ReactOS 0.4.17-dev-301-g9127a53
ketypes.h
Go to the documentation of this file.
1/*++ NDK Version: 0098
2
3Copyright (c) Alex Ionescu. All rights reserved.
4
5Header Name:
6
7 ketypes.h
8
9Abstract:
10
11 Type definitions for the Kernel services.
12
13Author:
14
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16
17--*/
18
19#ifndef _KETYPES_H
20#define _KETYPES_H
21
22//
23// Dependencies
24//
25#include <umtypes.h>
26#ifndef NTOS_MODE_USER
27#include <haltypes.h>
28#include <potypes.h>
29#include <ifssupp.h>
30#endif
31
32//
33// A system call ID is formatted as such:
34// .________________________________________________________________.
35// | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
36// |--------------|-------------------------------------------------|
37// | TABLE NUMBER | TABLE OFFSET |
38// \----------------------------------------------------------------/
39//
40// The table number is then used as an index into the service descriptor table.
41#define TABLE_NUMBER_BITS 1
42#define TABLE_OFFSET_BITS 12
43
44//
45// There are 2 tables (kernel and shadow, used by Win32K)
46//
47#define NUMBER_SERVICE_TABLES 2
48#define NTOS_SERVICE_INDEX 0
49#define WIN32K_SERVICE_INDEX 1
50
51//
52// NB. From assembly code, the table number must be computed as an offset into
53// the service descriptor table.
54//
55// Each entry into the table is 16 bytes long on 32-bit architectures, and
56// 32 bytes long on 64-bit architectures.
57//
58// Thus, Table Number 1 is offset 16 (0x10) on x86, and offset 32 (0x20) on
59// x64.
60//
61#ifdef _WIN64
62#define BITS_PER_ENTRY 5 // (1 << 5) = 32 bytes
63#else
64#define BITS_PER_ENTRY 4 // (1 << 4) = 16 bytes
65#endif
66
67//
68// We want the table number, but leave some extra bits to we can have the offset
69// into the descriptor table.
70//
71#define SERVICE_TABLE_SHIFT (12 - BITS_PER_ENTRY)
72
73//
74// Now the table number (as an offset) is corrupted with part of the table offset
75// This mask will remove the extra unwanted bits, and give us the offset into the
76// descriptor table proper.
77//
78#define SERVICE_TABLE_MASK (((1 << TABLE_NUMBER_BITS) - 1) << BITS_PER_ENTRY)
79
80//
81// To get the table offset (ie: the service call number), just keep the 12 bits
82//
83#define SERVICE_NUMBER_MASK ((1 << TABLE_OFFSET_BITS) - 1)
84
85//
86// We'll often need to check if this is a graphics call. This is done by comparing
87// the table number offset with the known Win32K table number offset.
88// This is usually index 1, so table number offset 0x10 (x86) or 0x20 (x64)
89//
90#define SERVICE_TABLE_TEST (WIN32K_SERVICE_INDEX << BITS_PER_ENTRY)
91
92//
93// Context Record Flags
94//
95#define CONTEXT_DEBUGGER (CONTEXT_FULL | CONTEXT_FLOATING_POINT)
96
97//
98// Maximum System Descriptor Table Entries
99//
100#define SSDT_MAX_ENTRIES 2
101
102//
103// Processor Architectures
104//
105#define PROCESSOR_ARCHITECTURE_INTEL 0
106#define PROCESSOR_ARCHITECTURE_MIPS 1
107#define PROCESSOR_ARCHITECTURE_ALPHA 2
108#define PROCESSOR_ARCHITECTURE_PPC 3
109#define PROCESSOR_ARCHITECTURE_SHX 4
110#define PROCESSOR_ARCHITECTURE_ARM 5
111#define PROCESSOR_ARCHITECTURE_IA64 6
112#define PROCESSOR_ARCHITECTURE_ALPHA64 7
113#define PROCESSOR_ARCHITECTURE_MSIL 8
114#define PROCESSOR_ARCHITECTURE_AMD64 9
115#define PROCESSOR_ARCHITECTURE_UNKNOWN 0xFFFF
116
117//
118// Object Type Mask for Kernel Dispatcher Objects
119//
120#define KOBJECT_TYPE_MASK 0x7F
121#define KOBJECT_LOCK_BIT 0x80
122
123//
124// Dispatcher Priority increments
125//
126#define THREAD_ALERT_INCREMENT 2
127
128//
129// Quantum values and decrements
130//
131#define MAX_QUANTUM 0x7F
132#define WAIT_QUANTUM_DECREMENT 1
133#define CLOCK_QUANTUM_DECREMENT 3
134
135//
136// Internal Exception Codes
137//
138#define KI_EXCEPTION_INTERNAL 0x10000000
139#define KI_EXCEPTION_ACCESS_VIOLATION (KI_EXCEPTION_INTERNAL | 0x04)
140
141typedef struct _FIBER /* Field offsets: */
142{ /* i386 arm x64 */
143 PVOID FiberData; /* 0x000 0x000 0x000 */
144 struct _EXCEPTION_REGISTRATION_RECORD *ExceptionList;/* 0x004 0x004 0x008 */
145 PVOID StackBase; /* 0x008 0x008 0x010 */
146 PVOID StackLimit; /* 0x00C 0x00C 0x018 */
147 PVOID DeallocationStack; /* 0x010 0x010 0x020 */
148 CONTEXT FiberContext; /* 0x014 0x018 0x030 */
149#if (NTDDI_VERSION >= NTDDI_LONGHORN)
150 PVOID Wx86Tib; /* 0x2E0 0x1b8 0x500 */
151 struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer; /* 0x2E4 0x1bc 0x508 */
152 PVOID FlsData; /* 0x2E8 0x1c0 0x510 */
153 ULONG GuaranteedStackBytes; /* 0x2EC 0x1c4 0x518 */
154 ULONG TebFlags; /* 0x2F0 0x1c8 0x51C */
155#else
156 ULONG GuaranteedStackBytes; /* 0x2E0 */
157 PVOID FlsData; /* 0x2E4 */
158 struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer;
159#endif
160} FIBER, *PFIBER;
161
162//
163// KUSER_SHARED_DATA location in User Mode
164//
165#define USER_SHARED_DATA 0x7FFE0000
166
167#ifndef NTOS_MODE_USER
168//
169// Number of dispatch codes supported by KINTERRUPT
170//
171#ifdef _M_AMD64
172#define DISPATCH_LENGTH 4
173#elif (NTDDI_VERSION >= NTDDI_LONGHORN)
174#define DISPATCH_LENGTH 135
175#else
176#define DISPATCH_LENGTH 106
177#endif
178
179#else // NTOS_MODE_USER
180
181//
182// KPROCESSOR_MODE Type
183//
184typedef CCHAR KPROCESSOR_MODE;
185
186//
187// Dereferencable pointer to KUSER_SHARED_DATA in User-Mode
188//
189#define SharedUserData ((KUSER_SHARED_DATA *)USER_SHARED_DATA)
190
191#ifdef _X86_
192/* Macros for user-mode run-time checks of X86 system architecture */
193
194#ifndef IsNEC_98
195#define IsNEC_98 (SharedUserData->AlternativeArchitecture == NEC98x86)
196#endif
197
198#ifndef IsNotNEC_98
199#define IsNotNEC_98 (SharedUserData->AlternativeArchitecture != NEC98x86)
200#endif
201
202/* User-mode cannot override the architecture */
203#ifndef SetNEC_98
204#define SetNEC_98
205#endif
206
207/* User-mode cannot override the architecture */
208#ifndef SetNotNEC_98
209#define SetNotNEC_98
210#endif
211
212#else // !_X86_
213/* Correctly define these run-time definitions for non X86 machines */
214
215#ifndef IsNEC_98
216#define IsNEC_98 (FALSE)
217#endif
218
219#ifndef IsNotNEC_98
220#define IsNotNEC_98 (TRUE)
221#endif
222
223#ifndef SetNEC_98
224#define SetNEC_98
225#endif
226
227#ifndef SetNotNEC_98
228#define SetNotNEC_98
229#endif
230
231#endif // _X86_
232
233//
