VDMSERVICECLASS
504 {
505  VdmStartExecution = 0,
506  VdmQueueInterrupt = 1,
507  VdmDelayInterrupt = 2,
508  VdmInitialize = 3,
509  VdmFeatures = 4,
510  VdmSetInt21Handler = 5,
511  VdmQueryDir = 6,
512  VdmPrinterDirectIoOpen = 7,
513  VdmPrinterDirectIoClose = 8,
514  VdmPrinterInitialize = 9,
515  VdmSetLdtEntries = 10,
516  VdmSetProcessLdtInfo = 11,
517  VdmAdlibEmulation = 12,
518  VdmPMCliControl = 13,
519  VdmQueryVdmProcess = 14,
520 } VDMSERVICECLASS;
521 
522 #ifdef NTOS_MODE_USER
523 
524 //
525 // APC Normal Routine
526 //
527 typedef VOID
528 (NTAPI *PKNORMAL_ROUTINE)(
529  _In_ PVOID NormalContext,
530  _In_ PVOID SystemArgument1,
531  _In_ PVOID SystemArgument2
532 );
533 
534 //
535 // Timer Routine
536 //
537 typedef VOID
538 (NTAPI *PTIMER_APC_ROUTINE)(
539  _In_ PVOID TimerContext,
540  _In_ ULONG TimerLowValue,
541  _In_ LONG TimerHighValue
542 );
543 
544 //
545 // System Time Structure
546 //
547 typedef struct _KSYSTEM_TIME
548 {
549  ULONG LowPart;
550  LONG High1Time;
551  LONG High2Time;
552 } KSYSTEM_TIME, *PKSYSTEM_TIME;
553 
554 //
555 // Shared Kernel User Data
556 //
557 typedef struct _KUSER_SHARED_DATA
558 {
559  ULONG TickCountLowDeprecated;
560  ULONG TickCountMultiplier;
561  volatile KSYSTEM_TIME InterruptTime;
562  volatile KSYSTEM_TIME SystemTime;
563  volatile KSYSTEM_TIME TimeZoneBias;
564  USHORT ImageNumberLow;
565  USHORT ImageNumberHigh;
566  WCHAR NtSystemRoot[260];
567  ULONG MaxStackTraceDepth;
568  ULONG CryptoExponent;
569  ULONG TimeZoneId;
570  ULONG LargePageMinimum;
571  ULONG Reserved2[7];
572  NT_PRODUCT_TYPE NtProductType;
573  BOOLEAN ProductTypeIsValid;
574  ULONG NtMajorVersion;
575  ULONG NtMinorVersion;
576  BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX];
577  ULONG Reserved1;
578  ULONG Reserved3;
579  volatile ULONG TimeSlip;
580  ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture;
581  LARGE_INTEGER SystemExpirationDate;
582  ULONG SuiteMask;
583  BOOLEAN KdDebuggerEnabled;
584 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
585  UCHAR NXSupportPolicy;
586 #endif
587  volatile ULONG ActiveConsoleId;
588  volatile ULONG DismountCount;
589  ULONG ComPlusPackage;
590  ULONG LastSystemRITEventTickCount;
591  ULONG NumberOfPhysicalPages;
592  BOOLEAN SafeBootMode;
593  ULONG TraceLogging;
594  ULONG Fill0;
595  ULONGLONG TestRetInstruction;
596  ULONG SystemCall;
597  ULONG SystemCallReturn;
598  ULONGLONG SystemCallPad[3];
599  union {
600  volatile KSYSTEM_TIME TickCount;
601  volatile ULONG64 TickCountQuad;
602  };
603  ULONG Cookie;
604 #if (NTDDI_VERSION >= NTDDI_WS03)
605  LONGLONG ConsoleSessionForegroundProcessId;
606  ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES];
607 #endif
608 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
609  USHORT UserModeGlobalLogger[8];
610  ULONG HeapTracingPid[2];
611  ULONG CritSecTracingPid[2];
612  union
613  {
614  ULONG SharedDataFlags;
615  struct
616  {
617  ULONG DbgErrorPortPresent:1;
618  ULONG DbgElevationEnabled:1;
619  ULONG DbgVirtEnabled:1;
620  ULONG DbgInstallerDetectEnabled:1;
621  ULONG SpareBits:28;
622  };
623  };
624  ULONG ImageFileExecutionOptions;
625  KAFFINITY ActiveProcessorAffinity;
626 #endif
627 } KUSER_SHARED_DATA, *PKUSER_SHARED_DATA;
628 
629 //
630 // VDM Structures
631 //
632 #include "pshpack1.h"
633 typedef struct _VdmVirtualIca
634 {
635  LONG ica_count[8];
636  LONG ica_int_line;
637  LONG ica_cpu_int;
638  USHORT ica_base;
639  USHORT ica_hipiri;
640  USHORT ica_mode;
641  UCHAR ica_master;
642  UCHAR ica_irr;
643  UCHAR ica_isr;
644  UCHAR ica_imr;
645  UCHAR ica_ssr;
646 } VDMVIRTUALICA, *PVDMVIRTUALICA;
647 #include "poppack.h"
648 
649 typedef struct _VdmIcaUserData
650 {
651  PVOID pIcaLock;
652  PVDMVIRTUALICA pIcaMaster;
653  PVDMVIRTUALICA pIcaSlave;
654  PULONG pDelayIrq;
655  PULONG pUndelayIrq;
656  PULONG pDelayIret;
657  PULONG pIretHooked;
658  PULONG pAddrIretBopTable;
659  PHANDLE phWowIdleEvent;
660  PLARGE_INTEGER pIcaTimeout;
661  PHANDLE phMainThreadSuspended;
662 } VDMICAUSERDATA, *PVDMICAUSERDATA;
663 
664 typedef struct _VDM_INITIALIZE_DATA
665 {
666  PVOID TrapcHandler;
667  PVDMICAUSERDATA IcaUserData;
668 } VDM_INITIALIZE_DATA, *PVDM_INITIALIZE_DATA;
669 
670 #else
671 
672 //
673 // System Thread Start Routine
674 //
675 typedef
676 VOID
677 (NTAPI *PKSYSTEM_ROUTINE)(
678  PKSTART_ROUTINE StartRoutine,
679  PVOID StartContext
680 );
681 
682 #ifndef _NTSYSTEM_
683 typedef VOID
684 (NTAPI *PKNORMAL_ROUTINE)(
685  IN PVOID NormalContext OPTIONAL,
686  IN PVOID SystemArgument1 OPTIONAL,
687  IN PVOID SystemArgument2 OPTIONAL);
688 
689 typedef VOID
690 (NTAPI *PKRUNDOWN_ROUTINE)(
691  IN struct _KAPC *Apc);
692 
693 typedef VOID
694 (NTAPI *PKKERNEL_ROUTINE)(
695  IN struct _KAPC *Apc,
696  IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL,
697  IN OUT PVOID *NormalContext OPTIONAL,
698  IN OUT PVOID *SystemArgument1 OPTIONAL,
699  IN OUT PVOID *SystemArgument2 OPTIONAL);
700 #endif
701 
702 //
703 // APC Environment Types
704 //
705 typedef enum _KAPC_ENVIRONMENT
706 {
707  OriginalApcEnvironment,
708  AttachedApcEnvironment,
709  CurrentApcEnvironment,
710  InsertApcEnvironment
711 } KAPC_ENVIRONMENT;
712 
713 typedef struct _KTIMER_TABLE_ENTRY
714 {
715 #if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM) || defined(_M_AMD64)
716  KSPIN_LOCK Lock;
717 #endif
718  LIST_ENTRY Entry;
719  ULARGE_INTEGER Time;
720 } KTIMER_TABLE_ENTRY, *PKTIMER_TABLE_ENTRY;
721 
722 typedef struct _KTIMER_TABLE
723 {
724  PKTIMER TimerExpiry[64];
725  KTIMER_TABLE_ENTRY TimerEntries[256];
726 } KTIMER_TABLE, *PKTIMER_TABLE;
727 
728 typedef struct _KDPC_LIST
729 {
730  SINGLE_LIST_ENTRY ListHead;
731  SINGLE_LIST_ENTRY* LastEntry;
732 } KDPC_LIST, *PKDPC_LIST;
733 
734 typedef struct _SYNCH_COUNTERS
735 {
736  ULONG SpinLockAcquireCount;
737  ULONG SpinLockContentionCount;
738  ULONG SpinLockSpinCount;
739  ULONG IpiSendRequestBroadcastCount;
740  ULONG IpiSendRequestRoutineCount;
741  ULONG IpiSendSoftwareInterruptCount;
742  ULONG ExInitializeResourceCount;
743  ULONG ExReInitializeResourceCount;
744  ULONG ExDeleteResourceCount;
745  ULONG ExecutiveResourceAcquiresCount;
746  ULONG ExecutiveResourceContentionsCount;
747  ULONG ExecutiveResourceReleaseExclusiveCount;
748  ULONG ExecutiveResourceReleaseSharedCount;
749  ULONG ExecutiveResourceConvertsCount;
750  ULONG ExAcqResExclusiveAttempts;
751  ULONG ExAcqResExclusiveAcquiresExclusive;
752  ULONG ExAcqResExclusiveAcquiresExclusiveRecursive;
753  ULONG ExAcqResExclusiveWaits;
754  ULONG ExAcqResExclusiveNotAcquires;
755  ULONG ExAcqResSharedAttempts;
756  ULONG ExAcqResSharedAcquiresExclusive;
757  ULONG ExAcqResSharedAcquiresShared;
758  ULONG ExAcqResSharedAcquiresSharedRecursive;
759  ULONG ExAcqResSharedWaits;
760  ULONG ExAcqResSharedNotAcquires;
761  ULONG ExAcqResSharedStarveExclusiveAttempts;
762  ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive;
763  ULONG ExAcqResSharedStarveExclusiveAcquiresShared;
764  ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive;
765  ULONG ExAcqResSharedStarveExclusiveWaits;
766  ULONG ExAcqResSharedStarveExclusiveNotAcquires;
767  ULONG ExAcqResSharedWaitForExclusiveAttempts;
768  ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive;
769  ULONG ExAcqResSharedWaitForExclusiveAcquiresShared;
770  ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive;
771  ULONG ExAcqResSharedWaitForExclusiveWaits;
772  ULONG ExAcqResSharedWaitForExclusiveNotAcquires;
773  ULONG ExSetResOwnerPointerExclusive;
774  ULONG ExSetResOwnerPointerSharedNew;
775  ULONG ExSetResOwnerPointerSharedOld;
776  ULONG ExTryToAcqExclusiveAttempts;
777  ULONG ExTryToAcqExclusiveAcquires;
778  ULONG ExBoostExclusiveOwner;
779  ULONG ExBoostSharedOwners;
780  ULONG ExEtwSynchTrackingNotificationsCount;
781  ULONG ExEtwSynchTrackingNotificationsAccountedCount;
782 } SYNCH_COUNTERS, *PSYNCH_COUNTERS;
783 
784 //
785 // PRCB DPC Data
786 //
787 typedef struct _KDPC_DATA
788 {
789 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
790  KDPC_LIST DpcList;
791 #else
792  LIST_ENTRY DpcListHead;
793 #endif
794  ULONG_PTR DpcLock;
795 #if defined(_M_AMD64) || defined(_M_ARM)
796  volatile LONG DpcQueueDepth;
797 #else
798  volatile ULONG DpcQueueDepth;
799 #endif
800  ULONG DpcCount;
801 #if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM)
802  PKDPC ActiveDpc;
803 #endif
804 } KDPC_DATA, *PKDPC_DATA;
805 
806 //
807 // Per-Processor Lookaside List
808 //
809 typedef struct _PP_LOOKASIDE_LIST
810 {
811  struct _GENERAL_LOOKASIDE *P;
812  struct _GENERAL_LOOKASIDE *L;
813 } PP_LOOKASIDE_LIST, *PPP_LOOKASIDE_LIST;
814 
815 //
816 // Architectural Types
817 //
818 #include <arch/ketypes.h>
819 
820 //
821 // Kernel Memory Node
822 //
823 typedef struct _KNODE
824 {
825  SLIST_HEADER DeadStackList;
826  SLIST_HEADER PfnDereferenceSListHead;
827  KAFFINITY ProcessorMask;
828  UCHAR Color;
829  UCHAR Seed;
830  UCHAR NodeNumber;
831  struct _flags {
832  UCHAR Removable : 1;
833  UCHAR Fill : 7;
834  } Flags;
835  ULONG MmShiftedColor;
836  ULONG_PTR FreeCount[2];
837  struct _SINGLE_LIST_ENTRY *PfnDeferredList;
838 } KNODE, *PKNODE;
839 
840 //
841 // Structure for Get/SetContext APC
842 //
843 typedef struct _GETSETCONTEXT
844 {
845  KAPC Apc;
846  KEVENT Event;
847  KPROCESSOR_MODE Mode;
848  CONTEXT Context;
849 } GETSETCONTEXT, *PGETSETCONTEXT;
850 
851 //
852 // Kernel Profile Object
853 //
854 typedef struct _KPROFILE
855 {
856  CSHORT Type;
857  CSHORT Size;
858  LIST_ENTRY ProfileListEntry;
859  struct _KPROCESS *Process;
860  PVOID RangeBase;
861  PVOID RangeLimit;
862  ULONG BucketShift;
863  PVOID Buffer;
864  ULONG_PTR Segment;
865  KAFFINITY Affinity;
866  KPROFILE_SOURCE Source;
867  BOOLEAN Started;
868 } KPROFILE, *PKPROFILE;
869 
870 //
871 // Kernel Interrupt Object
872 //
873 typedef struct _KINTERRUPT
874 {
875  CSHORT Type;
876  CSHORT Size;
877  LIST_ENTRY InterruptListEntry;
878  PKSERVICE_ROUTINE ServiceRoutine;
879 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
880  PKSERVICE_ROUTINE MessageServiceRoutine;
881  ULONG MessageIndex;
882 #endif
883  PVOID ServiceContext;
884  KSPIN_LOCK SpinLock;
885  ULONG TickCount;
886  PKSPIN_LOCK ActualLock;
887  PKINTERRUPT_ROUTINE DispatchAddress;
888  ULONG Vector;
889  KIRQL Irql;
890  KIRQL SynchronizeIrql;
891  BOOLEAN FloatingSave;
892  BOOLEAN Connected;
893  CCHAR Number;
894  BOOLEAN ShareVector;
895  KINTERRUPT_MODE Mode;
896 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
897  KINTERRUPT_POLARITY Polarity;
898 #endif
899  ULONG ServiceCount;
900  ULONG DispatchCount;
901 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
902  ULONGLONG Rsvd1;
903 #endif