234// Maximum WOW64 Entries in KUSER_SHARED_DATA
235//
236#define MAX_WOW64_SHARED_ENTRIES 16
237
238//
239// Maximum Processor Features supported in KUSER_SHARED_DATA
240//
241#define PROCESSOR_FEATURE_MAX 64
242
243//
244// Event Types
245//
246typedef enum _EVENT_TYPE
247{
248 NotificationEvent,
249 SynchronizationEvent
250} EVENT_TYPE;
251
252//
253// Timer Types
254//
255typedef enum _TIMER_TYPE
256{
257 NotificationTimer,
258 SynchronizationTimer
259} TIMER_TYPE;
260
261//
262// Wait Types
263//
264typedef enum _WAIT_TYPE
265{
266 WaitAll,
267 WaitAny
268} WAIT_TYPE;
269
270//
271// Processor Execution Modes
272//
273typedef enum _MODE
274{
275 KernelMode,
276 UserMode,
277 MaximumMode
278} MODE;
279
280//
281// Wait Reasons
282//
283typedef enum _KWAIT_REASON
284{
285 Executive,
286 FreePage,
287 PageIn,
288 PoolAllocation,
289 DelayExecution,
290 Suspended,
291 UserRequest,
292 WrExecutive,
293 WrFreePage,
294 WrPageIn,
295 WrPoolAllocation,
296 WrDelayExecution,
297 WrSuspended,
298 WrUserRequest,
299 WrEventPair,
300 WrQueue,
301 WrLpcReceive,
302 WrLpcReply,
303 WrVirtualMemory,
304 WrPageOut,
305 WrRendezvous,
306 WrKeyedEvent,
307 WrTerminated,
308 WrProcessInSwap,
309 WrCpuRateControl,
310 WrCalloutStack,
311 WrKernel,
312 WrResource,
313 WrPushLock,
314 WrMutex,
315 WrQuantumEnd,
316 WrDispatchInt,
317 WrPreempted,
318 WrYieldExecution,
319 WrFastMutex,
320 WrGuardedMutex,
321 WrRundown,
322#if (NTDDI_VERSION >= NTDDI_WIN8)
323 WrAlertByThreadId,
324 WrDeferredPreempt,
325#endif
326#if (NTDDI_VERSION >= NTDDI_WIN10_RS3)
327 WrPhysicalFault,
328#endif
329#if (NTDDI_VERSION >= NTDDI_WIN11)
330 WrIoRing,
331#endif
332#if (NTDDI_VERSION >= NTDDI_WIN11_NI)
333 WrMdlCache,
334#endif
335#if (NTDDI_VERSION >= NTDDI_WIN11_GE)
336 WrRcu,
337#endif
338 MaximumWaitReason
339} KWAIT_REASON;
340
341//
342// Profiling Sources
343//
344typedef enum _KPROFILE_SOURCE
345{
346 ProfileTime,
347 ProfileAlignmentFixup,
348 ProfileTotalIssues,
349 ProfilePipelineDry,
350 ProfileLoadInstructions,
351 ProfilePipelineFrozen,
352 ProfileBranchInstructions,
353 ProfileTotalNonissues,
354 ProfileDcacheMisses,
355 ProfileIcacheMisses,
356 ProfileCacheMisses,
357 ProfileBranchMispredictions,
358 ProfileStoreInstructions,
359 ProfileFpInstructions,
360 ProfileIntegerInstructions,
361 Profile2Issue,
362 Profile3Issue,
363 Profile4Issue,
364 ProfileSpecialInstructions,
365 ProfileTotalCycles,
366 ProfileIcacheIssues,
367 ProfileDcacheAccesses,
368 ProfileMemoryBarrierCycles,
369 ProfileLoadLinkedIssues,
370 ProfileMaximum
371} KPROFILE_SOURCE;
372
373//
374// NT Product and Architecture Types
375//
376typedef enum _NT_PRODUCT_TYPE
377{
378 NtProductWinNt = 1,
379 NtProductLanManNt,
380 NtProductServer
381} NT_PRODUCT_TYPE, *PNT_PRODUCT_TYPE;
382
383typedef enum _ALTERNATIVE_ARCHITECTURE_TYPE
384{
385 StandardDesign,
386 NEC98x86,
387 EndAlternatives
388} ALTERNATIVE_ARCHITECTURE_TYPE;
389
390//
391// Flags for NXSupportPolicy
392//
393#if (NTDDI_VERSION >= NTDDI_WINXPSP2)
394#define NX_SUPPORT_POLICY_ALWAYSOFF 0
395#define NX_SUPPORT_POLICY_ALWAYSON 1
396#define NX_SUPPORT_POLICY_OPTIN 2
397#define NX_SUPPORT_POLICY_OPTOUT 3
398#endif
399
400#endif // NTOS_MODE_USER
401
402//
403// Thread States
404//
405typedef enum _KTHREAD_STATE
406{
407 Initialized,
408 Ready,
409 Running,
410 Standby,
411 Terminated,
412 Waiting,
413 Transition,
414 DeferredReady,
415#if (NTDDI_VERSION >= NTDDI_WS03)
416 GateWait
417#endif
418} KTHREAD_STATE, *PKTHREAD_STATE;
419
420//
421// Kernel Object Types
422//
423typedef enum _KOBJECTS
424{
425 EventNotificationObject = 0,
426 EventSynchronizationObject = 1,
427 MutantObject = 2,
428 ProcessObject = 3,
429 QueueObject = 4,
430 SemaphoreObject = 5,
431 ThreadObject = 6,
432 GateObject = 7,
433 TimerNotificationObject = 8,
434 TimerSynchronizationObject = 9,
435 Spare2Object = 10,
436 Spare3Object = 11,
437 Spare4Object = 12,
438 Spare5Object = 13,
439 Spare6Object = 14,
440 Spare7Object = 15,
441 Spare8Object = 16,
442 Spare9Object = 17,
443 ApcObject = 18,
444 DpcObject = 19,
445 DeviceQueueObject = 20,
446 EventPairObject = 21,
447 InterruptObject = 22,
448 ProfileObject = 23,
449 ThreadedDpcObject = 24,
450 MaximumKernelObject = 25
451} KOBJECTS;
452
453//
454// Adjust reasons
455//
456typedef enum _ADJUST_REASON
457{
458 AdjustNone = 0,
459 AdjustUnwait = 1,
460 AdjustBoost = 2
461} ADJUST_REASON;
462
463//
464// Continue Status
465//
466typedef enum _KCONTINUE_STATUS
467{
468 ContinueError = 0,
469 ContinueSuccess,
470 ContinueProcessorReselected,
471 ContinueNextProcessor
472} KCONTINUE_STATUS;
473
474//
475// Process States
476//
477typedef enum _KPROCESS_STATE
478{
479 ProcessInMemory,
480 ProcessOutOfMemory,
481 ProcessInTransition,
482 ProcessInSwap,
483 ProcessOutSwap,
484} KPROCESS_STATE, *PKPROCESS_STATE;
485
486//
487// NtVdmControl Classes
488//
489typedef enum _VDMSERVICECLASS
490{
491 VdmStartExecution = 0,
492 VdmQueueInterrupt = 1,
493 VdmDelayInterrupt = 2,
494 VdmInitialize = 3,
495 VdmFeatures = 4,
496 VdmSetInt21Handler = 5,
497 VdmQueryDir = 6,
498 VdmPrinterDirectIoOpen = 7,
499 VdmPrinterDirectIoClose = 8,
500 VdmPrinterInitialize = 9,
501 VdmSetLdtEntries = 10,
502 VdmSetProcessLdtInfo = 11,
503 VdmAdlibEmulation = 12,
504 VdmPMCliControl = 13,
505 VdmQueryVdmProcess = 14,
506} VDMSERVICECLASS;
507
508#ifdef NTOS_MODE_USER
509
510//
511// APC Normal Routine
512//
513typedef VOID
514(NTAPI *PKNORMAL_ROUTINE)(
515 _In_ PVOID NormalContext,
516 _In_ PVOID SystemArgument1,
517 _In_ PVOID SystemArgument2
518);
519
520//
521// Timer Routine
522//
523typedef VOID
524(NTAPI *PTIMER_APC_ROUTINE)(
525 _In_ PVOID TimerContext,
526 _In_ ULONG TimerLowValue,
527 _In_ LONG TimerHighValue
528);
529
530//
531// System Time Structure
532//
533typedef struct _KSYSTEM_TIME
534{
535 ULONG LowPart;
536 LONG High1Time;
537 LONG High2Time;
538} KSYSTEM_TIME, *PKSYSTEM_TIME;
539
540//
541// Shared Kernel User Data
542// Keep in sync with sdk/include/xdk/ketypes.h
543//
544typedef struct _KUSER_SHARED_DATA
545{
546 ULONG TickCountLowDeprecated; // 0x0
547 ULONG TickCountMultiplier; // 0x4
548 volatile KSYSTEM_TIME InterruptTime; // 0x8
549 volatile KSYSTEM_TIME SystemTime; // 0x14
550 volatile KSYSTEM_TIME TimeZoneBias; // 0x20
551 USHORT ImageNumberLow; // 0x2c
552 USHORT ImageNumberHigh; // 0x2e
553 WCHAR NtSystemRoot[260]; // 0x30
554 ULONG MaxStackTraceDepth; // 0x238
555 ULONG CryptoExponent; // 0x23c
556 ULONG TimeZoneId; // 0x240
557 ULONG LargePageMinimum; // 0x244
558
559#if (NTDDI_VERSION >= NTDDI_WIN8)
560 ULONG AitSamplingValue; // 0x248
561 ULONG AppCompatFlag; // 0x24c
562 ULONGLONG RNGSeedVersion; // 0x250
563 ULONG GlobalValidationRunlevel; // 0x258
564 volatile LONG TimeZoneBiasStamp; // 0x25c
565#if (NTDDI_VERSION >= NTDDI_WIN10)
566 ULONG NtBuildNumber; // 0x260
567#else
568 ULONG Reserved2; // 0x260
569#endif
570#else
571 ULONG Reserved2[7]; // 0x248
572#endif // NTDDI_VERSION >= NTDDI_WIN8
573
574 NT_PRODUCT_TYPE NtProductType; // 0x264
575 BOOLEAN ProductTypeIsValid; // 0x268
576 BOOLEAN Reserved0[1]; // 0x269
577#if (NTDDI_VERSION >= NTDDI_WIN8)
578 USHORT NativeProcessorArchitecture; // 0x26a
579#endif
580 ULONG NtMajorVersion; // 0x26c
581 ULONG NtMinorVersion; // 0x270
582 BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX]; // 0x274
583 ULONG Reserved1; // 0x2b4
584 ULONG Reserved3; // 0x2b8
585 volatile ULONG TimeSlip; // 0x2bc
586 ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture; // 0x2c0
587#if (NTDDI_VERSION >= NTDDI_WIN10)
588 ULONG BootId; // 0x2c4
589#else
590 ULONG AltArchitecturePad[1]; // 0x2c4
591#endif
592 LARGE_INTEGER SystemExpirationDate; // 0x2c8
593 ULONG SuiteMask; // 0x2d0
594 BOOLEAN KdDebuggerEnabled; // 0x2d4
595 union
596 {
597 UCHAR MitigationPolicies; // 0x2d5
598 struct
599 {
600 UCHAR NXSupportPolicy : 2;
601 UCHAR SEHValidationPolicy : 2;
602 UCHAR CurDirDevicesSkippedForDlls : 2;
603 UCHAR Reserved : 2;
604 };
605 };
606#if (NTDDI_VERSION >= NTDDI_WIN10_19H1)
607 USHORT CyclesPerYield; // 0x2d6 // Win 10 19H1+
608#else
609 UCHAR Reserved6[2]; // 0x2d6
610#endif
611 volatile ULONG ActiveConsoleId; // 0x2d8
612 volatile ULONG DismountCount; // 0x2dc
613 ULONG ComPlusPackage; // 0x2e0
614 ULONG LastSystemRITEventTickCount; // 0x2e4
615 ULONG NumberOfPhysicalPages; // 0x2e8
616 BOOLEAN SafeBootMode; // 0x2ec
617
618#if (NTDDI_VERSION == NTDDI_WIN7)
619 union
620 {
621 UCHAR TscQpcData; // 0x2ed
622 struct
623 {
624 UCHAR TscQpcEnabled:1; // 0x2ed
625 UCHAR TscQpcSpareFlag:1; // 0x2ed
626 UCHAR TscQpcShift:6; // 0x2ed
627 } DUMMYSTRUCTNAME;
628 } DUMMYUNIONNAME;
629 UCHAR TscQpcPad[2]; // 0x2ee
630#elif (NTDDI_VERSION >= NTDDI_WIN10_RS1)
631 union
632 {
633 UCHAR VirtualizationFlags; // 0x2ed
634#if defined(_ARM64_)
635 struct
636 {
637 UCHAR ArchStartedInEl2 : 1;
638 UCHAR QcSlIsSupported : 1;
639 UCHAR : 6;
640 };
641#endif
642 };
643 UCHAR Reserved12[2]; // 0x2ee
644#else
645 UCHAR Reserved12[3]; // 0x2ed
646#endif // NTDDI_VERSION == NTDDI_WIN7
647
648#if (NTDDI_VERSION >= NTDDI_VISTA)
649 union
650 {
651 ULONG SharedDataFlags; // 0x2f0
652 struct
653 {
654 ULONG DbgErrorPortPresent : 1; // 0x2f0
655 ULONG DbgElevationEnabled : 1; // 0x2f0
656 ULONG DbgVirtEnabled : 1; // 0x2f0
657 ULONG DbgInstallerDetectEnabled : 1; // 0x2f0
658#if (NTDDI_VERSION >= NTDDI_WIN8)
659 ULONG DbgLkgEnabled : 1; // 0x2f0
660#else
661 ULONG DbgSystemDllRelocated : 1; // 0x2f0
662#endif
663 ULONG DbgDynProcessorEnabled : 1; // 0x2f0
664#if (NTDDI_VERSION >= NTDDI_WIN8)
665 ULONG DbgConsoleBrokerEnabled : 1; // 0x2f0
666#else
667 ULONG DbgSEHValidationEnabled : 1; // 0x2f0
668#endif
669 ULONG DbgSecureBootEnabled : 1; // 0x2f0 Win8+
670 ULONG DbgMultiSessionSku : 1; // 0x2f0 Win 10+
671 ULONG DbgMultiUsersInSessionSku : 1; // 0x2f0 Win 10 RS1+
672 ULONG DbgStateSeparationEnabled : 1; // 0x2f0 Win 10 RS3+
673 ULONG SpareBits : 21; // 0x2f0
674 } DUMMYSTRUCTNAME2;
675 } DUMMYUNIONNAME2;
676#else
677 ULONG TraceLogging;
678#endif // NTDDI_VERSION >= NTDDI_VISTA
679
680 ULONG DataFlagsPad[1]; // 0x2f4
681 ULONGLONG TestRetInstruction; // 0x2f8
682#if (NTDDI_VERSION >= NTDDI_WIN8)
683 ULONGLONG QpcFrequency; // 0x300
684#else
685 ULONG SystemCall; // 0x300
686 ULONG SystemCallReturn; // 0x304
687#endif
688#if (NTDDI_VERSION >= NTDDI_WIN10_TH2)
689 ULONG SystemCall; // 0x308
690 ULONG SystemCallPad0; // 0x30c Renamed to Reserved2 in Vibranium R3
691 ULONGLONG SystemCallPad[2]; // 0x310
692#else
693 ULONGLONG SystemCallPad[3]; // 0x308
694#endif
695 union
696 {
697 volatile KSYSTEM_TIME TickCount; // 0x320
698 volatile ULONG64 TickCountQuad; // 0x320
699 struct
700 {
701 ULONG ReservedTickCountOverlay[3]; // 0x320
702 ULONG TickCountPad[1]; // 0x32c
703 } DUMMYSTRUCTNAME;
704 } DUMMYUNIONNAME3;
705 ULONG Cookie; // 0x330
706
707#if (NTDDI_VERSION < NTDDI_VISTA)
708 ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES]; // 0x334
709#endif
710
711//
712// Windows Vista and later
713//
714#if (NTDDI_VERSION >= NTDDI_VISTA)
715
716 ULONG CookiePad[1]; // 0x334
717 LONGLONG ConsoleSessionForegroundProcessId; // 0x338
718
719#if (NTDDI_VERSION >= NTDDI_WIN8)
720#if (NTDDI_VERSION >= NTDDI_WINBLUE)
721 ULONGLONG TimeUpdateLock; // 0x340
722#else
723 ULONGLONG TimeUpdateSequence; // 0x340
724#endif
725 ULONGLONG BaselineSystemTimeQpc; // 0x348
726 ULONGLONG BaselineInterruptTimeQpc; // 0x350
727 ULONGLONG QpcSystemTimeIncrement; // 0x358
728 ULONGLONG QpcInterruptTimeIncrement; // 0x360
729#if (NTDDI_VERSION >= NTDDI_WIN10)
730 UCHAR QpcSystemTimeIncrementShift; // 0x368
731 UCHAR QpcInterruptTimeIncrementShift; // 0x369
732 USHORT UnparkedProcessorCount; // 0x36a
733 ULONG EnclaveFeatureMask[4]; // 0x36c Win 10 TH2+
734 ULONG TelemetryCoverageRound; // 0x37c Win 10 RS2+
735#else // NTDDI_VERSION < NTDDI_WIN10
736 ULONG QpcSystemTimeIncrement32; // 0x368
737 ULONG QpcInterruptTimeIncrement32; // 0x36c
738 UCHAR QpcSystemTimeIncrementShift; // 0x370
739 UCHAR QpcInterruptTimeIncrementShift; // 0x371
740#if (NTDDI_VERSION >= NTDDI_WINBLUE)
741 USHORT UnparkedProcessorCount; // 0x372
742 UCHAR Reserved8[12]; // 0x374
743#else
744 UCHAR Reserved8[14]; // 0x372
745#endif
746#endif // NTDDI_VERSION < NTDDI_WIN10
747#elif (NTDDI_VERSION >= NTDDI_VISTASP2)
748 ULONG DEPRECATED_Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES]; // 0x340
749#else
750 ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES]; // 0x340
751#endif // NTDDI_VERSION >= NTDDI_VISTA
752
753#if (NTDDI_VERSION >= NTDDI_WIN7)
754 USHORT UserModeGlobalLogger[16]; // 0x380
755#else
756 USHORT UserModeGlobalLogger[8]; // 0x380
757 ULONG HeapTracingPid[2]; // 0x390