904 #ifdef _M_AMD64
905  PKTRAP_FRAME TrapFrame;
906  PVOID Reserved;
907 #endif
908  ULONG DispatchCode[DISPATCH_LENGTH];
909 } KINTERRUPT;
910 
911 //
912 // Kernel Event Pair Object
913 //
914 typedef struct _KEVENT_PAIR
915 {
916  CSHORT Type;
917  CSHORT Size;
918  KEVENT LowEvent;
919  KEVENT HighEvent;
920 } KEVENT_PAIR, *PKEVENT_PAIR;
921 
922 //
923 // Kernel No Execute Options
924 //
925 typedef struct _KEXECUTE_OPTIONS
926 {
927  UCHAR ExecuteDisable:1;
928  UCHAR ExecuteEnable:1;
929  UCHAR DisableThunkEmulation:1;
930  UCHAR Permanent:1;
931  UCHAR ExecuteDispatchEnable:1;
932  UCHAR ImageDispatchEnable:1;
933  UCHAR Spare:2;
934 } KEXECUTE_OPTIONS, *PKEXECUTE_OPTIONS;
935 
936 #if (NTDDI_VERSION >= NTDDI_WIN7)
937 typedef union _KWAIT_STATUS_REGISTER
938 {
939  UCHAR Flags;
940  struct
941  {
942  UCHAR State:2;
943  UCHAR Affinity:1;
944  UCHAR Priority:1;
945  UCHAR Apc:1;
946  UCHAR UserApc:1;
947  UCHAR Alert:1;
948  UCHAR Unused:1;
949  };
950 } KWAIT_STATUS_REGISTER, *PKWAIT_STATUS_REGISTER;
951 
952 typedef struct _COUNTER_READING
953 {
954  enum _HARDWARE_COUNTER_TYPE Type;
955  ULONG Index;
956  ULONG64 Start;
957  ULONG64 Total;
958 }COUNTER_READING, *PCOUNTER_READING;
959 
960 typedef struct _KTHREAD_COUNTERS
961 {
962  ULONG64 WaitReasonBitMap;
963  struct _THREAD_PERFORMANCE_DATA* UserData;
964  ULONG Flags;
965  ULONG ContextSwitches;
966  ULONG64 CycleTimeBias;
967  ULONG64 HardwareCounters;
968  COUNTER_READING HwCounter[16];
969 }KTHREAD_COUNTERS, *PKTHREAD_COUNTERS;
970 #endif
971 
973 #if (NTDDI_VERSION >= NTDDI_WIN8)
974 typedef struct _RTL_RB_TREE
975 {
976  PRTL_BALANCED_NODE Root;
977  PRTL_BALANCED_NODE Min;
978 } RTL_RB_TREE, *PRTL_RB_TREE;
979 #endif
980 
981 #if (NTDDI_VERSION >= NTDDI_WINBLUE)
982 typedef struct _KLOCK_ENTRY_LOCK_STATE
983 {
984  union
985  {
986  struct
987  {
988 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 6.4.9841.0
989  ULONG_PTR CrossThreadReleasable : 1;
990 #else
991  ULONG_PTR Waiting : 1;
992 #endif
993  ULONG_PTR Busy : 1;
994  ULONG_PTR Reserved : (8 * sizeof(PVOID)) - 3; // previously Spare
995  ULONG_PTR InTree : 1;
996  };
997  PVOID LockState;
998  };
999  union
1000  {
1001  PVOID SessionState;
1002  struct
1003  {
1004  ULONG SessionId;
1005 #ifdef _WIN64
1006  ULONG SessionPad;
1007 #endif
1008  };
1009  };
1010 } KLOCK_ENTRY_LOCK_STATE, *PKLOCK_ENTRY_LOCK_STATE;
1011 
1012 typedef struct _KLOCK_ENTRY
1013 {
1014  union
1015  {
1016  RTL_BALANCED_NODE TreeNode;
1017  SINGLE_LIST_ENTRY FreeListEntry;
1018  };
1019 #if (NTDDI_VERSION >= NTDDI_WIN10)
1020  union
1021  {
1022  ULONG EntryFlags;
1023  struct
1024  {
1025  UCHAR EntryOffset;
1026  union
1027  {
1028  UCHAR ThreadLocalFlags;
1029  struct
1030  {
1031  UCHAR WaitingBit : 1;
1032  UCHAR Spare0 : 7;
1033  };
1034  };
1035  union
1036  {
1037  UCHAR AcquiredByte;
1038  UCHAR AcquiredBit : 1;
1039  };
1040  union
1041  {
1042  UCHAR CrossThreadFlags;
1043  struct
1044  {
1045  UCHAR HeadNodeBit : 1;
1046  UCHAR IoPriorityBit : 1;
1047  UCHAR IoQoSWaiter : 1; // since TH2
1048  UCHAR Spare1 : 5;
1049  };
1050  };
1051  };
1052  struct
1053  {
1054  ULONG StaticState : 8;
1055  ULONG AllFlags : 24;
1056  };
1057  };
1058 #ifdef _WIN64
1059  ULONG SpareFlags;
1060 #endif
1061 #else
1062  union
1063  {
1064  PVOID ThreadUnsafe;
1065  struct
1066  {
1067  volatile UCHAR HeadNodeByte;
1068  UCHAR Reserved1[2];
1069  volatile UCHAR AcquiredByte;
1070  };
1071  };
1072 #endif
1073 
1074  union
1075  {
1076  KLOCK_ENTRY_LOCK_STATE LockState;
1077  PVOID LockUnsafe;
1078  struct
1079  {
1080 #if (NTDDI_VERSION >= NTDDI_WIN10)
1081  volatile UCHAR CrossThreadReleasableAndBusyByte;
1082 #else
1083  volatile UCHAR WaitingAndBusyByte;
1084 #endif
1085  UCHAR Reserved[sizeof(PVOID) - 2];
1086  UCHAR InTreeByte;
1087  union
1088  {
1089  PVOID SessionState;
1090  struct
1091  {
1092  ULONG SessionId;
1093 #ifdef _WIN64
1094  ULONG SessionPad;
1095 #endif
1096  };
1097  };
1098  };
1099  };
1100  union
1101  {
1102  struct
1103  {
1104  RTL_RB_TREE OwnerTree;
1105  RTL_RB_TREE WaiterTree;
1106  };
1107  CHAR CpuPriorityKey;
1108  };
1109  ULONG_PTR EntryLock;
1110  union
1111  {
1112 #if _WIN64
1113  ULONG AllBoosts : 17;
1114 #else
1115  USHORT AllBoosts;
1116 #endif
1117  struct
1118  {
1119  struct
1120  {
1121  USHORT CpuBoostsBitmap : 15;
1122  USHORT IoBoost : 1;
1123  };
1124  struct
1125  {
1126  USHORT IoQoSBoost : 1;
1127  USHORT IoNormalPriorityWaiterCount : 8;
1128  USHORT IoQoSWaiterCount : 7;
1129  };
1130  };
1131  };
1132 #if _WIN64
1133  ULONG SparePad;
1134 #endif
1135 } KLOCK_ENTRY, *PKLOCK_ENTRY;
1136 
1137 #endif
1138 
1139 //
1140 // Kernel Thread (KTHREAD)
1141 //
1142 #if (NTDDI_VERSION < NTDDI_WIN8)
1143 
1144 typedef struct _KTHREAD
1145 {
1146  DISPATCHER_HEADER Header;
1147 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1148  ULONGLONG CycleTime;
1149 #ifndef _WIN64 // [
1150  ULONG HighCycleTime;
1151 #endif // ]
1152  ULONGLONG QuantumTarget;
1153 #else // ][
1154  LIST_ENTRY MutantListHead;
1155 #endif // ]
1156  PVOID InitialStack;
1157  ULONG_PTR StackLimit; // FIXME: PVOID
1158  PVOID KernelStack;
1159  KSPIN_LOCK ThreadLock;
1160 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1161  KWAIT_STATUS_REGISTER WaitRegister;
1162  BOOLEAN Running;
1163  BOOLEAN Alerted[2];
1164  union
1165  {
1166  struct
1167  {
1168  ULONG KernelStackResident:1;
1169  ULONG ReadyTransition:1;
1170  ULONG ProcessReadyQueue:1;
1171  ULONG WaitNext:1;
1172  ULONG SystemAffinityActive:1;
1173  ULONG Alertable:1;
1174  ULONG GdiFlushActive:1;
1175  ULONG UserStackWalkActive:1;
1176  ULONG ApcInterruptRequest:1;
1177  ULONG ForceDeferSchedule:1;
1178  ULONG QuantumEndMigrate:1;
1179  ULONG UmsDirectedSwitchEnable:1;
1180  ULONG TimerActive:1;
1181  ULONG Reserved:19;
1182  };
1183  LONG MiscFlags;
1184  };
1185 #endif // ]
1186  union
1187  {
1188  KAPC_STATE ApcState;
1189  struct
1190  {
1191  UCHAR ApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1192 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1193  SCHAR Priority;
1194 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1195  /* On x86, the following members "fall out" of the union */
1196  volatile ULONG NextProcessor;
1197  volatile ULONG DeferredProcessor;
1198 #else // ][
1199  /* On x86, the following members "fall out" of the union */
1200  volatile USHORT NextProcessor;
1201  volatile USHORT DeferredProcessor;
1202 #endif // ]
1203 #else // ][
1204  UCHAR ApcQueueable;
1205  /* On x86, the following members "fall out" of the union */
1206  volatile UCHAR NextProcessor;
1207  volatile UCHAR DeferredProcessor;
1208  UCHAR AdjustReason;
1209  SCHAR AdjustIncrement;
1210 #endif // ]
1211  };
1212  };
1213  KSPIN_LOCK ApcQueueLock;
1214 #if !defined(_M_AMD64) && !defined(_M_ARM64) // [
1215  ULONG ContextSwitches;
1216  volatile UCHAR State;
1217  UCHAR NpxState;
1218  KIRQL WaitIrql;
1219  KPROCESSOR_MODE WaitMode;
1220 #endif // ]
1221  LONG_PTR WaitStatus;
1222 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1223  PKWAIT_BLOCK WaitBlockList;
1224 #else // ][
1225  union
1226  {
1227  PKWAIT_BLOCK WaitBlockList;
1228  PKGATE GateObject;
1229  };
1230 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1231  union
1232  {
1233  struct
1234  {
1235  ULONG KernelStackResident:1;
1236  ULONG ReadyTransition:1;
1237  ULONG ProcessReadyQueue:1;
1238  ULONG WaitNext:1;
1239  ULONG SystemAffinityActive:1;
1240  ULONG Alertable:1;
1241  ULONG GdiFlushActive:1;
1242  ULONG Reserved:25;
1243  };
1244  LONG MiscFlags;
1245  };
1246 #else // ][
1247  BOOLEAN Alertable;
1248  BOOLEAN WaitNext;
1249 #endif // ]
1250  UCHAR WaitReason;
1251 #if (NTDDI_VERSION < NTDDI_LONGHORN)
1252  SCHAR Priority;
1253  BOOLEAN EnableStackSwap;
1254 #endif // ]
1255  volatile UCHAR SwapBusy;
1256  BOOLEAN Alerted[MaximumMode];
1257 #endif // ]
1258  union
1259  {
1260  LIST_ENTRY WaitListEntry;
1261  SINGLE_LIST_ENTRY SwapListEntry;
1262  };
1263  PKQUEUE Queue;
1264 #if !defined(_M_AMD64) && !defined(_M_ARM64) // [
1265  ULONG WaitTime;
1266  union
1267  {
1268  struct
1269  {
1270  SHORT KernelApcDisable;
1271  SHORT SpecialApcDisable;
1272  };
1273  ULONG CombinedApcDisable;
1274  };
1275 #endif // ]
1276  struct _TEB *Teb;
1277 
1278 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1279  KTIMER Timer;
1280 #else // ][
1281  union
1282  {
1283  KTIMER Timer;
1284  struct
1285  {
1286  UCHAR TimerFill[FIELD_OFFSET(KTIMER, Period) + sizeof(LONG)];
1287 #if !defined(_WIN64) // [
1288  };
1289  };
1290 #endif // ]
1291 #endif // ]
1292  union
1293  {
1294  struct
1295  {
1296  ULONG AutoAlignment:1;
1297  ULONG DisableBoost:1;
1298 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1299  ULONG EtwStackTraceApc1Inserted:1;
1300  ULONG EtwStackTraceApc2Inserted:1;
1301  ULONG CycleChargePending:1;
1302  ULONG CalloutActive:1;
1303  ULONG ApcQueueable:1;
1304  ULONG EnableStackSwap:1;
1305  ULONG GuiThread:1;
1306  ULONG ReservedFlags:23;
1307 #else // ][
1308  LONG ReservedFlags:30;
1309 #endif // ]
1310  };
1311  LONG ThreadFlags;
1312  };
1313 #if defined(_WIN64) && (NTDDI_VERSION < NTDDI_WIN7) // [
1314  };
1315  };
1316 #endif // ]
1317 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1318 #if defined(_WIN64) // [
1319  ULONG Spare0;
1320 #else // ][
1321  PVOID ServiceTable;
1322 #endif // ]
1323 #endif // ]
1324  union
1325  {
1326  DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1327 #if (NTDDI_VERSION < NTDDI_WIN7) // [
1328  struct
1329  {
1330  UCHAR WaitBlockFill0[FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 32bit = 23, 64bit = 43
1331 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1332  UCHAR IdealProcessor;
1333 #else // ][
1334  BOOLEAN SystemAffinityActive;
1335 #endif // ]
1336  };
1337  struct
1338  {
1339  UCHAR WaitBlockFill1[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 47 / 91
1340  CCHAR PreviousMode;
1341  };
1342  struct
1343  {
1344  UCHAR WaitBlockFill2[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 71 / 139
1345  UCHAR ResourceIndex;
1346  };
1347  struct
1348  {
1349  UCHAR WaitBlockFill3[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 95 / 187
1350  UCHAR LargeStack;
1351  };
1352 #endif // ]
1353 #ifdef _WIN64 // [
1354  struct
1355  {
1356  UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1357  ULONG ContextSwitches;
1358  };
1359  struct
1360  {
1361  UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1362  UCHAR State;
1363  UCHAR NpxState;
1364  UCHAR WaitIrql;
1365  CHAR WaitMode;
1366  };
1367  struct
1368  {
1369  UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1370  ULONG WaitTime;
1371  };