758 ULONG CritSecTracingPid[2]; // 0x398
759#endif
760
761 ULONG ImageFileExecutionOptions; // 0x3a0
762 ULONG LangGenerationCount; // 0x3a4 Vista SP2+
763
764#if (NTDDI_VERSION >= NTDDI_WIN8)
765 ULONGLONG Reserved4; // 0x3a8
766#elif (NTDDI_VERSION >= NTDDI_WIN7)
767 ULONGLONG Reserved5; // 0x3a8
768#else
769 union
770 {
771 KAFFINITY ActiveProcessorAffinity; // 0x3a8
772 ULONGLONG AffinityPad; // 0x3a8
773 };
774#endif
775
776 volatile ULONGLONG InterruptTimeBias; // 0x3b0
777#endif // NTDDI_VERSION >= NTDDI_VISTA
778
779//
780// Windows 7 and later
781//
782#if (NTDDI_VERSION >= NTDDI_WIN7)
783 volatile ULONGLONG QpcBias; // 0x3b8 // Win7: TscQpcBias
784 /* volatile */ ULONG ActiveProcessorCount; // 0x3c0 // not volatile since Win 8.1 Update 1
785
786#if (NTDDI_VERSION >= NTDDI_WIN8)
787 volatile UCHAR ActiveGroupCount; // 0x3c4
788 UCHAR Reserved9; // 0x3c5
789 union
790 {
791 USHORT QpcData; // 0x3c6
792 struct
793 {
794 volatile UCHAR QpcBypassEnabled; // 0x3c6
795 UCHAR QpcShift; // 0x3c7
796 };
797 };
798 LARGE_INTEGER TimeZoneBiasEffectiveStart; // 0x3c8
799 LARGE_INTEGER TimeZoneBiasEffectiveEnd; // 0x3d0
800 XSTATE_CONFIGURATION XState; // 0x3d8
801#else
802 USHORT ActiveGroupCount; // 0x3c4
803 USHORT Reserved4; // 0x3c6
804 volatile ULONG AitSamplingValue; // 0x3c8
805 volatile ULONG AppCompatFlag; // 0x3cc
806 ULONGLONG SystemDllNativeRelocation; // 0x3d0 deprecated in Win7 SP2
807 ULONG SystemDllWowRelocation; // 0x3d8 deprecated in Win7 SP2
808 ULONG XStatePad[1]; // 0x3dc
809 XSTATE_CONFIGURATION XState; // 0x3e0
810#endif // NTDDI_VERSION >= NTDDI_WIN8
811#endif // NTDDI_VERSION >= NTDDI_WIN7
812
813//
814// Windows 10 Vibranium and later
815//
816#if (NTDDI_VERSION >= NTDDI_WIN10_VB)
817 KSYSTEM_TIME FeatureConfigurationChangeStamp; // 0x710 // Win 11: 0x720
818 ULONG Spare; // 0x71c // Win 11: 0x72c
819#endif // NTDDI_VERSION >= NTDDI_WIN10_VB
820
821//
822// Windows 11 Nickel and later
823//
824#if (NTDDI_VERSION >= NTDDI_WIN11_NI)
825 ULONG64 UserPointerAuthMask; // 0x730
826#endif // NTDDI_VERSION >= NTDDI_WIN11_NI
827
828#if (NTDDI_VERSION < NTDDI_WIN7) && defined(__REACTOS__)
829 XSTATE_CONFIGURATION XState;
830#endif
831} KUSER_SHARED_DATA, *PKUSER_SHARED_DATA;
832
833//
834// VDM Structures
835//
836#include "pshpack1.h"
837typedef struct _VdmVirtualIca
838{
839 LONG ica_count[8];
840 LONG ica_int_line;
841 LONG ica_cpu_int;
842 USHORT ica_base;
843 USHORT ica_hipiri;
844 USHORT ica_mode;
845 UCHAR ica_master;
846 UCHAR ica_irr;
847 UCHAR ica_isr;
848 UCHAR ica_imr;
849 UCHAR ica_ssr;
850} VDMVIRTUALICA, *PVDMVIRTUALICA;
851#include "poppack.h"
852
853typedef struct _VdmIcaUserData
854{
855 PVOID pIcaLock;
856 PVDMVIRTUALICA pIcaMaster;
857 PVDMVIRTUALICA pIcaSlave;
858 PULONG pDelayIrq;
859 PULONG pUndelayIrq;
860 PULONG pDelayIret;
861 PULONG pIretHooked;
862 PULONG pAddrIretBopTable;
863 PHANDLE phWowIdleEvent;
864 PLARGE_INTEGER pIcaTimeout;
865 PHANDLE phMainThreadSuspended;
866} VDMICAUSERDATA, *PVDMICAUSERDATA;
867
868typedef struct _VDM_INITIALIZE_DATA
869{
870 PVOID TrapcHandler;
871 PVDMICAUSERDATA IcaUserData;
872} VDM_INITIALIZE_DATA, *PVDM_INITIALIZE_DATA;
873
874#else
875
876//
877// System Thread Start Routine
878//
879typedef
880VOID
881(NTAPI *PKSYSTEM_ROUTINE)(
882 PKSTART_ROUTINE StartRoutine,
883 PVOID StartContext
884);
885
886#ifndef _NTSYSTEM_
887typedef VOID
888(NTAPI *PKNORMAL_ROUTINE)(
889 IN PVOID NormalContext OPTIONAL,
890 IN PVOID SystemArgument1 OPTIONAL,
891 IN PVOID SystemArgument2 OPTIONAL);
892
893typedef VOID
894(NTAPI *PKRUNDOWN_ROUTINE)(
895 IN struct _KAPC *Apc);
896
897typedef VOID
898(NTAPI *PKKERNEL_ROUTINE)(
899 IN struct _KAPC *Apc,
900 IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL,
901 IN OUT PVOID *NormalContext OPTIONAL,
902 IN OUT PVOID *SystemArgument1 OPTIONAL,
903 IN OUT PVOID *SystemArgument2 OPTIONAL);
904#endif
905
906//
907// APC Environment Types
908//
909typedef enum _KAPC_ENVIRONMENT
910{
911 OriginalApcEnvironment,
912 AttachedApcEnvironment,
913 CurrentApcEnvironment,
914 InsertApcEnvironment
915} KAPC_ENVIRONMENT;
916
917typedef struct _KTIMER_TABLE_ENTRY
918{
919#if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM) || defined(_M_AMD64)
920 KSPIN_LOCK Lock;
921#endif
922 LIST_ENTRY Entry;
923 ULARGE_INTEGER Time;
924} KTIMER_TABLE_ENTRY, *PKTIMER_TABLE_ENTRY;
925
926typedef struct _KTIMER_TABLE
927{
928 PKTIMER TimerExpiry[64];
929 KTIMER_TABLE_ENTRY TimerEntries[256];
930} KTIMER_TABLE, *PKTIMER_TABLE;
931
932typedef struct _KDPC_LIST
933{
934 SINGLE_LIST_ENTRY ListHead;
935 SINGLE_LIST_ENTRY* LastEntry;
936} KDPC_LIST, *PKDPC_LIST;
937
938typedef struct _SYNCH_COUNTERS
939{
940 ULONG SpinLockAcquireCount;
941 ULONG SpinLockContentionCount;
942 ULONG SpinLockSpinCount;
943 ULONG IpiSendRequestBroadcastCount;
944 ULONG IpiSendRequestRoutineCount;
945 ULONG IpiSendSoftwareInterruptCount;
946 ULONG ExInitializeResourceCount;
947 ULONG ExReInitializeResourceCount;
948 ULONG ExDeleteResourceCount;
949 ULONG ExecutiveResourceAcquiresCount;
950 ULONG ExecutiveResourceContentionsCount;
951 ULONG ExecutiveResourceReleaseExclusiveCount;
952 ULONG ExecutiveResourceReleaseSharedCount;
953 ULONG ExecutiveResourceConvertsCount;
954 ULONG ExAcqResExclusiveAttempts;
955 ULONG ExAcqResExclusiveAcquiresExclusive;
956 ULONG ExAcqResExclusiveAcquiresExclusiveRecursive;
957 ULONG ExAcqResExclusiveWaits;
958 ULONG ExAcqResExclusiveNotAcquires;
959 ULONG ExAcqResSharedAttempts;
960 ULONG ExAcqResSharedAcquiresExclusive;
961 ULONG ExAcqResSharedAcquiresShared;
962 ULONG ExAcqResSharedAcquiresSharedRecursive;
963 ULONG ExAcqResSharedWaits;
964 ULONG ExAcqResSharedNotAcquires;
965 ULONG ExAcqResSharedStarveExclusiveAttempts;
966 ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive;
967 ULONG ExAcqResSharedStarveExclusiveAcquiresShared;
968 ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive;
969 ULONG ExAcqResSharedStarveExclusiveWaits;
970 ULONG ExAcqResSharedStarveExclusiveNotAcquires;
971 ULONG ExAcqResSharedWaitForExclusiveAttempts;
972 ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive;
973 ULONG ExAcqResSharedWaitForExclusiveAcquiresShared;
974 ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive;
975 ULONG ExAcqResSharedWaitForExclusiveWaits;
976 ULONG ExAcqResSharedWaitForExclusiveNotAcquires;
977 ULONG ExSetResOwnerPointerExclusive;
978 ULONG ExSetResOwnerPointerSharedNew;
979 ULONG ExSetResOwnerPointerSharedOld;
980 ULONG ExTryToAcqExclusiveAttempts;
981 ULONG ExTryToAcqExclusiveAcquires;
982 ULONG ExBoostExclusiveOwner;
983 ULONG ExBoostSharedOwners;
984 ULONG ExEtwSynchTrackingNotificationsCount;
985 ULONG ExEtwSynchTrackingNotificationsAccountedCount;
986} SYNCH_COUNTERS, *PSYNCH_COUNTERS;
987
988//
989// PRCB DPC Data
990//
991typedef struct _KDPC_DATA
992{
993#if (NTDDI_VERSION >= NTDDI_LONGHORN)
994 KDPC_LIST DpcList;
995#else
996 LIST_ENTRY DpcListHead;
997#endif
998 ULONG_PTR DpcLock;
999#if defined(_M_AMD64) || defined(_M_ARM)
1000 volatile LONG DpcQueueDepth;
1001#else
1002 volatile ULONG DpcQueueDepth;
1003#endif
1004 ULONG DpcCount;
1005#if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM)
1006 PKDPC ActiveDpc;
1007#endif
1008} KDPC_DATA, *PKDPC_DATA;
1009
1010//
1011// Per-Processor Lookaside List
1012//
1013typedef struct _PP_LOOKASIDE_LIST
1014{
1015 struct _GENERAL_LOOKASIDE *P;
1016 struct _GENERAL_LOOKASIDE *L;
1017} PP_LOOKASIDE_LIST, *PPP_LOOKASIDE_LIST;
1018
1019//
1020// Architectural Types
1021//
1022#include <arch/ketypes.h>
1023
1024//
1025// Kernel Memory Node
1026//
1027typedef struct _KNODE
1028{
1029 SLIST_HEADER DeadStackList;
1030 SLIST_HEADER PfnDereferenceSListHead;
1031 KAFFINITY ProcessorMask;
1032 UCHAR Color;
1033 UCHAR Seed;
1034 UCHAR NodeNumber;
1035 struct _flags {
1036 UCHAR Removable : 1;
1037 UCHAR Fill : 7;
1038 } Flags;
1039 ULONG MmShiftedColor;
1040 ULONG_PTR FreeCount[2];
1041 struct _SINGLE_LIST_ENTRY *PfnDeferredList;
1042} KNODE, *PKNODE;
1043
1044//
1045// Structure for Get/SetContext APC
1046//
1047typedef struct _GETSETCONTEXT
1048{
1049 KAPC Apc;
1050 KEVENT Event;
1051 KPROCESSOR_MODE Mode;
1052 CONTEXT Context;
1053} GETSETCONTEXT, *PGETSETCONTEXT;
1054
1055//
1056// Kernel Profile Object
1057//
1058typedef struct _KPROFILE
1059{
1060 CSHORT Type;
1061 CSHORT Size;
1062 LIST_ENTRY ProfileListEntry;
1063 struct _KPROCESS *Process;
1064 PVOID RangeBase;
1065 PVOID RangeLimit;
1066 ULONG BucketShift;
1067 PVOID Buffer;
1068 ULONG_PTR Segment;
1069 KAFFINITY Affinity;
1070 KPROFILE_SOURCE Source;
1071 BOOLEAN Started;
1072} KPROFILE, *PKPROFILE;
1073
1074//
1075// Kernel Interrupt Object
1076//
1077typedef struct _KINTERRUPT
1078{
1079 CSHORT Type;
1080 CSHORT Size;
1081 LIST_ENTRY InterruptListEntry;
1082 PKSERVICE_ROUTINE ServiceRoutine;
1083#if (NTDDI_VERSION >= NTDDI_LONGHORN)
1084 PKSERVICE_ROUTINE MessageServiceRoutine;
1085 ULONG MessageIndex;
1086#endif
1087 PVOID ServiceContext;
1088 KSPIN_LOCK SpinLock;
1089 ULONG TickCount;
1090 PKSPIN_LOCK ActualLock;
1091 PKINTERRUPT_ROUTINE DispatchAddress;
1092 ULONG Vector;
1093 KIRQL Irql;
1094 KIRQL SynchronizeIrql;
1095 BOOLEAN FloatingSave;
1096 BOOLEAN Connected;
1097 CCHAR Number;
1098 BOOLEAN ShareVector;
1099 KINTERRUPT_MODE Mode;
1100#if (NTDDI_VERSION >= NTDDI_LONGHORN)
1101 KINTERRUPT_POLARITY Polarity;
1102#endif
1103 ULONG ServiceCount;
1104 ULONG DispatchCount;
1105#if (NTDDI_VERSION >= NTDDI_LONGHORN)
1106 ULONGLONG Rsvd1;
1107#endif
1108#ifdef _M_AMD64
1109 PKTRAP_FRAME TrapFrame;
1110 PVOID Reserved;
1111#endif
1112 ULONG DispatchCode[DISPATCH_LENGTH];
1113} KINTERRUPT;
1114
1115//
1116// Kernel Event Pair Object
1117//
1118typedef struct _KEVENT_PAIR
1119{
1120 CSHORT Type;
1121 CSHORT Size;
1122 KEVENT LowEvent;
1123 KEVENT HighEvent;
1124} KEVENT_PAIR, *PKEVENT_PAIR;
1125
1126//
1127// Kernel No Execute Options
1128//
1129typedef struct _KEXECUTE_OPTIONS
1130{
1131 UCHAR ExecuteDisable:1;
1132 UCHAR ExecuteEnable:1;
1133 UCHAR DisableThunkEmulation:1;
1134 UCHAR Permanent:1;
1135 UCHAR ExecuteDispatchEnable:1;
1136 UCHAR ImageDispatchEnable:1;
1137 UCHAR Spare:2;
1138} KEXECUTE_OPTIONS, *PKEXECUTE_OPTIONS;
1139
1140#if (NTDDI_VERSION >= NTDDI_WIN7)
1141typedef union _KWAIT_STATUS_REGISTER
1142{
1143 UCHAR Flags;
1144 struct
1145 {
1146 UCHAR State:2;
1147 UCHAR Affinity:1;
1148 UCHAR Priority:1;
1149 UCHAR Apc:1;
1150 UCHAR UserApc:1;
1151 UCHAR Alert:1;
1152 UCHAR Unused:1;
1153 };
1154} KWAIT_STATUS_REGISTER, *PKWAIT_STATUS_REGISTER;
1155
1156typedef struct _COUNTER_READING
1157{
1158 enum _HARDWARE_COUNTER_TYPE Type;
1159 ULONG Index;
1160 ULONG64 Start;
1161 ULONG64 Total;
1162}COUNTER_READING, *PCOUNTER_READING;
1163
1164typedef struct _KTHREAD_COUNTERS
1165{
1166 ULONG64 WaitReasonBitMap;
1167 struct _THREAD_PERFORMANCE_DATA* UserData;
1168 ULONG Flags;
1169 ULONG ContextSwitches;
1170 ULONG64 CycleTimeBias;
1171 ULONG64 HardwareCounters;
1172 COUNTER_READING HwCounter[16];
1173}KTHREAD_COUNTERS, *PKTHREAD_COUNTERS;
1174#endif
1175
1177#if (NTDDI_VERSION >= NTDDI_WIN8)
1178typedef struct _RTL_RB_TREE
1179{
1180 PRTL_BALANCED_NODE Root;
1181 PRTL_BALANCED_NODE Min;
1182} RTL_RB_TREE, *PRTL_RB_TREE;
1183#endif
1184
1185#if (NTDDI_VERSION >= NTDDI_WINBLUE)
1186typedef struct _KLOCK_ENTRY_LOCK_STATE
1187{
1188 union
1189 {
1190 struct
1191 {
1192#if (NTDDI_VERSION >= NTDDI_WIN10) // since 6.4.9841.0
1193 ULONG_PTR CrossThreadReleasable : 1;
1194#else
1195 ULONG_PTR Waiting : 1;
1196#endif
1197 ULONG_PTR Busy : 1;
1198 ULONG_PTR Reserved : (8 * sizeof(PVOID)) - 3; // previously Spare
1199 ULONG_PTR InTree : 1;
1200 };
1201 PVOID LockState;
1202 };
1203 union
1204 {
1205 PVOID SessionState;
1206 struct
1207 {
1208 ULONG SessionId;
1209#ifdef _WIN64
1210 ULONG SessionPad;
1211#endif
1212 };
1213 };
1214} KLOCK_ENTRY_LOCK_STATE, *PKLOCK_ENTRY_LOCK_STATE;
1215
1216typedef struct _KLOCK_ENTRY
1217{
1218 union
1219 {
1220 RTL_BALANCED_NODE TreeNode;
1221 SINGLE_LIST_ENTRY FreeListEntry;
1222 };
1223#if (NTDDI_VERSION >= NTDDI_WIN10)
1224 union
1225 {
1226 ULONG EntryFlags;
1227 struct
1228 {
1229 UCHAR EntryOffset;
1230 union
1231 {
1232 UCHAR ThreadLocalFlags;
1233 struct
1234 {
1235 UCHAR WaitingBit : 1;
1236 UCHAR Spare0 : 7;
1237 };
1238 };
1239 union
1240 {
1241 UCHAR AcquiredByte;
1242 UCHAR AcquiredBit : 1;
1243 };
1244 union
1245 {
1246 UCHAR CrossThreadFlags;
1247 struct
1248 {
1249 UCHAR HeadNodeBit : 1;
1250 UCHAR IoPriorityBit : 1;
1251 UCHAR IoQoSWaiter : 1; // since TH2
1252 UCHAR Spare1 : 5;
1253 };
1254 };
1255 };
1256 struct
1257 {
1258 ULONG StaticState : 8;
1259 ULONG AllFlags : 24;
1260 };
1261 };
1262#ifdef _WIN64
1263 ULONG SpareFlags;