1372 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1373  struct
1374  {
1375  UCHAR WaitBlockFill7[168];
1376  PVOID TebMappedLowVa;
1377  struct _UMS_CONTROL_BLOCK* Ucb;
1378  };
1379 #endif // ]
1380  struct
1381  {
1382 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1383  UCHAR WaitBlockFill8[188];
1384 #else // ][
1385  UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1386 #endif // ]
1387  union
1388  {
1389  struct
1390  {
1391  SHORT KernelApcDisable;
1392  SHORT SpecialApcDisable;
1393  };
1394  ULONG CombinedApcDisable;
1395  };
1396  };
1397 #endif // ]
1398  };
1399  LIST_ENTRY QueueListEntry;
1400  PKTRAP_FRAME TrapFrame;
1401 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1402  PVOID FirstArgument;
1403  union
1404  {
1405  PVOID CallbackStack;
1406  ULONG_PTR CallbackDepth;
1407  };
1408 #else // ][
1409  PVOID CallbackStack;
1410 #endif // ]
1411 #if (NTDDI_VERSION < NTDDI_LONGHORN) || ((NTDDI_VERSION < NTDDI_WIN7) && !defined(_WIN64)) // [
1412  PVOID ServiceTable;
1413 #endif // ]
1414 #if (NTDDI_VERSION < NTDDI_LONGHORN) && defined(_WIN64) // [
1415  ULONG KernelLimit;
1416 #endif // ]
1417  UCHAR ApcStateIndex;
1418 #if (NTDDI_VERSION < NTDDI_LONGHORN) // [
1419  UCHAR IdealProcessor;
1420  BOOLEAN Preempted;
1421  BOOLEAN ProcessReadyQueue;
1422 #ifdef _WIN64 // [
1423  PVOID Win32kTable;
1424  ULONG Win32kLimit;
1425 #endif // ]
1426  BOOLEAN KernelStackResident;
1427 #endif // ]
1428  SCHAR BasePriority;
1429  SCHAR PriorityDecrement;
1430 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1431  BOOLEAN Preempted;
1432  UCHAR AdjustReason;
1433  CHAR AdjustIncrement;
1434 #if (NTDDI_VERSION >= NTDDI_WIN7)
1435  UCHAR PreviousMode;
1436 #else
1437  UCHAR Spare01;
1438 #endif
1439 #endif // ]
1440  CHAR Saturation;
1441 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1442  ULONG SystemCallNumber;
1443 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1444  ULONG FreezeCount;
1445 #else // ][
1446  ULONG Spare02;
1447 #endif // ]
1448 #endif // ]
1449 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1450  GROUP_AFFINITY UserAffinity;
1451  struct _KPROCESS *Process;
1452  GROUP_AFFINITY Affinity;
1453  ULONG IdealProcessor;
1454  ULONG UserIdealProcessor;
1455 #else // ][
1456  KAFFINITY UserAffinity;
1457  struct _KPROCESS *Process;
1458  KAFFINITY Affinity;
1459 #endif // ]
1460  PKAPC_STATE ApcStatePointer[2];
1461  union
1462  {
1463  KAPC_STATE SavedApcState;
1464  struct
1465  {
1466  UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1467 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1468  UCHAR WaitReason;
1469 #else // ][
1470  CCHAR FreezeCount;
1471 #endif // ]
1472 #ifndef _WIN64 // [
1473  };
1474  };
1475 #endif // ]
1476  CCHAR SuspendCount;
1477 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1478  CCHAR Spare1;
1479 #else // ][
1480  UCHAR UserIdealProcessor;
1481 #endif // ]
1482 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1483 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1484  UCHAR Spare03;
1485 #else // ][
1486  UCHAR CalloutActive;
1487 #endif // ]
1488 #ifdef _WIN64 // [
1489  UCHAR CodePatchInProgress;
1490  };
1491  };
1492 #endif // ]
1493 #if defined(_M_IX86) // [
1494 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1495  UCHAR OtherPlatformFill;
1496 #else // ][
1497  UCHAR Iopl;
1498 #endif // ]
1499 #endif // ]
1500  PVOID Win32Thread;
1501  PVOID StackBase;
1502  union
1503  {
1504  KAPC SuspendApc;
1505  struct
1506  {
1507  UCHAR SuspendApcFill0[1];
1508 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1509  UCHAR ResourceIndex;
1510 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1511  CHAR Spare04;
1512 #else // ][
1513  SCHAR Quantum;
1514 #endif // ]
1515  };
1516  struct
1517  {
1518  UCHAR SuspendApcFill1[3];
1519  UCHAR QuantumReset;
1520  };
1521  struct
1522  {
1523  UCHAR SuspendApcFill2[4];
1524  ULONG KernelTime;
1525  };
1526  struct
1527  {
1528  UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)];
1529 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1530  PKPRCB WaitPrcb;
1531 #else
1532  PVOID TlsArray;
1533 #endif
1534  };
1535  struct
1536  {
1537  UCHAR SuspendApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 40 / 72
1538  PVOID LegoData;
1539  };
1540  struct
1541  {
1542  UCHAR SuspendApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 47 / 83
1543 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1544  UCHAR LargeStack;
1545 #else // ][
1546  UCHAR PowerState;
1547 #endif // ]
1548 #ifdef _WIN64 // [
1549  ULONG UserTime;
1550 #endif // ]
1551  };
1552  };
1553 #ifndef _WIN64 // [
1554  ULONG UserTime;
1555 #endif // ]
1556  union
1557  {
1558  KSEMAPHORE SuspendSemaphore;
1559  struct
1560  {
1561  UCHAR SuspendSemaphorefill[FIELD_OFFSET(KSEMAPHORE, Limit) + 4]; // 20 / 28
1562 #ifdef _WIN64 // [
1563  ULONG SListFaultCount;
1564 #endif // ]
1565  };
1566  };
1567 #ifndef _WIN64 // [
1568  ULONG SListFaultCount;
1569 #endif // ]
1570  LIST_ENTRY ThreadListEntry;
1571 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1572  LIST_ENTRY MutantListHead;
1573 #endif // ]
1574  PVOID SListFaultAddress;
1575 #ifdef _M_AMD64 // [
1576  LONG64 ReadOperationCount;
1577  LONG64 WriteOperationCount;
1578  LONG64 OtherOperationCount;
1579  LONG64 ReadTransferCount;
1580  LONG64 WriteTransferCount;
1581  LONG64 OtherTransferCount;
1582 #endif // ]
1583 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1584  PKTHREAD_COUNTERS ThreadCounters;
1585  PXSTATE_SAVE XStateSave;
1586 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1587  PVOID MdlForLockedTeb;
1588 #endif // ]
1589 } KTHREAD;
1590 
1591 #else // not (NTDDI_VERSION < NTDDI_WIN8)
1592 
1593 #if defined(_WIN64) && (NTDDI_VERSION < 0x06032580) // since WIN 8.1 Update1 6.3.9600.16384
1594 #define NUMBER_OF_LOCK_ENTRIES 5
1595 #else
1596 #define NUMBER_OF_LOCK_ENTRIES 6
1597 #endif
1598 
1599 typedef struct _KTHREAD
1600 {
1601  DISPATCHER_HEADER Header;
1602  PVOID SListFaultAddress;
1603  ULONG64 QuantumTarget;
1604  PVOID InitialStack;
1605  volatile VOID *StackLimit;
1606  PVOID StackBase;
1607  KSPIN_LOCK ThreadLock;
1608  volatile ULONG64 CycleTime;
1609 #ifndef _WIN64
1610  volatile ULONG HighCycleTime;
1611  PVOID ServiceTable;
1612 #endif
1613  ULONG CurrentRunTime;
1614  ULONG ExpectedRunTime;
1615  PVOID KernelStack;
1616  XSAVE_FORMAT* StateSaveArea;
1617  struct _KSCHEDULING_GROUP* SchedulingGroup;
1618  KWAIT_STATUS_REGISTER WaitRegister;
1619  BOOLEAN Running;
1620  BOOLEAN Alerted[MaximumMode];
1621 
1622  union
1623  {
1624  struct
1625  {
1626 #if (NTDDI_VERSION < NTDDI_WIN10)
1627  ULONG KernelStackResident : 1;
1628 #else
1629  ULONG AutoBoostActive : 1;
1630 #endif
1631  ULONG ReadyTransition : 1;
1632 #if (NTDDI_VERSION < NTDDI_WIN10TH2)
1633  ULONG ProcessReadyQueue : 1;
1634 #endif
1635  ULONG ProcessReadyQueue : 1;
1636  ULONG WaitNext : 1;
1637  ULONG SystemAffinityActive : 1;
1638  ULONG Alertable : 1;
1639 #if (NTDDI_VERSION < NTDDI_WIN81)
1640  ULONG CodePatchInProgress : 1;
1641 #endif
1642  ULONG UserStackWalkActive : 1;
1643  ULONG ApcInterruptRequest : 1;
1644  ULONG QuantumEndMigrate : 1;
1645  ULONG UmsDirectedSwitchEnable : 1;
1646  ULONG TimerActive : 1;
1647  ULONG SystemThread : 1;
1648  ULONG ProcessDetachActive : 1;
1649  ULONG CalloutActive : 1;
1650  ULONG ScbReadyQueue : 1;
1651  ULONG ApcQueueable : 1;
1652  ULONG ReservedStackInUse : 1;
1653  ULONG UmsPerformingSyscall : 1;
1654  ULONG DisableStackCheck : 1;
1655  ULONG Reserved : 12;
1656  };
1657  LONG MiscFlags;
1658  };
1659 
1660  union
1661  {
1662  struct
1663  {
1664  ULONG AutoAlignment : 1;
1665  ULONG DisableBoost : 1;
1666  ULONG UserAffinitySet : 1;
1667  ULONG AlertedByThreadId : 1;
1668  ULONG QuantumDonation : 1;
1669  ULONG EnableStackSwap : 1;
1670  ULONG GuiThread : 1;
1671  ULONG DisableQuantum : 1;
1672  ULONG ChargeOnlyGroup : 1;
1673  ULONG DeferPreemption : 1;
1674  ULONG QueueDeferPreemption : 1;
1675  ULONG ForceDeferSchedule : 1;
1676  ULONG ExplicitIdealProcessor : 1;
1677  ULONG FreezeCount : 1;
1678 #if (NTDDI_VERSION >= 0x060324D7) // since 6.3.9431.0
1679  ULONG TerminationApcRequest : 1;
1680 #endif
1681 #if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.16384
1682  ULONG AutoBoostEntriesExhausted : 1;
1683 #endif
1684 #if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.17031
1685  ULONG KernelStackResident : 1;
1686 #endif
1687 #if (NTDDI_VERSION >= NTDDI_WIN10)
1688  ULONG CommitFailTerminateRequest : 1;
1689  ULONG ProcessStackCountDecremented : 1;
1690  ULONG ThreadFlagsSpare : 5;
1691 #endif
1692  ULONG EtwStackTraceApcInserted : 8;
1693 #if (NTDDI_VERSION < NTDDI_WIN10)
1694  ULONG ReservedFlags : 10;
1695 #endif
1696  };
1697  LONG ThreadFlags;
1698  };
1699 
1700 #if (NTDDI_VERSION >= NTDDI_WIN10)
1701  volatile UCHAR Tag;
1702  UCHAR SystemHeteroCpuPolicy;
1703  UCHAR UserHeteroCpuPolicy : 7;
1704  UCHAR ExplicitSystemHeteroCpuPolicy : 1;
1705  UCHAR Spare0;
1706 #else
1707  ULONG Spare0;
1708 #endif
1709  ULONG SystemCallNumber;
1710 #ifdef _WIN64
1711  ULONG Spare1; // Win 10: Spare10
1712 #endif
1713  PVOID FirstArgument;
1714  PKTRAP_FRAME TrapFrame;
1715 
1716  union
1717  {
1718  KAPC_STATE ApcState;
1719  struct
1720  {
1721  UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]; // 32bit: 23/0x17, 64bit: 43/0x2B
1722  SCHAR Priority;
1723  ULONG UserIdealProcessor;
1724  };
1725  };
1726 
1727 #ifndef _WIN64
1728  ULONG ContextSwitches;
1729  volatile UCHAR State;
1730 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10074.0
1731  CHAR Spare12;
1732 #else
1733  CHAR NpxState;
1734 #endif
1735  KIRQL WaitIrql;
1736  KPROCESSOR_MODE WaitMode;
1737 #endif
1738 
1739  volatile INT_PTR WaitStatus;
1740  PKWAIT_BLOCK WaitBlockList;
1741  union
1742  {
1743  LIST_ENTRY WaitListEntry;
1744  SINGLE_LIST_ENTRY SwapListEntry;
1745  };
1746  PKQUEUE Queue;
1747  PVOID Teb;
1748 #if (NTDDI_VERSION >= NTDDI_WIN8 /* 0x060223F0 */) // since 6.2.9200.16384
1749  ULONG64 RelativeTimerBias;
1750 #endif
1751  KTIMER Timer;
1752 
1753  union
1754  {
1755  DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1756 #ifdef _WIN64
1757  struct
1758  {
1759  UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 20/0x14
1760  ULONG ContextSwitches;
1761  };
1762  struct
1763  {
1764  UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 68/0x44
1765  UCHAR State;
1766 #if (NTDDI_VERSION >= NTDDI_WIN10)
1767  CHAR Spare13;
1768 #else
1769  CHAR NpxState;
1770 #endif
1771  UCHAR WaitIrql;
1772  CHAR WaitMode;
1773  };
1774  struct
1775  {
1776  UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 116/0x74
1777  ULONG WaitTime;
1778  };
1779  struct
1780  {