1264#endif
1265#else
1266 union
1267 {
1268 PVOID ThreadUnsafe;
1269 struct
1270 {
1271 volatile UCHAR HeadNodeByte;
1272 UCHAR Reserved1[2];
1273 volatile UCHAR AcquiredByte;
1274 };
1275 };
1276#endif
1277
1278 union
1279 {
1280 KLOCK_ENTRY_LOCK_STATE LockState;
1281 PVOID LockUnsafe;
1282 struct
1283 {
1284#if (NTDDI_VERSION >= NTDDI_WIN10)
1285 volatile UCHAR CrossThreadReleasableAndBusyByte;
1286#else
1287 volatile UCHAR WaitingAndBusyByte;
1288#endif
1289 UCHAR Reserved[sizeof(PVOID) - 2];
1290 UCHAR InTreeByte;
1291 union
1292 {
1293 PVOID SessionState;
1294 struct
1295 {
1296 ULONG SessionId;
1297#ifdef _WIN64
1298 ULONG SessionPad;
1299#endif
1300 };
1301 };
1302 };
1303 };
1304 union
1305 {
1306 struct
1307 {
1308 RTL_RB_TREE OwnerTree;
1309 RTL_RB_TREE WaiterTree;
1310 };
1311 CHAR CpuPriorityKey;
1312 };
1313 ULONG_PTR EntryLock;
1314 union
1315 {
1316#if _WIN64
1317 ULONG AllBoosts : 17;
1318#else
1319 USHORT AllBoosts;
1320#endif
1321 struct
1322 {
1323 struct
1324 {
1325 USHORT CpuBoostsBitmap : 15;
1326 USHORT IoBoost : 1;
1327 };
1328 struct
1329 {
1330 USHORT IoQoSBoost : 1;
1331 USHORT IoNormalPriorityWaiterCount : 8;
1332 USHORT IoQoSWaiterCount : 7;
1333 };
1334 };
1335 };
1336#if _WIN64
1337 ULONG SparePad;
1338#endif
1339} KLOCK_ENTRY, *PKLOCK_ENTRY;
1340
1341#endif
1342
1343//
1344// Kernel Thread (KTHREAD)
1345//
1346#if (NTDDI_VERSION < NTDDI_WIN8)
1347
1348typedef struct _KTHREAD
1349{
1350 DISPATCHER_HEADER Header;
1351#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1352 ULONGLONG CycleTime;
1353#ifndef _WIN64 // [
1354 ULONG HighCycleTime;
1355#endif // ]
1356 ULONGLONG QuantumTarget;
1357#else // ][
1358 LIST_ENTRY MutantListHead;
1359#endif // ]
1360 PVOID InitialStack;
1361 ULONG_PTR StackLimit; // FIXME: PVOID
1362 PVOID KernelStack;
1363 KSPIN_LOCK ThreadLock;
1364#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1365 KWAIT_STATUS_REGISTER WaitRegister;
1366 BOOLEAN Running;
1367 BOOLEAN Alerted[2];
1368 union
1369 {
1370 struct
1371 {
1372 ULONG KernelStackResident:1;
1373 ULONG ReadyTransition:1;
1374 ULONG ProcessReadyQueue:1;
1375 ULONG WaitNext:1;
1376 ULONG SystemAffinityActive:1;
1377 ULONG Alertable:1;
1378 ULONG GdiFlushActive:1;
1379 ULONG UserStackWalkActive:1;
1380 ULONG ApcInterruptRequest:1;
1381 ULONG ForceDeferSchedule:1;
1382 ULONG QuantumEndMigrate:1;
1383 ULONG UmsDirectedSwitchEnable:1;
1384 ULONG TimerActive:1;
1385 ULONG Reserved:19;
1386 };
1387 LONG MiscFlags;
1388 };
1389#endif // ]
1390 union
1391 {
1392 KAPC_STATE ApcState;
1393 struct
1394 {
1395 UCHAR ApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1396#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1397 SCHAR Priority;
1398#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1399 /* On x86, the following members "fall out" of the union */
1400 volatile ULONG NextProcessor;
1401 volatile ULONG DeferredProcessor;
1402#else // ][
1403 /* On x86, the following members "fall out" of the union */
1404 volatile USHORT NextProcessor;
1405 volatile USHORT DeferredProcessor;
1406#endif // ]
1407#else // ][
1408 UCHAR ApcQueueable;
1409 /* On x86, the following members "fall out" of the union */
1410 volatile UCHAR NextProcessor;
1411 volatile UCHAR DeferredProcessor;
1412 UCHAR AdjustReason;
1413 SCHAR AdjustIncrement;
1414#endif // ]
1415 };
1416 };
1417 KSPIN_LOCK ApcQueueLock;
1418#if !defined(_M_AMD64) && !defined(_M_ARM64) // [
1419 ULONG ContextSwitches;
1420 volatile UCHAR State;
1421 UCHAR NpxState;
1422 KIRQL WaitIrql;
1423 KPROCESSOR_MODE WaitMode;
1424#endif // ]
1425 LONG_PTR WaitStatus;
1426#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1427 PKWAIT_BLOCK WaitBlockList;
1428#else // ][
1429 union
1430 {
1431 PKWAIT_BLOCK WaitBlockList;
1432 PKGATE GateObject;
1433 };
1434#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1435 union
1436 {
1437 struct
1438 {
1439 ULONG KernelStackResident:1;
1440 ULONG ReadyTransition:1;
1441 ULONG ProcessReadyQueue:1;
1442 ULONG WaitNext:1;
1443 ULONG SystemAffinityActive:1;
1444 ULONG Alertable:1;
1445 ULONG GdiFlushActive:1;
1446 ULONG Reserved:25;
1447 };
1448 LONG MiscFlags;
1449 };
1450#else // ][
1451 BOOLEAN Alertable;
1452 BOOLEAN WaitNext;
1453#endif // ]
1454 UCHAR WaitReason;
1455#if (NTDDI_VERSION < NTDDI_LONGHORN)
1456 SCHAR Priority;
1457 BOOLEAN EnableStackSwap;
1458#endif // ]
1459 volatile UCHAR SwapBusy;
1460 BOOLEAN Alerted[MaximumMode];
1461#endif // ]
1462 union
1463 {
1464 LIST_ENTRY WaitListEntry;
1465 SINGLE_LIST_ENTRY SwapListEntry;
1466 };
1467 PKQUEUE Queue;
1468#if !defined(_M_AMD64) && !defined(_M_ARM64) // [
1469 ULONG WaitTime;
1470 union
1471 {
1472 struct
1473 {
1474 SHORT KernelApcDisable;
1475 SHORT SpecialApcDisable;
1476 };
1477 ULONG CombinedApcDisable;
1478 };
1479#endif // ]
1480 struct _TEB *Teb;
1481
1482#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1483 KTIMER Timer;
1484#else // ][
1485 union
1486 {
1487 KTIMER Timer;
1488 struct
1489 {
1490 UCHAR TimerFill[FIELD_OFFSET(KTIMER, Period) + sizeof(LONG)];
1491#if !defined(_WIN64) // [
1492 };
1493 };
1494#endif // ]
1495#endif // ]
1496 union
1497 {
1498 struct
1499 {
1500 ULONG AutoAlignment:1;
1501 ULONG DisableBoost:1;
1502#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1503 ULONG EtwStackTraceApc1Inserted:1;
1504 ULONG EtwStackTraceApc2Inserted:1;
1505 ULONG CycleChargePending:1;
1506 ULONG CalloutActive:1;
1507 ULONG ApcQueueable:1;
1508 ULONG EnableStackSwap:1;
1509 ULONG GuiThread:1;
1510 ULONG ReservedFlags:23;
1511#else // ][
1512 LONG ReservedFlags:30;
1513#endif // ]
1514 };
1515 LONG ThreadFlags;
1516 };
1517#if defined(_WIN64) && (NTDDI_VERSION < NTDDI_WIN7) // [
1518 };
1519 };
1520#endif // ]
1521#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1522#if defined(_WIN64) // [
1523 ULONG Spare0;
1524#else // ][
1525 PVOID ServiceTable;
1526#endif // ]
1527#endif // ]
1528 union
1529 {
1530 DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1531#if (NTDDI_VERSION < NTDDI_WIN7) // [
1532 struct
1533 {
1534 UCHAR WaitBlockFill0[FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 32bit = 23, 64bit = 43
1535#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1536 UCHAR IdealProcessor;
1537#else // ][
1538 BOOLEAN SystemAffinityActive;
1539#endif // ]
1540 };
1541 struct
1542 {