1781  UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 164/0xA4
1782  union
1783  {
1784  struct
1785  {
1786  SHORT KernelApcDisable;
1787  SHORT SpecialApcDisable;
1788  };
1789  ULONG CombinedApcDisable;
1790  };
1791  };
1792 #endif
1793  struct
1794  {
1795  UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 20/0x14, 64bit: 40/0x28
1796  struct _KTHREAD_COUNTERS *ThreadCounters;
1797  };
1798  struct
1799  {
1800  UCHAR WaitBlockFill9[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 44/0x2C, 64bit: 88/0x58
1801  PXSTATE_SAVE XStateSave;
1802  };
1803  struct
1804  {
1805  UCHAR WaitBlockFill10[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 68/0x44, 64bit: 136/0x88
1806  PVOID Win32Thread;
1807  };
1808  struct
1809  {
1810  UCHAR WaitBlockFill11[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, Object)]; // 32bit: 88/0x58, 64bit: 176/0xB0
1811 #ifdef _WIN64
1812  struct _UMS_CONTROL_BLOCK* Ucb;
1813  struct _KUMS_CONTEXT_HEADER* Uch;
1814 #else
1815  ULONG WaitTime;
1816  union
1817  {
1818  struct
1819  {
1820  SHORT KernelApcDisable;
1821  SHORT SpecialApcDisable;
1822  };
1823  ULONG CombinedApcDisable;
1824  };
1825 #endif
1826  };
1827  };
1828 
1829 #ifdef _WIN64
1830  PVOID TebMappedLowVa;
1831 #endif
1832  LIST_ENTRY QueueListEntry;
1833 #if (NTDDI_VERSION >= 0x060223F0) // since 6.2.9200.16384
1834  union
1835  {
1836  ULONG NextProcessor;
1837  struct
1838  {
1839  ULONG NextProcessorNumber : 31;
1840  ULONG SharedReadyQueue : 1;
1841  };
1842  };
1843  LONG QueuePriority;
1844 #else
1845  ULONG NextProcessor;
1846  ULONG DeferredProcessor;
1847 #endif
1848  PKPROCESS Process;
1849 
1850  union
1851  {
1852  GROUP_AFFINITY UserAffinity;
1853  struct
1854  {
1855  UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
1856  CHAR PreviousMode;
1857  CHAR BasePriority;
1858  union
1859  {
1860  CHAR PriorityDecrement;
1861  struct
1862  {
1863  UCHAR ForegroundBoost : 4;
1864  UCHAR UnusualBoost : 4;
1865  };
1866  };
1867  UCHAR Preempted;
1868  UCHAR AdjustReason;
1869  CHAR AdjustIncrement;
1870  };
1871  };
1872 
1873 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1874  ULONG_PTR AffinityVersion;
1875 #endif
1876  union
1877  {
1878  GROUP_AFFINITY Affinity;
1879  struct
1880  {
1881  UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
1882  UCHAR ApcStateIndex;
1883  UCHAR WaitBlockCount;
1884  ULONG IdealProcessor;
1885  };
1886  };
1887 
1888 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1889 #ifdef _WIN64
1890  ULONG64 NpxState;
1891 #else
1892  ULONG Spare15;
1893 #endif
1894 #else
1895  PKAPC_STATE ApcStatePointer[2];
1896 #endif
1897 
1898  union
1899  {
1900  KAPC_STATE SavedApcState;
1901  struct
1902  {
1903  UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1]; // 32bit: 23/0x17, 64bit: 43/0x2B
1904  UCHAR WaitReason;
1905  CHAR SuspendCount;
1906  CHAR Saturation;
1907  SHORT SListFaultCount;
1908  };
1909  };
1910 
1911  union
1912  {
1913  KAPC SchedulerApc;
1914  struct
1915  {
1916  UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]; // 32bit: 1/0x01, 64bit: 1/0x01
1917  UCHAR ResourceIndex;
1918  };
1919  struct
1920  {
1921  UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]; // 32bit: 3/0x03, 64bit: 3/0x03
1922  UCHAR QuantumReset;
1923  };
1924  struct
1925  {
1926  UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]; // 32bit: 4/0x04, 64bit: 4/0x04
1927  ULONG KernelTime;
1928  };
1929  struct
1930  {
1931  UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]; // 32 bit:, 64 bit: 64/0x40
1932  PKPRCB WaitPrcb;
1933  };
1934  struct
1935  {
1936  UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 32 bit:, 64 bit: 72/0x48
1937  PVOID LegoData;
1938  };
1939  struct
1940  {
1941  UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 32 bit:, 64 bit: 83/0x53
1942  UCHAR CallbackNestingLevel;
1943  ULONG UserTime;
1944  };
1945  };
1946 
1947  KEVENT SuspendEvent;
1948  LIST_ENTRY ThreadListEntry;
1949  LIST_ENTRY MutantListHead;
1950 
1951 #if (NTDDI_VERSION >= NTDDI_WIN10)
1952  UCHAR AbEntrySummary;
1953  UCHAR AbWaitEntryCount;
1954  USHORT Spare20;
1955 #if _WIN64
1956  ULONG SecureThreadCookie;
1957 #endif
1958 #elif (NTDDI_VERSION >= NTDDI_WINBLUE) // 6.3.9431.0
1959  SINGLE_LIST_ENTRY LockEntriesFreeList;
1960 #endif
1961 
1962 #if (NTDDI_VERSION >= NTDDI_WINBLUE /* 0x06032580 */) // since 6.3.9600.16384
1963  KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES];
1964  SINGLE_LIST_ENTRY PropagateBoostsEntry;
1965  SINGLE_LIST_ENTRY IoSelfBoostsEntry;
1966  UCHAR PriorityFloorCounts[16];
1967  ULONG PriorityFloorSummary;
1968  volatile LONG AbCompletedIoBoostCount;
1969  #if (NTDDI_VERSION >= NTDDI_WIN10_RS1)
1970  LONG AbCompletedIoQoSBoostCount;
1971  #endif
1972 
1973  #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1974  volatile SHORT KeReferenceCount;
1975  #else
1976  volatile SHORT AbReferenceCount;
1977  #endif
1978  #if (NTDDI_VERSION >= 0x06040000) // since 6.4.9841.0
1979  UCHAR AbOrphanedEntrySummary;
1980  UCHAR AbOwnedEntryCount;
1981  #else
1982  UCHAR AbFreeEntryCount;
1983  UCHAR AbWaitEntryCount;
1984  #endif
1985  ULONG ForegroundLossTime;
1986  union
1987  {
1988  LIST_ENTRY GlobalForegroundListEntry;
1989  struct
1990  {
1991  SINGLE_LIST_ENTRY ForegroundDpcStackListEntry;
1992  ULONG_PTR InGlobalForegroundList;
1993  };
1994  };
1995 #endif
1996 
1997 #if _WIN64
1998  LONG64 ReadOperationCount;
1999  LONG64 WriteOperationCount;
2000  LONG64 OtherOperationCount;
2001  LONG64 ReadTransferCount;
2002  LONG64 WriteTransferCount;
2003  LONG64 OtherTransferCount;
2004 #endif
2005 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10041.0
2006  struct _KSCB *QueuedScb;
2007 #ifndef _WIN64
2008  ULONG64 NpxState;
2009 #endif
2010 #endif
2011 } KTHREAD;
2012 
2013 #endif
2014 
2015 
2016 #define ASSERT_THREAD(object) \
2017  ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ThreadObject))
2018 
2019 //
2020 // Kernel Process (KPROCESS)
2021 //
2022 typedef struct _KPROCESS
2023 {
2024  DISPATCHER_HEADER Header;
2025  LIST_ENTRY ProfileListHead;
2026 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
2027  ULONG_PTR DirectoryTableBase;
2028  ULONG_PTR Unused0;
2029 #else
2030  ULONG_PTR DirectoryTableBase[2];
2031 #endif
2032 #if defined(_M_IX86)
2033  KGDTENTRY LdtDescriptor;
2034  KIDTENTRY Int21Descriptor;
2035 #endif
2036  USHORT IopmOffset;
2037 #if defined(_M_IX86)
2038  UCHAR Iopl;
2039  UCHAR Unused;
2040 #endif
2041  volatile KAFFINITY ActiveProcessors;
2042  ULONG KernelTime;
2043  ULONG UserTime;
2044  LIST_ENTRY ReadyListHead;
2045  SINGLE_LIST_ENTRY SwapListEntry;
2046  PVOID VdmTrapcHandler;
2047  LIST_ENTRY ThreadListHead;
2048  KSPIN_LOCK ProcessLock;
2049  KAFFINITY Affinity;
2050  union
2051  {
2052  struct
2053  {
2054  LONG AutoAlignment:1;
2055  LONG DisableBoost:1;
2056  LONG DisableQuantum:1;
2057  LONG ReservedFlags:29;
2058  };
2059  LONG ProcessFlags;
2060  };
2061  SCHAR BasePriority;
2062  SCHAR QuantumReset;
2063  UCHAR State;
2064  UCHAR ThreadSeed;
2065  UCHAR PowerState;
2066  UCHAR IdealNode;
2067  UCHAR Visited;
2068  union
2069  {
2070  KEXECUTE_OPTIONS Flags;
2071  UCHAR ExecuteOptions;
2072  };
2073  ULONG StackCount;
2074  LIST_ENTRY ProcessListEntry;
2075 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
2076  ULONGLONG CycleTime;
2077 #endif // ]
2078 } KPROCESS;
2079 
2080 #define ASSERT_PROCESS(object) \
2081  ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ProcessObject))
2082 
2083 //
2084 // System Service Table Descriptor
2085 //
2086 typedef struct _KSERVICE_TABLE_DESCRIPTOR
2087 {
2088  PULONG_PTR Base;
2089  PULONG Count;
2090  ULONG Limit;
2091 #if defined(_IA64_)
2092  LONG TableBaseGpOffset;
2093 #endif
2094  PUCHAR Number;
2095 } KSERVICE_TABLE_DESCRIPTOR, *PKSERVICE_TABLE_DESCRIPTOR;
2096 
2097 #if (NTDDI_VERSION >= NTDDI_WIN8)
2098 //
2099 // Entropy Timing State
2100 //
2101 typedef struct _KENTROPY_TIMING_STATE
2102 {
2103  ULONG EntropyCount;
2104  ULONG Buffer[64];
2105  KDPC Dpc;
2106  ULONG LastDeliveredBuffer;
2107  PULONG RawDataBuffer;
2108 } KENTROPY_TIMING_STATE, *PKENTROPY_TIMING_STATE;
2109 
2110 //
2111 // Constants from ks386.inc, ksamd64.inc and ksarm.h
2112 //
2113 #define KENTROPY_TIMING_INTERRUPTS_PER_BUFFER 0x400
2114 #define KENTROPY_TIMING_BUFFER_MASK 0x7ff
2115 #define KENTROPY_TIMING_ANALYSIS 0x0
2116 
2117 #endif /* (NTDDI_VERSION >= NTDDI_WIN8) */
2118 
2119 //
2120 // Exported Loader Parameter Block
2121 //
2122 extern struct _LOADER_PARAMETER_BLOCK NTSYSAPI *KeLoaderBlock;
2123 
2124 //
2125 // Exported Hardware Data
2126 //
2127 extern ULONG NTSYSAPI KiDmaIoCoherency;
2128 extern ULONG NTSYSAPI KeMaximumIncrement;
2129 extern ULONG NTSYSAPI KeMinimumIncrement;
2130 extern ULONG NTSYSAPI KeDcacheFlushCount;
2131 extern ULONG NTSYSAPI KeIcacheFlushCount;
2132 extern ULONG_PTR NTSYSAPI KiBugCheckData[];
2133 extern BOOLEAN NTSYSAPI KiEnableTimerWatchdog;
2134 
2135 //
2136 // Exported System Service Descriptor Tables
2137 //
2138 extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES];
2139 extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES];
2140 
2141 #endif // !NTOS_MODE_USER
2142 
2143 #endif // _KETYPES_H
_EXCEPTION_REGISTRATION_RECORD
Definition: compat.h:583
_KUSER_SHARED_DATA::LargePageMinimum
ULONG LargePageMinimum
Definition: ketypes.h:1167
_KPROFILE::Started
BOOLEAN Started
Definition: ketypes.h:867
_KINTERRUPT::ServiceCount
ULONG ServiceCount
Definition: ketypes.h:899
_KWAIT_REASON
_KWAIT_REASON
Definition: ketypes.h:402
_KPROFILE::Type
CSHORT Type
Definition: ketypes.h:856
_KTHREAD::SuspendApcFill3
UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]
Definition: ketypes.h:1931
_FIBER::StackBase
PVOID StackBase
Definition: ketypes.h:183
_KPROCESS::QuantumReset
SCHAR QuantumReset
Definition: ketypes.h:2062
_KTHREAD::ThreadFlags
LONG ThreadFlags
Definition: ketypes.h:1697
_KSYSTEM_TIME::LowPart
ULONG LowPart
Definition: ketypes.h:917
_FIBER::FiberContext
CONTEXT FiberContext
Definition: ketypes.h:186
KTIMER_TABLE
struct _KTIMER_TABLE KTIMER_TABLE
_KTHREAD::AbCompletedIoQoSBoostCount
LONG AbCompletedIoQoSBoostCount
Definition: ketypes.h:1970
_KUSER_SHARED_DATA::NtMinorVersion
ULONG NtMinorVersion
Definition: ketypes.h:1172
_KPROFILE::Buffer
PVOID Buffer
Definition: ketypes.h:863
Unused
_Must_inspect_result_ typedef _In_ PVOID Unused
Definition: iotypes.h:1166
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAttempts
ULONG ExAcqResSharedWaitForExclusiveAttempts
Definition: ketypes.h:767
_KTHREAD::FreezeCount
ULONG FreezeCount
Definition: ketypes.h:1677
IN
#define IN
Definition: typedefs.h:39
_KPROCESS::Unused0
ULONG_PTR Unused0
Definition: ketypes.h:2028
_KUSER_SHARED_DATA::SharedDataFlags
ULONG SharedDataFlags
Definition: ketypes.h:1204
_VDMSERVICECLASS
_VDMSERVICECLASS
Definition: ketypes.h:503
_KTHREAD
Definition: ketypes.h:1599
_KUSER_SHARED_DATA
Definition: ketypes.h:1155
_KTHREAD::AutoBoostActive
ULONG AutoBoostActive
Definition: ketypes.h:1629
_KLOCK_ENTRY::Spare1
UCHAR Spare1
Definition: ketypes.h:1048
PKPROCESS_STATE
enum _KPROCESS_STATE * PKPROCESS_STATE
_RTL_BALANCED_NODE
Definition: ntdef.template.h:321
_KINTERRUPT::Connected
BOOLEAN Connected
Definition: ketypes.h:892
_KPROFILE::Affinity
KAFFINITY Affinity
Definition: ketypes.h:865
_KTIMER_TABLE_ENTRY::Lock
KSPIN_LOCK Lock
Definition: ketypes.h:716
_KUSER_SHARED_DATA::UserModeGlobalLogger
USHORT UserModeGlobalLogger[16]
Definition: ketypes.h:1240
_KTHREAD::EtwStackTraceApcInserted
ULONG EtwStackTraceApcInserted
Definition: ketypes.h:1692
_KLOCK_ENTRY::AllBoosts
USHORT AllBoosts
Definition: ketypes.h:1115
_KTHREAD::UserIdealProcessor
ULONG UserIdealProcessor
Definition: ketypes.h:1723
KAPC_STATE
KAPC_STATE
Definition: ketypes.h:1285
_KTHREAD::TimerActive
ULONG TimerActive
Definition: ketypes.h:1646
_KUSER_SHARED_DATA::Cookie
ULONG Cookie
Definition: ketypes.h:1232
KENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE KENTROPY_TIMING_STATE
_KPROCESS::DisableBoost
LONG DisableBoost
Definition: ketypes.h:2055
_KTHREAD::Spare20
USHORT Spare20
Definition: ketypes.h:1954
_KPROCESS_STATE
_KPROCESS_STATE
Definition: ketypes.h:491
_SYNCH_COUNTERS::ExTryToAcqExclusiveAttempts
ULONG ExTryToAcqExclusiveAttempts
Definition: ketypes.h:776
_KTHREAD::AbWaitEntryCount
UCHAR AbWaitEntryCount
Definition: ketypes.h:1953
_KPROFILE::RangeBase
PVOID RangeBase
Definition: ketypes.h:860
KDPC_DATA
struct _KDPC_DATA KDPC_DATA
_KLOCK_ENTRY::WaiterTree
RTL_RB_TREE WaiterTree
Definition: ketypes.h:1105
_KINTERRUPT::SpinLock
KSPIN_LOCK SpinLock
Definition: ketypes.h:884
_GENERAL_LOOKASIDE
Definition: extypes.h:134
_KUSER_SHARED_DATA::Reserved2
ULONG Reserved2[7]
Definition: ketypes.h:1168
_GETSETCONTEXT::Context
CONTEXT Context
Definition: ketypes.h:848
KAPC_ENVIRONMENT
enum _KAPC_ENVIRONMENT KAPC_ENVIRONMENT
_KTHREAD::EnableStackSwap
ULONG EnableStackSwap
Definition: ketypes.h:1669
_KENTROPY_TIMING_STATE::LastDeliveredBuffer
ULONG LastDeliveredBuffer
Definition: ketypes.h:2106
_ALTERNATIVE_ARCHITECTURE_TYPE
_ALTERNATIVE_ARCHITECTURE_TYPE
Definition: ketypes.h:889
_KTHREAD::AlertedByThreadId
ULONG AlertedByThreadId
Definition: ketypes.h:1667
_KTHREAD::AbCompletedIoBoostCount
volatile LONG AbCompletedIoBoostCount
Definition: ketypes.h:1968
_KTIMER_TABLE::TimerEntries
KTIMER_TABLE_ENTRY TimerEntries[256]
Definition: ketypes.h:725
_KPROCESS::DirectoryTableBase
ULONG_PTR DirectoryTableBase
Definition: ketypes.h:2027
KOBJECTS
enum _KOBJECTS KOBJECTS
_KPROCESS::State
UCHAR State
Definition: ketypes.h:2063
_KTHREAD::SpecialApcDisable
SHORT SpecialApcDisable
Definition: ketypes.h:1821
_KLOCK_ENTRY::IoNormalPriorityWaiterCount
USHORT IoNormalPriorityWaiterCount
Definition: ketypes.h:1127
_KQUEUE
Definition: ketypes.h:1291
_KLOCK_ENTRY::AcquiredBit
UCHAR AcquiredBit
Definition: ketypes.h:1038
_SINGLE_LIST_ENTRY
Definition: ntbasedef.h:628
_KTIMER
Definition: ketypes.h:839
_KTHREAD::ForegroundLossTime
ULONG ForegroundLossTime
Definition: ketypes.h:1985
_KTHREAD::CombinedApcDisable
ULONG CombinedApcDisable
Definition: ketypes.h:1823
_FIBER::ExceptionList
struct _EXCEPTION_REGISTRATION_RECORD * ExceptionList
Definition: ketypes.h:182
StartRoutine
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine
Definition: psfuncs.h:87
_KLOCK_ENTRY::EntryFlags
ULONG EntryFlags
Definition: ketypes.h:1022
_KDPC_LIST::LastEntry
SINGLE_LIST_ENTRY * LastEntry
Definition: ketypes.h:731
_SYNCH_COUNTERS::ExSetResOwnerPointerExclusive
ULONG ExSetResOwnerPointerExclusive
Definition: ketypes.h:773
_KUSER_SHARED_DATA::SystemExpirationDate
LARGE_INTEGER SystemExpirationDate
Definition: ketypes.h:1179
_KTHREAD::UserStackWalkActive
ULONG UserStackWalkActive
Definition: ketypes.h:1642
_KPROCESS::BasePriority
SCHAR BasePriority
Definition: ketypes.h:2061
_KTHREAD::SavedApcState
KAPC_STATE SavedApcState
Definition: ketypes.h:1900
_KPROCESS::ProcessFlags
LONG ProcessFlags
Definition: ketypes.h:2059
_SYNCH_COUNTERS::ExSetResOwnerPointerSharedOld
ULONG ExSetResOwnerPointerSharedOld
Definition: ketypes.h:775
_SYNCH_COUNTERS::ExAcqResExclusiveAttempts
ULONG ExAcqResExclusiveAttempts
Definition: ketypes.h:750
_KTHREAD::ServiceTable
PVOID ServiceTable
Definition: ketypes.h:1611
_KTHREAD::UnusualBoost
UCHAR UnusualBoost
Definition: ketypes.h:1864
_FIBER::StackLimit
PVOID StackLimit
Definition: ketypes.h:184
_KOBJECTS
_KOBJECTS
Definition: ketypes.h:437
_KTRAP_FRAME
Definition: ketypes.h:311
_KTHREAD::SchedulerApcFill2
UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]
Definition: ketypes.h:1926
_KSERVICE_TABLE_DESCRIPTOR::Number
PUCHAR Number
Definition: ketypes.h:2094
_KTHREAD::ThreadCounters
struct _KTHREAD_COUNTERS * ThreadCounters
Definition: ketypes.h:1796
_KTHREAD::SchedulerApcFill5
UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted)+1]
Definition: ketypes.h:1941
PUCHAR
unsigned char * PUCHAR
Definition: retypes.h:3
CHAR
char CHAR
Definition: xmlstorage.h:175
_KEVENT_PAIR::Size
CSHORT Size
Definition: ketypes.h:917
_KTHREAD::ProcessDetachActive
ULONG ProcessDetachActive
Definition: ketypes.h:1648
_KINTERRUPT::MessageServiceRoutine
PKSERVICE_ROUTINE MessageServiceRoutine
Definition: ketypes.h:880
_KPROCESS::IopmOffset
USHORT IopmOffset
Definition: ketypes.h:2036
_KTHREAD::SListFaultAddress
PVOID SListFaultAddress
Definition: ketypes.h:1602
_KLOCK_ENTRY_LOCK_STATE
Definition: ketypes.h:982
PKTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY * PKTIMER_TABLE_ENTRY
_KUSER_SHARED_DATA::ConsoleSessionForegroundProcessId
LONGLONG ConsoleSessionForegroundProcessId
Definition: ketypes.h:1235
_KSERVICE_TABLE_DESCRIPTOR::Limit
ULONG Limit
Definition: ketypes.h:2090
_KTHREAD::Spare15
ULONG Spare15
Definition: ketypes.h:1892
_KTHREAD::CommitFailTerminateRequest
ULONG CommitFailTerminateRequest
Definition: ketypes.h:1688
_KEXECUTE_OPTIONS
Definition: ketypes.h:925
KWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER KWAIT_STATUS_REGISTER
_KUSER_SHARED_DATA::TestRetInstruction
ULONGLONG TestRetInstruction
Definition: ketypes.h:1220
_KTHREAD::Priority
SCHAR Priority
Definition: ketypes.h:1722
_KUSER_SHARED_DATA::MaxStackTraceDepth
ULONG MaxStackTraceDepth
Definition: ketypes.h:1164
_KLOCK_ENTRY::AcquiredByte
UCHAR AcquiredByte
Definition: ketypes.h:1037
State
_In_ ULONG _In_ ULONG State
Definition: potypes.h:516
KCONTINUE_STATUS
enum _KCONTINUE_STATUS KCONTINUE_STATUS
_KWAIT_STATUS_REGISTER::Unused
UCHAR Unused
Definition: ketypes.h:948
PKUSER_SHARED_DATA
struct _KUSER_SHARED_DATA * PKUSER_SHARED_DATA
_KTHREAD::UmsPerformingSyscall
ULONG UmsPerformingSyscall
Definition: ketypes.h:1653
_COUNTER_READING::Total
ULONG64 Total
Definition: ketypes.h:957
_KNODE::_flags::Removable
UCHAR Removable
Definition: ketypes.h:832
KDPC_LIST
struct _KDPC_LIST KDPC_LIST
_KUSER_SHARED_DATA::CryptoExponent
ULONG CryptoExponent
Definition: ketypes.h:1165
_KTHREAD::Saturation
CHAR Saturation
Definition: ketypes.h:1906
_KTHREAD::Alerted
BOOLEAN Alerted[MaximumMode]
Definition: ketypes.h:1620
Period
_In_ LARGE_INTEGER _In_ ULONG Period
Definition: kefuncs.h:1326
_FIBER
Definition: ketypes.h:179
_KTHREAD::TrapFrame
PKTRAP_FRAME TrapFrame
Definition: ketypes.h:1714
_KTHREAD::QuantumDonation
ULONG QuantumDonation
Definition: ketypes.h:1668
_COUNTER_READING
Definition: ketypes.h:952
_KLOCK_ENTRY_LOCK_STATE::InTree
ULONG_PTR InTree
Definition: ketypes.h:995
_KTHREAD::SystemThread
ULONG SystemThread
Definition: ketypes.h:1647
KEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS KEXECUTE_OPTIONS
_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsCount
ULONG ExEtwSynchTrackingNotificationsCount
Definition: ketypes.h:780
_SYNCH_COUNTERS::IpiSendRequestBroadcastCount
ULONG IpiSendRequestBroadcastCount
Definition: ketypes.h:739
_XSTATE_SAVE
Definition: ketypes.h:977
_SYNCH_COUNTERS::ExAcqResSharedAttempts
ULONG ExAcqResSharedAttempts
Definition: ketypes.h:755
PKSPIN_LOCK
KSPIN_LOCK * PKSPIN_LOCK
Definition: env_spec_w32.h:73
_KUSER_SHARED_DATA::TimeSlip
volatile ULONG TimeSlip
Definition: ketypes.h:1176
_KTHREAD::WaitBlockList
PKWAIT_BLOCK WaitBlockList
Definition: ketypes.h:1740
_KTHREAD::Reserved
ULONG Reserved
Definition: ketypes.h:1655
_KINTERRUPT::Type
CSHORT Type
Definition: ketypes.h:875
_KLOCK_ENTRY::IoQoSBoost
USHORT IoQoSBoost
Definition: ketypes.h:1126
_KENTROPY_TIMING_STATE::RawDataBuffer
PULONG RawDataBuffer
Definition: ketypes.h:2107
_KTHREAD::UserAffinitySet
ULONG UserAffinitySet
Definition: ketypes.h:1666
_KTHREAD::DeferPreemption
ULONG DeferPreemption
Definition: ketypes.h:1673
_KNODE::FreeCount
ULONG_PTR FreeCount[2]
Definition: ketypes.h:836
_KLOCK_ENTRY
Definition: ketypes.h:1012
INT_PTR
int32_t INT_PTR
Definition: typedefs.h:64
_HARDWARE_COUNTER_TYPE
_HARDWARE_COUNTER_TYPE
Definition: pstypes.h:123
SSDT_MAX_ENTRIES
#define SSDT_MAX_ENTRIES
Definition: ketypes.h:100
_KTHREAD::Process
PKPROCESS Process
Definition: ketypes.h:1848
NUMBER_OF_LOCK_ENTRIES
#define NUMBER_OF_LOCK_ENTRIES
Definition: ketypes.h:1596
PKEVENT_PAIR
struct _KEVENT_PAIR * PKEVENT_PAIR
_KTHREAD::ProcessReadyQueue
ULONG ProcessReadyQueue
Definition: ketypes.h:1635
_KLOCK_ENTRY_LOCK_STATE::Busy
ULONG_PTR Busy
Definition: ketypes.h:993
KEVENT_PAIR
struct _KEVENT_PAIR KEVENT_PAIR
KiDmaIoCoherency
ULONG NTSYSAPI KiDmaIoCoherency
Definition: cpu.c:27
_KNODE::PfnDeferredList
struct _SINGLE_LIST_ENTRY * PfnDeferredList
Definition: ketypes.h:837
_KLOCK_ENTRY::LockState
KLOCK_ENTRY_LOCK_STATE LockState
Definition: ketypes.h:1076
KeIcacheFlushCount
ULONG NTSYSAPI KeIcacheFlushCount
Definition: cpu.c:19
_KUSER_SHARED_DATA::InterruptTime
volatile KSYSTEM_TIME InterruptTime
Definition: ketypes.h:1158
NTSYSAPI
#define NTSYSAPI
Definition: ntoskrnl.h:12
_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusiveRecursive
ULONG ExAcqResExclusiveAcquiresExclusiveRecursive
Definition: ketypes.h:752
_KGDTENTRY
Definition: ketypes.h:334
_KINTERRUPT::FloatingSave
BOOLEAN FloatingSave
Definition: ketypes.h:891
_KEXECUTE_OPTIONS::ExecuteDisable
UCHAR ExecuteDisable
Definition: ketypes.h:927
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAttempts
ULONG ExAcqResSharedStarveExclusiveAttempts
Definition: ketypes.h:761
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveWaits
ULONG ExAcqResSharedStarveExclusiveWaits
Definition: ketypes.h:765
SYNCH_COUNTERS
struct _SYNCH_COUNTERS SYNCH_COUNTERS
_KUSER_SHARED_DATA::SystemCallReturn
ULONG SystemCallReturn
Definition: ketypes.h:1222
_RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.