1543 UCHAR WaitBlockFill1[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 47 / 91
1544 CCHAR PreviousMode;
1545 };
1546 struct
1547 {
1548 UCHAR WaitBlockFill2[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 71 / 139
1549 UCHAR ResourceIndex;
1550 };
1551 struct
1552 {
1553 UCHAR WaitBlockFill3[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 95 / 187
1554 UCHAR LargeStack;
1555 };
1556#endif // ]
1557#ifdef _WIN64 // [
1558 struct
1559 {
1560 UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1561 ULONG ContextSwitches;
1562 };
1563 struct
1564 {
1565 UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1566 UCHAR State;
1567 UCHAR NpxState;
1568 UCHAR WaitIrql;
1569 CHAR WaitMode;
1570 };
1571 struct
1572 {
1573 UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1574 ULONG WaitTime;
1575 };
1576#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1577 struct
1578 {
1579 UCHAR WaitBlockFill7[168];
1580 PVOID TebMappedLowVa;
1581 struct _UMS_CONTROL_BLOCK* Ucb;
1582 };
1583#endif // ]
1584 struct
1585 {
1586#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1587 UCHAR WaitBlockFill8[188];
1588#else // ][
1589 UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1590#endif // ]
1591 union
1592 {
1593 struct
1594 {
1595 SHORT KernelApcDisable;
1596 SHORT SpecialApcDisable;
1597 };
1598 ULONG CombinedApcDisable;
1599 };
1600 };
1601#endif // ]
1602 };
1603 LIST_ENTRY QueueListEntry;
1604 PKTRAP_FRAME TrapFrame;
1605#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1606 PVOID FirstArgument;
1607 union
1608 {
1609 PVOID CallbackStack;
1610 ULONG_PTR CallbackDepth;
1611 };
1612#else // ][
1613 PVOID CallbackStack;
1614#endif // ]
1615#if (NTDDI_VERSION < NTDDI_LONGHORN) || ((NTDDI_VERSION < NTDDI_WIN7) && !defined(_WIN64)) // [
1616 PVOID ServiceTable;
1617#endif // ]
1618#if (NTDDI_VERSION < NTDDI_LONGHORN) && defined(_WIN64) // [
1619 ULONG KernelLimit;
1620#endif // ]
1621 UCHAR ApcStateIndex;
1622#if (NTDDI_VERSION < NTDDI_LONGHORN) // [
1623 UCHAR IdealProcessor;
1624 BOOLEAN Preempted;
1625 BOOLEAN ProcessReadyQueue;
1626#ifdef _WIN64 // [
1627 PVOID Win32kTable;
1628 ULONG Win32kLimit;
1629#endif // ]
1630 BOOLEAN KernelStackResident;
1631#endif // ]
1632 SCHAR BasePriority;
1633 SCHAR PriorityDecrement;
1634#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1635 BOOLEAN Preempted;
1636 UCHAR AdjustReason;
1637 CHAR AdjustIncrement;
1638#if (NTDDI_VERSION >= NTDDI_WIN7)
1639 UCHAR PreviousMode;
1640#else
1641 UCHAR Spare01;
1642#endif
1643#endif // ]
1644 CHAR Saturation;
1645#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1646 ULONG SystemCallNumber;
1647#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1648 ULONG FreezeCount;
1649#else // ][
1650 ULONG Spare02;
1651#endif // ]
1652#endif // ]
1653#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1654 GROUP_AFFINITY UserAffinity;
1655 struct _KPROCESS *Process;
1656 GROUP_AFFINITY Affinity;
1657 ULONG IdealProcessor;
1658 ULONG UserIdealProcessor;
1659#else // ][
1660 KAFFINITY UserAffinity;
1661 struct _KPROCESS *Process;
1662 KAFFINITY Affinity;
1663#endif // ]
1664 PKAPC_STATE ApcStatePointer[2];
1665 union
1666 {
1667 KAPC_STATE SavedApcState;
1668 struct
1669 {
1670 UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1671#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1672 UCHAR WaitReason;
1673#else // ][
1674 CCHAR FreezeCount;
1675#endif // ]
1676#ifndef _WIN64 // [
1677 };
1678 };
1679#endif // ]
1680 CCHAR SuspendCount;
1681#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1682 CCHAR Spare1;
1683#else // ][
1684 UCHAR UserIdealProcessor;
1685#endif // ]
1686#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1687#elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1688 UCHAR Spare03;
1689#else // ][
1690 UCHAR CalloutActive;
1691#endif // ]
1692#ifdef _WIN64 // [
1693 UCHAR CodePatchInProgress;
1694 };
1695 };
1696#endif // ]
1697#if defined(_M_IX86) // [
1698#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1699 UCHAR OtherPlatformFill;
1700#else // ][
1701 UCHAR Iopl;
1702#endif // ]
1703#endif // ]
1704 PVOID Win32Thread;
1705 PVOID StackBase;
1706 union
1707 {
1708 KAPC SuspendApc;
1709 struct
1710 {
1711 UCHAR SuspendApcFill0[1];
1712#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1713 UCHAR ResourceIndex;
1714#elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1715 CHAR Spare04;
1716#else // ][
1717 SCHAR Quantum;
1718#endif // ]
1719 };
1720 struct
1721 {
1722 UCHAR SuspendApcFill1[3];
1723 UCHAR QuantumReset;
1724 };
1725 struct
1726 {
1727 UCHAR SuspendApcFill2[4];
1728 ULONG KernelTime;
1729 };
1730 struct
1731 {
1732 UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)];
1733#if (NTDDI_VERSION >= NTDDI_LONGHORN)
1734 PKPRCB WaitPrcb;
1735#else
1736 PVOID TlsArray;
1737#endif
1738 };
1739 struct
1740 {
1741 UCHAR SuspendApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 40 / 72
1742 PVOID LegoData;
1743 };
1744 struct
1745 {
1746 UCHAR SuspendApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 47 / 83
1747#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1748 UCHAR LargeStack;
1749#else // ][
1750 UCHAR PowerState;
1751#endif // ]
1752#ifdef _WIN64 // [
1753 ULONG UserTime;
1754#endif // ]
1755 };
1756 };
1757#ifndef _WIN64 // [
1758 ULONG UserTime;
1759#endif // ]
1760 union
1761 {
1762 KSEMAPHORE SuspendSemaphore;
1763 struct
1764 {
1765 UCHAR SuspendSemaphorefill[FIELD_OFFSET(KSEMAPHORE, Limit) + 4]; // 20 / 28
1766#ifdef _WIN64 // [
1767 ULONG SListFaultCount;
1768#endif // ]
1769 };
1770 };
1771#ifndef _WIN64 // [
1772 ULONG SListFaultCount;
1773#endif // ]
1774 LIST_ENTRY ThreadListEntry;
1775#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1776 LIST_ENTRY MutantListHead;
1777#endif // ]
1778 PVOID SListFaultAddress;
1779#ifdef _M_AMD64 // [
1780 LONG64 ReadOperationCount;
1781 LONG64 WriteOperationCount;
1782 LONG64 OtherOperationCount;
1783 LONG64 ReadTransferCount;
1784 LONG64 WriteTransferCount;
1785 LONG64 OtherTransferCount;
1786#endif // ]
1787#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1788 PKTHREAD_COUNTERS ThreadCounters;
1789 PXSTATE_SAVE XStateSave;
1790#elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1791 PVOID MdlForLockedTeb;
1792#endif // ]
1793#if defined(__REACTOS__) && defined(_M_AMD64) // HACK!