Definition: ketypes.h:974
_KLOCK_ENTRY::FreeListEntry
SINGLE_LIST_ENTRY FreeListEntry
Definition: ketypes.h:1017
_KTHREAD_COUNTERS::HardwareCounters
ULONG64 HardwareCounters
Definition: ketypes.h:967
_KDPC_DATA::DpcLock
ULONG_PTR DpcLock
Definition: ketypes.h:794
_SYNCH_COUNTERS::ExAcqResSharedWaits
ULONG ExAcqResSharedWaits
Definition: ketypes.h:759
_KTHREAD_COUNTERS
Definition: ketypes.h:960
_KTHREAD::UmsDirectedSwitchEnable
ULONG UmsDirectedSwitchEnable
Definition: ketypes.h:1645
_KPROFILE_SOURCE
_KPROFILE_SOURCE
Definition: winternl.h:2122
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresExclusive
ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive
Definition: ketypes.h:762
_KTIMER_TABLE::TimerExpiry
PKTIMER TimerExpiry[64]
Definition: ketypes.h:724
PKDPC_DATA
struct _KDPC_DATA * PKDPC_DATA
_KINTERRUPT::Mode
KINTERRUPT_MODE Mode
Definition: ketypes.h:895
KPROCESS_STATE
enum _KPROCESS_STATE KPROCESS_STATE
_KTHREAD::HighCycleTime
volatile ULONG HighCycleTime
Definition: ketypes.h:1610
PKSERVICE_ROUTINE
KSERVICE_ROUTINE * PKSERVICE_ROUTINE
Definition: ketypes.h:500
_KTHREAD::ExplicitIdealProcessor
ULONG ExplicitIdealProcessor
Definition: ketypes.h:1676
_KSERVICE_TABLE_DESCRIPTOR::Count
PULONG Count
Definition: ketypes.h:2089
_SYNCH_COUNTERS::ExAcqResSharedAcquiresExclusive
ULONG ExAcqResSharedAcquiresExclusive
Definition: ketypes.h:756
_KTIMER_TABLE_ENTRY
Definition: ketypes.h:713
_TIMER_TYPE
_TIMER_TYPE
Definition: ntdef.template.h:360
_KTHREAD::WaitPrcb
PKPRCB WaitPrcb
Definition: ketypes.h:1932
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
_KLOCK_ENTRY_LOCK_STATE::LockState
PVOID LockState
Definition: ketypes.h:997
_KTHREAD::NextProcessor
ULONG NextProcessor
Definition: ketypes.h:1845
_KUSER_SHARED_DATA::SafeBootMode
BOOLEAN SafeBootMode
Definition: ketypes.h:1190
_KPROCESS::ReservedFlags
LONG ReservedFlags
Definition: ketypes.h:2057
_KNODE::DeadStackList
SLIST_HEADER DeadStackList
Definition: ketypes.h:825
_KTHREAD::AutoAlignment
ULONG AutoAlignment
Definition: ketypes.h:1664
_FIBER::FiberData
PVOID FiberData
Definition: ketypes.h:181
KiEnableTimerWatchdog
BOOLEAN NTSYSAPI KiEnableTimerWatchdog
Definition: timerobj.c:20
_ACTIVATION_CONTEXT_STACK
Definition: rtltypes.h:971
_KLOCK_ENTRY::IoQoSWaiter
UCHAR IoQoSWaiter
Definition: ketypes.h:1047
PRTL_RB_TREE
struct _RTL_RB_TREE * PRTL_RB_TREE
PCOUNTER_READING
struct _COUNTER_READING * PCOUNTER_READING
KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591
_KPROFILE::Process
struct _KPROCESS * Process
Definition: ketypes.h:859
_SYNCH_COUNTERS::ExecutiveResourceReleaseSharedCount
ULONG ExecutiveResourceReleaseSharedCount
Definition: ketypes.h:748
_KTHREAD::PriorityFloorCounts
UCHAR PriorityFloorCounts[16]
Definition: ketypes.h:1966
_KLOCK_ENTRY::AllFlags
ULONG AllFlags
Definition: ketypes.h:1055
PNT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE * PNT_PRODUCT_TYPE
_SYNCH_COUNTERS::ExBoostSharedOwners
ULONG ExBoostSharedOwners
Definition: ketypes.h:779
_KLOCK_ENTRY::TreeNode
RTL_BALANCED_NODE TreeNode
Definition: ketypes.h:1016
PKSYSTEM_ROUTINE
VOID(NTAPI * PKSYSTEM_ROUTINE)(PKSTART_ROUTINE StartRoutine, PVOID StartContext)
Definition: ketypes.h:677
GETSETCONTEXT
struct _GETSETCONTEXT GETSETCONTEXT
_KTHREAD::XStateSave
PXSTATE_SAVE XStateSave
Definition: ketypes.h:1801
_KTHREAD::ForegroundDpcStackListEntry
SINGLE_LIST_ENTRY ForegroundDpcStackListEntry
Definition: ketypes.h:1991
NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
_KTHREAD::MiscFlags
LONG MiscFlags
Definition: ketypes.h:1657
_KWAIT_STATUS_REGISTER::UserApc
UCHAR UserApc
Definition: ketypes.h:946
_KUSER_SHARED_DATA::NtMajorVersion
ULONG NtMajorVersion
Definition: ketypes.h:1171
_KTHREAD::KernelApcDisable
SHORT KernelApcDisable
Definition: ketypes.h:1820
_KPROFILE::Source
KPROFILE_SOURCE Source
Definition: ketypes.h:866
_KTHREAD::CallbackNestingLevel
UCHAR CallbackNestingLevel
Definition: ketypes.h:1942
_KUSER_SHARED_DATA::ImageFileExecutionOptions
ULONG ImageFileExecutionOptions
Definition: ketypes.h:1246
_KINTERRUPT::TickCount
ULONG TickCount
Definition: ketypes.h:885
PKSTART_ROUTINE
KSTART_ROUTINE * PKSTART_ROUTINE
Definition: ketypes.h:487
_KUSER_SHARED_DATA::SystemTime
volatile KSYSTEM_TIME SystemTime
Definition: ketypes.h:1159
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresShared
ULONG ExAcqResSharedWaitForExclusiveAcquiresShared
Definition: ketypes.h:769
_RTL_RB_TREE::Min
PRTL_BALANCED_NODE Min
Definition: ketypes.h:977
_KEXECUTE_OPTIONS::Spare
UCHAR Spare
Definition: ketypes.h:933
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresShared
ULONG ExAcqResSharedStarveExclusiveAcquiresShared
Definition: ketypes.h:763
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveNotAcquires
ULONG ExAcqResSharedStarveExclusiveNotAcquires
Definition: ketypes.h:766
_SYNCH_COUNTERS::ExAcqResSharedNotAcquires
ULONG ExAcqResSharedNotAcquires
Definition: ketypes.h:760
_GETSETCONTEXT::Apc
KAPC Apc
Definition: ketypes.h:845
LONG
long LONG
Definition: pedump.c:60
_SYNCH_COUNTERS::ExSetResOwnerPointerSharedNew
ULONG ExSetResOwnerPointerSharedNew
Definition: ketypes.h:774
_KPROCESS::ExecuteOptions
UCHAR ExecuteOptions
Definition: ketypes.h:2071
_KUSER_SHARED_DATA::NtProductType
NT_PRODUCT_TYPE NtProductType
Definition: ketypes.h:1169
_KDPC_DATA::DpcList
KDPC_LIST DpcList
Definition: ketypes.h:790
_KTHREAD::SystemHeteroCpuPolicy
UCHAR SystemHeteroCpuPolicy
Definition: ketypes.h:1702
_KTHREAD::ApcState
KAPC_STATE ApcState
Definition: ketypes.h:1718
SHORT
short SHORT
Definition: pedump.c:59
_KLOCK_ENTRY::EntryOffset
UCHAR EntryOffset
Definition: ketypes.h:1025
_KTHREAD::SystemAffinityActive
ULONG SystemAffinityActive
Definition: ketypes.h:1637
PKTHREAD_COUNTERS
struct _KTHREAD_COUNTERS * PKTHREAD_COUNTERS
_KTHREAD::FirstArgument
PVOID FirstArgument
Definition: ketypes.h:1713
_KLOCK_ENTRY::SessionId
ULONG SessionId
Definition: ketypes.h:1092
_KUSER_SHARED_DATA::KdDebuggerEnabled
BOOLEAN KdDebuggerEnabled
Definition: ketypes.h:1181
_KLOCK_ENTRY::EntryLock
ULONG_PTR EntryLock
Definition: ketypes.h:1109
_GETSETCONTEXT::Event
KEVENT Event
Definition: ketypes.h:846
_KDPC_LIST
Definition: ketypes.h:728
_KTHREAD::WaitNext
ULONG WaitNext
Definition: ketypes.h:1636
_SYNCH_COUNTERS::ExAcqResSharedAcquiresShared
ULONG ExAcqResSharedAcquiresShared
Definition: ketypes.h:757
_KUSER_SHARED_DATA::TickCountMultiplier
ULONG TickCountMultiplier
Definition: ketypes.h:1157
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
Definition: ketypes.h:770
_KTHREAD_COUNTERS::CycleTimeBias
ULONG64 CycleTimeBias
Definition: ketypes.h:966
_KEXECUTE_OPTIONS::ImageDispatchEnable
UCHAR ImageDispatchEnable
Definition: ketypes.h:932
_KLOCK_ENTRY::CrossThreadReleasableAndBusyByte
volatile UCHAR CrossThreadReleasableAndBusyByte
Definition: ketypes.h:1081
_KTHREAD::UserHeteroCpuPolicy
UCHAR UserHeteroCpuPolicy
Definition: ketypes.h:1703
_KTHREAD::ApcInterruptRequest
ULONG ApcInterruptRequest
Definition: ketypes.h:1643
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
_KPROFILE::ProfileListEntry
LIST_ENTRY ProfileListEntry
Definition: ketypes.h:858
_KTHREAD_COUNTERS::WaitReasonBitMap
ULONG64 WaitReasonBitMap
Definition: ketypes.h:962
_KPROCESS::StackCount
ULONG StackCount
Definition: ketypes.h:2073
_LOADER_PARAMETER_BLOCK
Definition: arc.h:491
KPROFILE_SOURCE
enum _KPROFILE_SOURCE KPROFILE_SOURCE
_GETSETCONTEXT
Definition: ketypes.h:843
_KPROFILE::RangeLimit
PVOID RangeLimit
Definition: ketypes.h:861
_KSERVICE_TABLE_DESCRIPTOR
Definition: ketypes.h:2086
KINTERRUPT_MODE
enum _KINTERRUPT_MODE KINTERRUPT_MODE
_PP_LOOKASIDE_LIST
Definition: ketypes.h:809
_KUSER_SHARED_DATA::TickCountLowDeprecated
ULONG TickCountLowDeprecated
Definition: ketypes.h:1156
_KDPC_LIST::ListHead
SINGLE_LIST_ENTRY ListHead
Definition: ketypes.h:730
_KLOCK_ENTRY::IoQoSWaiterCount
USHORT IoQoSWaiterCount
Definition: ketypes.h:1128
VDMSERVICECLASS
enum _VDMSERVICECLASS VDMSERVICECLASS
_In_
#define _In_
Definition: ms_sal.h:308
PKLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE * PKLOCK_ENTRY_LOCK_STATE
_KLOCK_ENTRY::IoBoost
USHORT IoBoost
Definition: ketypes.h:1122
_KTHREAD::QueueListEntry
LIST_ENTRY QueueListEntry
Definition: ketypes.h:1832
_KPROCESS::ProcessListEntry
LIST_ENTRY ProcessListEntry
Definition: ketypes.h:2074
Reserved
_Reserved_ PVOID Reserved
Definition: winddi.h:3974
PKKERNEL_ROUTINE
VOID(NTAPI * PKKERNEL_ROUTINE)(IN struct _KAPC *Apc, IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL, IN OUT PVOID *NormalContext OPTIONAL, IN OUT PVOID *SystemArgument1 OPTIONAL, IN OUT PVOID *SystemArgument2 OPTIONAL)
Definition: ketypes.h:694
Buffer
Definition: bufpool.h:45
_KTHREAD::WaitBlockFill10
UCHAR WaitBlockFill10[2 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1805
_KTHREAD::KernelStack
PVOID KernelStack
Definition: ketypes.h:1615
_KUSER_SHARED_DATA::ImageNumberHigh
USHORT ImageNumberHigh
Definition: ketypes.h:1162
_FIBER::DeallocationStack
PVOID DeallocationStack
Definition: ketypes.h:185
_ULARGE_INTEGER
Definition: ms-dtyp.idl:184
DECLSPEC_ALIGN
struct DECLSPEC_ALIGN(16) _M128A
Definition: ketypes.h:922
_GETSETCONTEXT::Mode
KPROCESSOR_MODE Mode
Definition: ketypes.h:847
_KTIMER_TABLE
Definition: ketypes.h:722
PVOID
void * PVOID
Definition: retypes.h:9
_FIBER::FlsData
PVOID FlsData
Definition: ketypes.h:190
_KLOCK_ENTRY::CpuPriorityKey
CHAR CpuPriorityKey
Definition: ketypes.h:1107
_KTHREAD::Timer
KTIMER Timer
Definition: ketypes.h:1751
_KINTERRUPT::DispatchCount
ULONG DispatchCount
Definition: ketypes.h:900
_KPROCESS::ThreadListHead
LIST_ENTRY ThreadListHead
Definition: ketypes.h:2047
KTHREAD_STATE
enum _KTHREAD_STATE KTHREAD_STATE
_KLOCK_ENTRY_LOCK_STATE::Reserved
ULONG_PTR Reserved
Definition: ketypes.h:994
_KTHREAD::ScbReadyQueue
ULONG ScbReadyQueue
Definition: ketypes.h:1650
_KEXECUTE_OPTIONS::DisableThunkEmulation
UCHAR DisableThunkEmulation
Definition: ketypes.h:929
_KPROCESS::DisableQuantum
LONG DisableQuantum
Definition: ketypes.h:2056
KSYSTEM_TIME
struct _KSYSTEM_TIME KSYSTEM_TIME
_KDPC_DATA::DpcCount
ULONG DpcCount
Definition: ketypes.h:800
_KINTERRUPT::Number
CCHAR Number
Definition: ketypes.h:893
KeLoaderBlock
struct _LOADER_PARAMETER_BLOCK NTSYSAPI * KeLoaderBlock
Definition: krnlinit.c:29
MAX_WOW64_SHARED_ENTRIES
#define MAX_WOW64_SHARED_ENTRIES
Definition: ketypes.h:1143
PKSYSTEM_TIME
struct _KSYSTEM_TIME * PKSYSTEM_TIME
_KTHREAD::WaitReason
UCHAR WaitReason
Definition: ketypes.h:1904
_KTHREAD::BasePriority
CHAR BasePriority
Definition: ketypes.h:1857
_KTIMER_TABLE_ENTRY::Time
ULARGE_INTEGER Time
Definition: ketypes.h:719
_KLOCK_ENTRY_LOCK_STATE::SessionId
ULONG SessionId
Definition: ketypes.h:1004
_SYNCH_COUNTERS::ExecutiveResourceAcquiresCount
ULONG ExecutiveResourceAcquiresCount
Definition: ketypes.h:745
EVENT_TYPE
enum _EVENT_TYPE EVENT_TYPE
_SYNCH_COUNTERS::ExDeleteResourceCount
ULONG ExDeleteResourceCount
Definition: ketypes.h:744
_KUSER_SHARED_DATA::ImageNumberLow
USHORT ImageNumberLow
Definition: ketypes.h:1161
PKWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER * PKWAIT_STATUS_REGISTER
UserTime
_Out_ PULONG UserTime
Definition: kefuncs.h:773
_KTHREAD::ExplicitSystemHeteroCpuPolicy
UCHAR ExplicitSystemHeteroCpuPolicy
Definition: ketypes.h:1704
_KNODE::Flags
struct _KNODE::_flags Flags
KLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE KLOCK_ENTRY_LOCK_STATE
_KUSER_SHARED_DATA::TickCount
volatile KSYSTEM_TIME TickCount
Definition: ketypes.h:1225
PKINTERRUPT_ROUTINE
VOID(NTAPI * PKINTERRUPT_ROUTINE)(VOID)
Definition: ketypes.h:490
_KTHREAD::DisableBoost
ULONG DisableBoost
Definition: ketypes.h:1665
_KTHREAD::Alertable
ULONG Alertable
Definition: ketypes.h:1638
SystemArgument1
_In_opt_ PVOID _In_opt_ PVOID SystemArgument1
Definition: ketypes.h:675
_KTHREAD::NpxState
ULONG64 NpxState
Definition: ketypes.h:2008
_KTHREAD::PropagateBoostsEntry
SINGLE_LIST_ENTRY PropagateBoostsEntry
Definition: ketypes.h:1964
_KINTERRUPT::InterruptListEntry
LIST_ENTRY InterruptListEntry
Definition: ketypes.h:877
_KTHREAD::WaitStatus
volatile INT_PTR WaitStatus
Definition: ketypes.h:1739
LONGLONG
int64_t LONGLONG
Definition: typedefs.h:68
PFIBER
struct _FIBER * PFIBER
_KPROCESS::Affinity
KAFFINITY Affinity
Definition: ketypes.h:2049
LONG64
int64_t LONG64
Definition: typedefs.h:68
KPROCESS
struct _KPROCESS KPROCESS
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
PTIMER_APC_ROUTINE
VOID(NTAPI * PTIMER_APC_ROUTINE)(_In_ PVOID TimerContext, _In_ ULONG TimerLowValue, _In_ LONG TimerHighValue)
Definition: ketypes.h:1098
KeMaximumIncrement
ULONG NTSYSAPI KeMaximumIncrement
Definition: clock.c:20
_KLOCK_ENTRY::CpuBoostsBitmap
USHORT CpuBoostsBitmap
Definition: ketypes.h:1121
KLOCK_ENTRY
struct _KLOCK_ENTRY KLOCK_ENTRY
_KWAIT_STATUS_REGISTER::Priority
UCHAR Priority
Definition: ketypes.h:944
_KTIMER_TABLE_ENTRY::Entry
LIST_ENTRY Entry
Definition: ketypes.h:718
_COUNTER_READING::Start
ULONG64 Start
Definition: ketypes.h:956
_KINTERRUPT::Irql
KIRQL Irql
Definition: ketypes.h:889
_FIBER::TebFlags
ULONG TebFlags
Definition: ketypes.h:192
_KTHREAD::KernelTime
ULONG KernelTime
Definition: ketypes.h:1927
PKRUNDOWN_ROUTINE
VOID(NTAPI * PKRUNDOWN_ROUTINE)(IN struct _KAPC *Apc)
Definition: ketypes.h:690
_KINTERRUPT::Rsvd1
ULONGLONG Rsvd1
Definition: ketypes.h:902
_KTHREAD_COUNTERS::UserData
struct _THREAD_PERFORMANCE_DATA * UserData
Definition: ketypes.h:963
_KSYSTEM_TIME::High1Time
LONG High1Time
Definition: ketypes.h:918
_KLOCK_ENTRY::HeadNodeBit
UCHAR HeadNodeBit
Definition: ketypes.h:1045
_KLOCK_ENTRY::WaitingBit
UCHAR WaitingBit
Definition: ketypes.h:1031
_KNODE::MmShiftedColor
ULONG MmShiftedColor
Definition: ketypes.h:835
MODE
enum _MODE MODE
PROCESSOR_FEATURE_MAX
#define PROCESSOR_FEATURE_MAX
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
_KUSER_SHARED_DATA::AlternativeArchitecture
ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture
Definition: ketypes.h:1177
_KTHREAD::SchedulerApc
KAPC SchedulerApc
Definition: ketypes.h:1913
_KPROCESS::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:2045
_KWAIT_STATUS_REGISTER::Flags
UCHAR Flags
Definition: ketypes.h:939
_KLOCK_ENTRY::CrossThreadFlags
UCHAR CrossThreadFlags
Definition: ketypes.h:1042
CCHAR
char CCHAR
Definition: typedefs.h:51
_KTHREAD::Spare0
UCHAR Spare0
Definition: ketypes.h:1705
_SYNCH_COUNTERS::ExAcqResExclusiveNotAcquires
ULONG ExAcqResExclusiveNotAcquires
Definition: ketypes.h:754
ULONGLONG
uint64_t ULONGLONG
Definition: typedefs.h:67
_KLOCK_ENTRY::IoPriorityBit
UCHAR IoPriorityBit
Definition: ketypes.h:1046
_KTHREAD::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:1744
KUSER_SHARED_DATA
struct _KUSER_SHARED_DATA KUSER_SHARED_DATA
_KPROCESS::Visited
UCHAR Visited
Definition: ketypes.h:2067
_KINTERRUPT::ShareVector
BOOLEAN ShareVector
Definition: ketypes.h:894
_KUSER_SHARED_DATA::DbgElevationEnabled
ULONG DbgElevationEnabled
Definition: ketypes.h:1207
_KTHREAD::ExpectedRunTime
ULONG ExpectedRunTime
Definition: ketypes.h:1614
_KTHREAD::StackLimit
volatile VOID * StackLimit
Definition: ketypes.h:1605
SCHAR
signed char SCHAR
Definition: sqltypes.h:14
Affinity
_In_ ULONG _In_ ULONG _In_ ULONG _Out_ PKIRQL _Out_ PKAFFINITY Affinity
Definition: halfuncs.h:170
_KINTERRUPT::MessageIndex
ULONG MessageIndex
Definition: ketypes.h:881
WAIT_TYPE
enum _WAIT_TYPE WAIT_TYPE
RTL_RB_TREE
struct _RTL_RB_TREE RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.
_KTHREAD::IoSelfBoostsEntry
SINGLE_LIST_ENTRY IoSelfBoostsEntry
Definition: ketypes.h:1965
_KTHREAD::Queue
PKQUEUE Queue
Definition: ketypes.h:1746
_KINTERRUPT::Polarity
KINTERRUPT_POLARITY Polarity
Definition: ketypes.h:897
_KEVENT_PAIR
Definition: ketypes.h:914
_KTHREAD::QuantumTarget
ULONG64 QuantumTarget
Definition: ketypes.h:1603
RTL_SIZEOF_THROUGH_FIELD
#define RTL_SIZEOF_THROUGH_FIELD(type, field)
Definition: ntbasedef.h:672
_KTHREAD::WaitBlockFill8
UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1795
_KUSER_SHARED_DATA::TimeZoneId
ULONG TimeZoneId
Definition: ketypes.h:1166
_KUSER_SHARED_DATA::Reserved3
ULONG Reserved3
Definition: ketypes.h:1175
_SYNCH_COUNTERS::ExReInitializeResourceCount
ULONG ExReInitializeResourceCount
Definition: ketypes.h:743
_KEXECUTE_OPTIONS::Permanent
UCHAR Permanent
Definition: ketypes.h:930
_KTHREAD::SchedulingGroup
struct _KSCHEDULING_GROUP * SchedulingGroup
Definition: ketypes.h:1617
_KLOCK_ENTRY::LockUnsafe
PVOID LockUnsafe
Definition: ketypes.h:1077
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
PPP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST * PPP_LOOKASIDE_LIST
_KTHREAD::ChargeOnlyGroup
ULONG ChargeOnlyGroup
Definition: ketypes.h:1672
_KTHREAD::ForegroundBoost
UCHAR ForegroundBoost
Definition: ketypes.h:1863
FIBER
struct _FIBER FIBER
_SYNCH_COUNTERS
Definition: ketypes.h:734
_KTHREAD::WaitListEntry
LIST_ENTRY WaitListEntry
Definition: ketypes.h:1743
_KTHREAD::AffinityFill
UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:1881
_KTHREAD::SuspendEvent
KEVENT SuspendEvent
Definition: ketypes.h:1947
_KTHREAD::AdjustReason
UCHAR AdjustReason
Definition: ketypes.h:1868
_PP_LOOKASIDE_LIST::L
struct _GENERAL_LOOKASIDE * L
Definition: ketypes.h:812
_FIBER::GuaranteedStackBytes
ULONG GuaranteedStackBytes
Definition: ketypes.h:191
_KUSER_SHARED_DATA::NumberOfPhysicalPages
ULONG NumberOfPhysicalPages
Definition: ketypes.h:1189
_KPROCESS::CycleTime
ULONGLONG CycleTime
Definition: ketypes.h:2076
_KTHREAD::AbEntrySummary
UCHAR AbEntrySummary
Definition: ketypes.h:1952
_KTHREAD::QuantumEndMigrate
ULONG QuantumEndMigrate
Definition: ketypes.h:1644
KINTERRUPT_POLARITY
enum _KINTERRUPT_POLARITY KINTERRUPT_POLARITY
ULONG64
unsigned __int64 ULONG64
Definition: imports.h:198
TIMER_TYPE
enum _TIMER_TYPE TIMER_TYPE
_KTHREAD::DisableStackCheck
ULONG DisableStackCheck
Definition: ketypes.h:1654
_KTHREAD_COUNTERS::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:965
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
KTHREAD_COUNTERS
struct _KTHREAD_COUNTERS KTHREAD_COUNTERS
_KINTERRUPT::Vector
ULONG Vector
Definition: ketypes.h:888
_SYNCH_COUNTERS::ExBoostExclusiveOwner
ULONG ExBoostExclusiveOwner
Definition: ketypes.h:778
_KUSER_SHARED_DATA::Reserved1
ULONG Reserved1
Definition: ketypes.h:1174
_KTHREAD_COUNTERS::HwCounter
COUNTER_READING HwCounter[16]
Definition: ketypes.h:968
_KINTERRUPT::ServiceRoutine
PKSERVICE_ROUTINE ServiceRoutine
Definition: ketypes.h:878
_KTHREAD::AbFreeEntryCount
UCHAR AbFreeEntryCount
Definition: ketypes.h:1982
_KPROCESS::ThreadSeed
UCHAR ThreadSeed
Definition: ketypes.h:2064
_SYNCH_COUNTERS::ExecutiveResourceConvertsCount
ULONG ExecutiveResourceConvertsCount
Definition: ketypes.h:749
_EVENT_TYPE
_EVENT_TYPE
Definition: ntdef.template.h:355
_KPROFILE::Size
CSHORT Size
Definition: ketypes.h:857
_KAPC::NormalContext
PVOID NormalContext
Definition: ketypes.h:550
_KDPC
Definition: ketypes.h:687
_KPROCESS::IdealNode
UCHAR IdealNode
Definition: ketypes.h:2066
_KPRCB
Definition: ketypes.h:560
_KTHREAD::RelativeTimerBias
ULONG64 RelativeTimerBias
Definition: ketypes.h:1749
_CONTEXT
Definition: nt_native.h:1406
_KWAIT_STATUS_REGISTER::State
UCHAR State
Definition: ketypes.h:942
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
VOID
#define VOID
Definition: acefi.h:82
_COUNTER_READING::Index
ULONG Index
Definition: ketypes.h:955
_SYNCH_COUNTERS::ExecutiveResourceContentionsCount
ULONG ExecutiveResourceContentionsCount
Definition: ketypes.h:746
Ready
Definition: ketypes.h:422
_KEVENT_PAIR::LowEvent
KEVENT LowEvent
Definition: ketypes.h:918
_KUSER_SHARED_DATA::SuiteMask
ULONG SuiteMask
Definition: ketypes.h:1180
_KTHREAD::IdealProcessor
ULONG IdealProcessor
Definition: ketypes.h:1884
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresExclusive
ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive
Definition: ketypes.h:768
_KTHREAD::InGlobalForegroundList
ULONG_PTR InGlobalForegroundList
Definition: ketypes.h:1992
_KTHREAD::SchedulerApcFill4
UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]
Definition: ketypes.h:1936
_KAPC
Definition: ketypes.h:535
_GROUP_AFFINITY
Definition: ntbasedef.h:659
_KPROCESS::ReadyListHead
LIST_ENTRY ReadyListHead
Definition: ketypes.h:2044
_MODE
_MODE
Definition: ketypes.h:10
_KAPC_ENVIRONMENT
_KAPC_ENVIRONMENT
Definition: ketypes.h:705
_LIST_ENTRY
Definition: typedefs.h:119
_KGATE
Definition: ketypes.h:810
_KINTERRUPT
Definition: ketypes.h:873
_SYNCH_COUNTERS::SpinLockSpinCount
ULONG SpinLockSpinCount
Definition: ketypes.h:738
_KTHREAD::ForceDeferSchedule
ULONG ForceDeferSchedule
Definition: ketypes.h:1675
PGETSETCONTEXT
struct _GETSETCONTEXT * PGETSETCONTEXT
_KTHREAD::ApcStateFill
UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]
Definition: ketypes.h:1721
KTHREAD
struct _KTHREAD KTHREAD
_KUSER_SHARED_DATA::ActiveConsoleId
volatile ULONG ActiveConsoleId
Definition: ketypes.h:1185
_KUSER_SHARED_DATA::TimeZoneBias
volatile KSYSTEM_TIME TimeZoneBias
Definition: ketypes.h:1160
_SYNCH_COUNTERS::ExAcqResSharedAcquiresSharedRecursive
ULONG ExAcqResSharedAcquiresSharedRecursive
Definition: ketypes.h:758
_KNODE::Color
UCHAR Color
Definition: ketypes.h:828
Object
_Must_inspect_result_ _In_ WDFCOLLECTION _In_ WDFOBJECT Object
Definition: wdfcollection.h:120
_SYNCH_COUNTERS::IpiSendRequestRoutineCount
ULONG IpiSendRequestRoutineCount
Definition: ketypes.h:740
_KTHREAD::PriorityFloorSummary
ULONG PriorityFloorSummary
Definition: ketypes.h:1967
_KPROCESS::ProcessLock
KSPIN_LOCK ProcessLock
Definition: ketypes.h:2048
_KWAIT_BLOCK
Definition: ketypes.h:443
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
Definition: ketypes.h:764
_KTHREAD::CurrentRunTime
ULONG CurrentRunTime
Definition: ketypes.h:1613
PKTIMER_TABLE
struct _KTIMER_TABLE * PKTIMER_TABLE
SystemArgument2
_In_opt_ PVOID _In_opt_ PVOID _In_opt_ PVOID SystemArgument2
Definition: ketypes.h:675
_DISPATCHER_HEADER
Definition: ketypes.h:728
_KEVENT_PAIR::Type
CSHORT Type
Definition: ketypes.h:916
_KENTROPY_TIMING_STATE
Definition: ketypes.h:2101
_KTHREAD::QuantumReset
UCHAR QuantumReset
Definition: ketypes.h:1922
_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusive
ULONG ExAcqResExclusiveAcquiresExclusive
Definition: ketypes.h:751
_KINTERRUPT::ActualLock
PKSPIN_LOCK ActualLock
Definition: ketypes.h:886
_KTHREAD::StackBase
PVOID StackBase
Definition: ketypes.h:1606
_KINTERRUPT::DispatchCode
ULONG DispatchCode[DISPATCH_LENGTH]
Definition: ketypes.h:908
_KTHREAD::SavedApcStateFill
UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending)+1]
Definition: ketypes.h:1903
KeMinimumIncrement
ULONG NTSYSAPI KeMinimumIncrement
Definition: clock.c:21
_KSYSTEM_TIME::High2Time
LONG High2Time
Definition: ketypes.h:919
_KTHREAD::QueueDeferPreemption
ULONG QueueDeferPreemption
Definition: ketypes.h:1674
_TEB
Definition: compat.h:694
_KUSER_SHARED_DATA::DbgVirtEnabled
ULONG DbgVirtEnabled
Definition: ketypes.h:1208
_KDPC_DATA::DpcQueueDepth
volatile ULONG DpcQueueDepth
Definition: ketypes.h:798
_KLOCK_ENTRY_LOCK_STATE::SessionState
PVOID SessionState
Definition: ketypes.h:1001
_SYNCH_COUNTERS::ExTryToAcqExclusiveAcquires
ULONG ExTryToAcqExclusiveAcquires
Definition: ketypes.h:777
_KUSER_SHARED_DATA::DbgInstallerDetectEnabled
ULONG DbgInstallerDetectEnabled
Definition: ketypes.h:1209
_KTHREAD::LockEntries
KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES]
Definition: ketypes.h:1963
_SYNCH_COUNTERS::SpinLockContentionCount
ULONG SpinLockContentionCount
Definition: ketypes.h:737
_KPROCESS
Definition: ketypes.h:2022
_KNODE::_flags
Definition: ketypes.h:831
_KTHREAD::PreviousMode
CHAR PreviousMode
Definition: ketypes.h:1856
_KTHREAD::SchedulerApcFill1
UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]
Definition: ketypes.h:1921
_KUSER_SHARED_DATA::NtSystemRoot
WCHAR NtSystemRoot[260]
Definition: ketypes.h:1163
_KPROFILE::Segment
ULONG_PTR Segment
Definition: ketypes.h:864
_NT_PRODUCT_TYPE
_NT_PRODUCT_TYPE
Definition: ntdef.template.h:349
_PP_LOOKASIDE_LIST::P
struct _GENERAL_LOOKASIDE * P
Definition: ketypes.h:811
_KLOCK_ENTRY::ThreadLocalFlags
UCHAR ThreadLocalFlags
Definition: ketypes.h:1028
_KLOCK_ENTRY::OwnerTree
RTL_RB_TREE OwnerTree
Definition: ketypes.h:1104
_KTHREAD::CalloutActive
ULONG CalloutActive
Definition: ketypes.h:1649
USHORT
unsigned short USHORT
Definition: pedump.c:61
PSYNCH_COUNTERS
struct _SYNCH_COUNTERS * PSYNCH_COUNTERS
_KENTROPY_TIMING_STATE::Dpc
KDPC Dpc
Definition: ketypes.h:2105
_KUSER_SHARED_DATA::TickCountQuad
volatile ULONG64 TickCountQuad
Definition: ketypes.h:1226
_KTHREAD::PriorityDecrement
CHAR PriorityDecrement
Definition: ketypes.h:1860
_KTHREAD::SuspendCount
CHAR SuspendCount
Definition: ketypes.h:1905
KAFFINITY
ULONG_PTR KAFFINITY
Definition: compat.h:85
_KNODE::_flags::Fill
UCHAR Fill
Definition: ketypes.h:833
PowerState
_Must_inspect_result_ _In_ PWDFDEVICE_INIT _In_ WDF_DEVICE_POWER_STATE PowerState
Definition: wdfdevice.h:3032
_KDPC_DATA
Definition: ketypes.h:787
_SYNCH_COUNTERS::ExAcqResExclusiveWaits
ULONG ExAcqResExclusiveWaits
Definition: ketypes.h:753
_KSEMAPHORE
Definition: ketypes.h:803
ALTERNATIVE_ARCHITECTURE_TYPE
enum _ALTERNATIVE_ARCHITECTURE_TYPE ALTERNATIVE_ARCHITECTURE_TYPE
PKPROFILE
struct _KPROFILE * PKPROFILE
KSPIN_LOCK
ULONG KSPIN_LOCK
Definition: env_spec_w32.h:72
_KENTROPY_TIMING_STATE::EntropyCount
ULONG EntropyCount
Definition: ketypes.h:2103
_KLOCK_ENTRY::StaticState
ULONG StaticState
Definition: ketypes.h:1054
_KPROCESS::ActiveProcessors
volatile KAFFINITY ActiveProcessors
Definition: ketypes.h:2041
_KTHREAD::CycleTime
volatile ULONG64 CycleTime
Definition: ketypes.h:1608
_KLOCK_ENTRY::Spare0
UCHAR Spare0
Definition: ketypes.h:1032
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
_KPROCESS::ProfileListHead
LIST_ENTRY ProfileListHead
Definition: ketypes.h:2025
LONG_PTR
__int3264 LONG_PTR
Definition: mstsclib_h.h:276
_SYNCH_COUNTERS::SpinLockAcquireCount
ULONG SpinLockAcquireCount
Definition: ketypes.h:736
_KTHREAD::WaitBlockCount
UCHAR WaitBlockCount
Definition: ketypes.h:1883
OPTIONAL
#define OPTIONAL
Definition: typedefs.h:41
PULONG
unsigned int * PULONG
Definition: retypes.h:1
_KUSER_SHARED_DATA::SystemCallPad
ULONGLONG SystemCallPad[3]
Definition: ketypes.h:1223
_KTHREAD::AdjustIncrement
CHAR AdjustIncrement
Definition: ketypes.h:1869
_KUSER_SHARED_DATA::NXSupportPolicy
UCHAR NXSupportPolicy
Definition: ketypes.h:1183
_SYNCH_COUNTERS::ExInitializeResourceCount
ULONG ExInitializeResourceCount
Definition: ketypes.h:742
_FIBER::Wx86Tib
PVOID Wx86Tib
Definition: ketypes.h:188
Reserved1
Definition: bcd.h:201
_KTHREAD::Spare12
CHAR Spare12
Definition: ketypes.h:1731
_KINTERRUPT::SynchronizeIrql
KIRQL SynchronizeIrql
Definition: ketypes.h:890
_KTHREAD::SchedulerApcFill0
UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]
Definition: ketypes.h:1916
_KEVENT
Definition: ketypes.h:799
_KPROCESS::KernelTime
ULONG KernelTime
Definition: ketypes.h:2042
_KTHREAD::ThreadListEntry
LIST_ENTRY ThreadListEntry
Definition: ketypes.h:1948
XSAVE_FORMAT
XSAVE_FORMAT
Definition: ketypes.h:951
_KTHREAD::ReservedStackInUse
ULONG ReservedStackInUse
Definition: ketypes.h:1652
_KTHREAD::QueuedScb
struct _KSCB * QueuedScb
Definition: ketypes.h:2006
_KUSER_SHARED_DATA::LastSystemRITEventTickCount
ULONG LastSystemRITEventTickCount
Definition: ketypes.h:1188
_KTHREAD::Teb
PVOID Teb
Definition: ketypes.h:1747
_LARGE_INTEGER
Definition: typedefs.h:102
_KEXECUTE_OPTIONS::ExecuteEnable
UCHAR ExecuteEnable
Definition: ketypes.h:928
_KSERVICE_TABLE_DESCRIPTOR::Base
PULONG_PTR Base
Definition: ketypes.h:2088
_KPROFILE::BucketShift
ULONG BucketShift
Definition: ketypes.h:862
PKTHREAD_STATE
enum _KTHREAD_STATE * PKTHREAD_STATE
_KTHREAD::UserTime
ULONG UserTime
Definition: ketypes.h:1943
KSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR KSERVICE_TABLE_DESCRIPTOR
PKENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE * PKENTROPY_TIMING_STATE
_KPROCESS::Flags
KEXECUTE_OPTIONS Flags
Definition: ketypes.h:2070
COUNTER_READING
struct _COUNTER_READING COUNTER_READING
_KTHREAD::ResourceIndex
UCHAR ResourceIndex
Definition: ketypes.h:1917
_KTHREAD::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:1601
DISPATCH_LENGTH
#define DISPATCH_LENGTH
Definition: ketypes.h:207
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
_KLOCK_ENTRY_LOCK_STATE::CrossThreadReleasable
ULONG_PTR CrossThreadReleasable
Definition: ketypes.h:989
KWAIT_REASON
enum _KWAIT_REASON KWAIT_REASON
_ADJUST_REASON
_ADJUST_REASON
Definition: ketypes.h:470
_KTHREAD::GlobalForegroundListEntry
LIST_ENTRY GlobalForegroundListEntry
Definition: ketypes.h:1988
_KTHREAD::LegoData
PVOID LegoData
Definition: ketypes.h:1937
_KTHREAD::UserAffinityFill
UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:1855
_KTHREAD::Running
BOOLEAN Running
Definition: ketypes.h:1619
_KLOCK_ENTRY::SessionState
PVOID SessionState
Definition: ketypes.h:1089
_KTHREAD_COUNTERS::Flags
ULONG Flags
Definition: ketypes.h:964
_KTHREAD::StateSaveArea
XSAVE_FORMAT * StateSaveArea
Definition: ketypes.h:1616
OUT
#define OUT
Definition: typedefs.h:40
KeServiceDescriptorTable
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES]
Definition: procobj.c:23
NT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE NT_PRODUCT_TYPE
_KTHREAD::State
volatile UCHAR State
Definition: ketypes.h:1729
_KTHREAD::Win32Thread
PVOID Win32Thread
Definition: ketypes.h:1806
_KLOCK_ENTRY::InTreeByte
UCHAR InTreeByte
Definition: ketypes.h:1086
_KTHREAD::Affinity
GROUP_AFFINITY Affinity
Definition: ketypes.h:1878
_KINTERRUPT::Size
CSHORT Size
Definition: ketypes.h:876
_KTHREAD_STATE
_KTHREAD_STATE
Definition: ketypes.h:419
KINTERRUPT
struct _KINTERRUPT KINTERRUPT
ULONG
unsigned int ULONG
Definition: retypes.h:1
_KWAIT_STATUS_REGISTER::Apc
UCHAR Apc
Definition: ketypes.h:945
KeDcacheFlushCount
ULONG NTSYSAPI KeDcacheFlushCount
Definition: cpu.c:20
_KTHREAD::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:1728
_KTHREAD::SListFaultCount
SHORT SListFaultCount
Definition: ketypes.h:1907
_RTL_RB_TREE::Root
PRTL_BALANCED_NODE Root
Definition: ketypes.h:976
TimerContext
_In_ PLARGE_INTEGER _In_opt_ PTIMER_APC_ROUTINE _In_opt_ PVOID TimerContext
Definition: zwfuncs.h:428
_KTHREAD::DeferredProcessor
ULONG DeferredProcessor
Definition: ketypes.h:1846
PULONG_PTR
uint32_t * PULONG_PTR
Definition: typedefs.h:65
_KPROCESS::PowerState
UCHAR PowerState
Definition: ketypes.h:2065
_KNODE::NodeNumber
UCHAR NodeNumber
Definition: ketypes.h:830
_KUSER_SHARED_DATA::SystemCall
ULONG SystemCall
Definition: ketypes.h:1221
_KTHREAD::Preempted
UCHAR Preempted
Definition: ketypes.h:1867
PKEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS * PKEXECUTE_OPTIONS
_KTHREAD::WaitTime
ULONG WaitTime
Definition: ketypes.h:1815
_KTHREAD::Tag
volatile UCHAR Tag
Definition: ketypes.h:1701
_KTHREAD::ReadyTransition
ULONG ReadyTransition
Definition: ketypes.h:1631
_SYNCH_COUNTERS::IpiSendSoftwareInterruptCount
ULONG IpiSendSoftwareInterruptCount
Definition: ketypes.h:741
_KTHREAD::DisableQuantum
ULONG DisableQuantum
Definition: ketypes.h:1671
_KTHREAD::ApcStateIndex
UCHAR ApcStateIndex
Definition: ketypes.h:1882
_SLIST_HEADER
Definition: rtltypes.h:138
_KPROFILE
Definition: ketypes.h:854
_KNODE::PfnDereferenceSListHead
SLIST_HEADER PfnDereferenceSListHead
Definition: ketypes.h:826
PKDPC_LIST
struct _KDPC_LIST * PKDPC_LIST
KWAIT_BLOCK
struct _KWAIT_BLOCK KWAIT_BLOCK
_KNODE::ProcessorMask
KAFFINITY ProcessorMask
Definition: ketypes.h:827
_KTHREAD::ApcQueueable
ULONG ApcQueueable
Definition: ketypes.h:1651
PKNORMAL_ROUTINE
VOID(NTAPI * PKNORMAL_ROUTINE)(IN PVOID NormalContext OPTIONAL, IN PVOID SystemArgument1 OPTIONAL, IN PVOID SystemArgument2 OPTIONAL)
Definition: ketypes.h:684
_KTHREAD::WaitMode
KPROCESSOR_MODE WaitMode
Definition: ketypes.h:1736
_KDPC_DATA::ActiveDpc
PKDPC ActiveDpc
Definition: ketypes.h:802
_KNODE::Seed
UCHAR Seed
Definition: ketypes.h:829
_KEVENT_PAIR::HighEvent
KEVENT HighEvent
Definition: ketypes.h:919
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveWaits
ULONG ExAcqResSharedWaitForExclusiveWaits
Definition: ketypes.h:771
KPROFILE_SOURCE
enum _KPROFILE_SOURCE KPROFILE_SOURCE
_COUNTER_READING::Type
enum _HARDWARE_COUNTER_TYPE Type
Definition: ketypes.h:954
_KTHREAD::WaitBlockFill9
UCHAR WaitBlockFill9[1 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1800
_KPROCESS::UserTime
ULONG UserTime
Definition: ketypes.h:2043
_KPROCESS::AutoAlignment
LONG AutoAlignment
Definition: ketypes.h:2054
_KINTERRUPT::DispatchAddress
PKINTERRUPT_ROUTINE DispatchAddress
Definition: ketypes.h:887
_KEXECUTE_OPTIONS::ExecuteDispatchEnable
UCHAR ExecuteDispatchEnable
Definition: ketypes.h:931
CSHORT
short CSHORT
Definition: umtypes.h:127
_WAIT_TYPE
_WAIT_TYPE
Definition: ntdef.template.h:365
_KSYSTEM_TIME
Definition: ketypes.h:916
_KTHREAD::InitialStack
PVOID InitialStack
Definition: ketypes.h:1604
_KUSER_SHARED_DATA::DbgErrorPortPresent
ULONG DbgErrorPortPresent
Definition: ketypes.h:1206
ADJUST_REASON
enum _ADJUST_REASON ADJUST_REASON
KPROFILE
struct _KPROFILE KPROFILE
_KTHREAD::AffinityVersion
ULONG_PTR AffinityVersion
Definition: ketypes.h:1874
KTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY KTIMER_TABLE_ENTRY
_KINTERRUPT::ServiceContext
PVOID ServiceContext
Definition: ketypes.h:883
_KTHREAD::UserAffinity
GROUP_AFFINITY UserAffinity
Definition: ketypes.h:1852
PKLOCK_ENTRY
struct _KLOCK_ENTRY * PKLOCK_ENTRY
_KWAIT_STATUS_REGISTER::Alert
UCHAR Alert
Definition: ketypes.h:947
KiBugCheckData
ULONG_PTR NTSYSAPI KiBugCheckData[]
Definition: bug.c:27
PKNODE
struct _KNODE * PKNODE
_KTHREAD::ThreadLock
KSPIN_LOCK ThreadLock
Definition: ketypes.h:1607
Limit
_In_ LONG _In_ LONG Limit
Definition: kefuncs.h:317
_KTHREAD::WaitRegister
KWAIT_STATUS_REGISTER WaitRegister
Definition: ketypes.h:1618
_KTHREAD::GuiThread
ULONG GuiThread
Definition: ketypes.h:1670
_KTHREAD::ProcessStackCountDecremented
ULONG ProcessStackCountDecremented
Definition: ketypes.h:1689
ServiceTable
SERVICE_TABLE_ENTRYW ServiceTable[]
Definition: service.c:21
_KPROCESS::VdmTrapcHandler
PVOID VdmTrapcHandler
Definition: ketypes.h:2046
_KTHREAD::SystemCallNumber
ULONG SystemCallNumber
Definition: ketypes.h:1709
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveNotAcquires
ULONG ExAcqResSharedWaitForExclusiveNotAcquires
Definition: ketypes.h:772
_SYNCH_COUNTERS::ExecutiveResourceReleaseExclusiveCount
ULONG ExecutiveResourceReleaseExclusiveCount
Definition: ketypes.h:747
_FIBER::ActivationContextStackPointer
struct _ACTIVATION_CONTEXT_STACK * ActivationContextStackPointer
Definition: ketypes.h:189
PKAPC_STATE
* PKAPC_STATE
Definition: ketypes.h:1285
_KWAIT_STATUS_REGISTER
Definition: ketypes.h:937
_KUSER_SHARED_DATA::ComPlusPackage
ULONG ComPlusPackage
Definition: ketypes.h:1187
_KIDTENTRY
Definition: ketypes.h:385
THREAD_WAIT_OBJECTS
#define THREAD_WAIT_OBJECTS
Definition: ketypes.h:480
_KUSER_SHARED_DATA::ProcessorFeatures
BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX]
Definition: ketypes.h:1173
PKSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR * PKSERVICE_TABLE_DESCRIPTOR
_KCONTINUE_STATUS
_KCONTINUE_STATUS
Definition: ketypes.h:480
_KPROCESS::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:2024
_KTHREAD::KeReferenceCount
volatile SHORT KeReferenceCount
Definition: ketypes.h:1974
_KTHREAD::ThreadFlagsSpare
ULONG ThreadFlagsSpare
Definition: ketypes.h:1690
_KTHREAD::MutantListHead
LIST_ENTRY MutantListHead
Definition: ketypes.h:1949
_KTHREAD::WaitBlockFill11
UCHAR WaitBlockFill11[3 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, Object)]
Definition: ketypes.h:1810
_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsAccountedCount
ULONG ExEtwSynchTrackingNotificationsAccountedCount
Definition: ketypes.h:781
_KUSER_SHARED_DATA::SpareBits
ULONG SpareBits
Definition: ketypes.h:1213
_KUSER_SHARED_DATA::DismountCount
volatile ULONG DismountCount
Definition: ketypes.h:1186
_KTHREAD::WaitIrql
KIRQL WaitIrql
Definition: ketypes.h:1735
_KUSER_SHARED_DATA::ProductTypeIsValid
BOOLEAN ProductTypeIsValid
Definition: ketypes.h:1170
_KWAIT_STATUS_REGISTER::Affinity
UCHAR Affinity
Definition: ketypes.h:943
_KUSER_SHARED_DATA::Wow64SharedInformation
ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES]
Definition: ketypes.h:1236
KNODE
struct _KNODE KNODE
_KNODE
Definition: ketypes.h:823
PP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST PP_LOOKASIDE_LIST
KeServiceDescriptorTableShadow
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES]
Definition: procobj.c:24