1794 XSAVE_FORMAT* StateSaveArea;
1795#endif
1796} KTHREAD;
1797
1798#else // not (NTDDI_VERSION < NTDDI_WIN8)
1799
1800#if defined(_WIN64) && (NTDDI_VERSION < 0x06032580) // since WIN 8.1 Update1 6.3.9600.16384
1801#define NUMBER_OF_LOCK_ENTRIES 5
1802#else
1803#define NUMBER_OF_LOCK_ENTRIES 6
1804#endif
1805
1806typedef struct _KTHREAD
1807{
1808 DISPATCHER_HEADER Header;
1809 PVOID SListFaultAddress;
1810 ULONG64 QuantumTarget;
1811 PVOID InitialStack;
1812 volatile VOID *StackLimit;
1813 PVOID StackBase;
1814 KSPIN_LOCK ThreadLock;
1815 volatile ULONG64 CycleTime;
1816#ifndef _WIN64
1817 volatile ULONG HighCycleTime;
1818 PVOID ServiceTable;
1819#endif
1820 ULONG CurrentRunTime;
1821 ULONG ExpectedRunTime;
1822 PVOID KernelStack;
1823 XSAVE_FORMAT* StateSaveArea;
1824 struct _KSCHEDULING_GROUP* SchedulingGroup;
1825 KWAIT_STATUS_REGISTER WaitRegister;
1826 BOOLEAN Running;
1827 BOOLEAN Alerted[MaximumMode];
1828
1829 union
1830 {
1831 struct
1832 {
1833#if (NTDDI_VERSION < NTDDI_WIN10)
1834 ULONG KernelStackResident : 1;
1835#else
1836 ULONG AutoBoostActive : 1;
1837#endif
1838 ULONG ReadyTransition : 1;
1839#if (NTDDI_VERSION < NTDDI_WIN10TH2)
1840 ULONG ProcessReadyQueue : 1;
1841#endif
1842 ULONG ProcessReadyQueue : 1;
1843 ULONG WaitNext : 1;
1844 ULONG SystemAffinityActive : 1;
1845 ULONG Alertable : 1;
1846#if (NTDDI_VERSION < NTDDI_WIN81)
1847 ULONG CodePatchInProgress : 1;
1848#endif
1849 ULONG UserStackWalkActive : 1;
1850 ULONG ApcInterruptRequest : 1;
1851 ULONG QuantumEndMigrate : 1;
1852 ULONG UmsDirectedSwitchEnable : 1;
1853 ULONG TimerActive : 1;
1854 ULONG SystemThread : 1;
1855 ULONG ProcessDetachActive : 1;
1856 ULONG CalloutActive : 1;
1857 ULONG ScbReadyQueue : 1;
1858 ULONG ApcQueueable : 1;
1859 ULONG ReservedStackInUse : 1;
1860 ULONG UmsPerformingSyscall : 1;
1861 ULONG DisableStackCheck : 1;
1862 ULONG Reserved : 12;
1863 };
1864 LONG MiscFlags;
1865 };
1866
1867 union
1868 {
1869 struct
1870 {
1871 ULONG AutoAlignment : 1;
1872 ULONG DisableBoost : 1;
1873 ULONG UserAffinitySet : 1;
1874 ULONG AlertedByThreadId : 1;
1875 ULONG QuantumDonation : 1;
1876 ULONG EnableStackSwap : 1;
1877 ULONG GuiThread : 1;
1878 ULONG DisableQuantum : 1;
1879 ULONG ChargeOnlyGroup : 1;
1880 ULONG DeferPreemption : 1;
1881 ULONG QueueDeferPreemption : 1;
1882 ULONG ForceDeferSchedule : 1;
1883 ULONG ExplicitIdealProcessor : 1;
1884 ULONG FreezeCount : 1;
1885#if (NTDDI_VERSION >= 0x060324D7) // since 6.3.9431.0
1886 ULONG TerminationApcRequest : 1;
1887#endif
1888#if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.16384
1889 ULONG AutoBoostEntriesExhausted : 1;
1890#endif
1891#if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.17031
1892 ULONG KernelStackResident : 1;
1893#endif
1894#if (NTDDI_VERSION >= NTDDI_WIN10)
1895 ULONG CommitFailTerminateRequest : 1;
1896 ULONG ProcessStackCountDecremented : 1;
1897 ULONG ThreadFlagsSpare : 5;
1898#endif
1899 ULONG EtwStackTraceApcInserted : 8;
1900#if (NTDDI_VERSION < NTDDI_WIN10)
1901 ULONG ReservedFlags : 10;
1902#endif
1903 };
1904 LONG ThreadFlags;
1905 };
1906
1907#if (NTDDI_VERSION >= NTDDI_WIN10)
1908 volatile UCHAR Tag;
1909 UCHAR SystemHeteroCpuPolicy;
1910 UCHAR UserHeteroCpuPolicy : 7;
1911 UCHAR ExplicitSystemHeteroCpuPolicy : 1;
1912 UCHAR Spare0;
1913#else
1914 ULONG Spare0;
1915#endif
1916 ULONG SystemCallNumber;
1917#ifdef _WIN64
1918 ULONG Spare1; // Win 10: Spare10
1919#endif
1920 PVOID FirstArgument;
1921 PKTRAP_FRAME TrapFrame;
1922
1923 union
1924 {
1925 KAPC_STATE ApcState;
1926 struct
1927 {
1928 UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]; // 32bit: 23/0x17, 64bit: 43/0x2B
1929 SCHAR Priority;
1930 ULONG UserIdealProcessor;
1931 };
1932 };
1933
1934#ifndef _WIN64
1935 ULONG ContextSwitches;
1936 volatile UCHAR State;
1937#if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10074.0
1938 CHAR Spare12;
1939#else
1940 CHAR NpxState;
1941#endif
1942 KIRQL WaitIrql;
1943 KPROCESSOR_MODE WaitMode;
1944#endif
1945
1946 volatile INT_PTR WaitStatus;
1947 PKWAIT_BLOCK WaitBlockList;
1948 union
1949 {
1950 LIST_ENTRY WaitListEntry;
1951 SINGLE_LIST_ENTRY SwapListEntry;
1952 };
1953 PKQUEUE Queue;
1954 PVOID Teb;
1955#if (NTDDI_VERSION >= NTDDI_WIN8 /* 0x060223F0 */) // since 6.2.9200.16384
1956 ULONG64 RelativeTimerBias;
1957#endif
1958 KTIMER Timer;
1959
1960 union
1961 {
1962 DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1963#ifdef _WIN64
1964 struct
1965 {
1966 UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 20/0x14
1967 ULONG ContextSwitches;
1968 };
1969 struct
1970 {
1971 UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 68/0x44
1972 UCHAR State;
1973#if (NTDDI_VERSION >= NTDDI_WIN10)
1974 CHAR Spare13;
1975#else
1976 CHAR NpxState;
1977#endif
1978 UCHAR WaitIrql;
1979 CHAR WaitMode;
1980 };
1981 struct
1982 {
1983 UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 116/0x74
1984 ULONG WaitTime;
1985 };
1986 struct
1987 {
1988 UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 164/0xA4
1989 union
1990 {
1991 struct
1992 {
1993 SHORT KernelApcDisable;
1994 SHORT SpecialApcDisable;
1995 };
1996 ULONG CombinedApcDisable;
1997 };
1998 };
1999#endif
2000 struct
2001 {
2002 UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 20/0x14, 64bit: 40/0x28
2003 struct _KTHREAD_COUNTERS *ThreadCounters;
2004 };
2005 struct
2006 {
2007 UCHAR WaitBlockFill9[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 44/0x2C, 64bit: 88/0x58
2008 PXSTATE_SAVE XStateSave;
2009 };
2010 struct
2011 {
2012 UCHAR WaitBlockFill10[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 68/0x44, 64bit: 136/0x88
2013 PVOID Win32Thread;
2014 };
2015 struct
2016 {
2017 UCHAR WaitBlockFill11[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, Object)]; // 32bit: 88/0x58, 64bit: 176/0xB0
2018#ifdef _WIN64
2019 struct _UMS_CONTROL_BLOCK* Ucb;
2020 struct _KUMS_CONTEXT_HEADER* Uch;
2021#else
2022 ULONG WaitTime;
2023 union
2024 {
2025 struct
2026 {
2027 SHORT KernelApcDisable;
2028 SHORT SpecialApcDisable;
2029 };
2030 ULONG CombinedApcDisable;
2031 };
2032#endif
2033 };
2034 };
2035
2036#ifdef _WIN64
2037 PVOID TebMappedLowVa;
2038#endif
2039 LIST_ENTRY QueueListEntry;
2040#if (NTDDI_VERSION >= 0x060223F0) // since 6.2.9200.16384
2041 union
2042 {
2043 ULONG NextProcessor;
2044 struct
2045 {
2046 ULONG NextProcessorNumber : 31;
2047 ULONG SharedReadyQueue : 1;
2048 };
2049 };
2050 LONG QueuePriority;
2051#else
2052 ULONG NextProcessor;
2053 ULONG DeferredProcessor;
2054#endif
2055 PKPROCESS Process;
2056
2057 union
2058 {
2059 GROUP_AFFINITY UserAffinity;
2060 struct
2061 {
2062 UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
2063 CHAR PreviousMode;
2064 CHAR BasePriority;
2065 union
2066 {
2067 CHAR PriorityDecrement;
2068 struct
2069 {
2070 UCHAR ForegroundBoost : 4;
2071 UCHAR UnusualBoost : 4;
2072 };
2073 };
2074 UCHAR Preempted;
2075 UCHAR AdjustReason;
2076 CHAR AdjustIncrement;
2077 };
2078 };
2079
2080#if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
2081 ULONG_PTR AffinityVersion;
2082#endif
2083 union
2084 {
2085 GROUP_AFFINITY Affinity;
2086 struct
2087 {
2088 UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
2089 UCHAR ApcStateIndex;
2090 UCHAR WaitBlockCount;
2091 ULONG IdealProcessor;
2092 };
2093 };
2094
2095#if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
2096#ifdef _WIN64
2097 ULONG64 NpxState;
2098#else
2099 ULONG Spare15;
2100#endif
2101#else
2102 PKAPC_STATE ApcStatePointer[2];
2103#endif
2104
2105 union
2106 {
2107 KAPC_STATE SavedApcState;
2108 struct
2109 {
2110 UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1]; // 32bit: 23/0x17, 64bit: 43/0x2B
2111 UCHAR WaitReason;
2112 CHAR SuspendCount;
2113 CHAR Saturation;
2114 SHORT SListFaultCount;
2115 };
2116 };
2117
2118 union
2119 {
2120 KAPC SchedulerApc;
2121 struct
2122 {
2123 UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]; // 32bit: 1/0x01, 64bit: 1/0x01
2124 UCHAR ResourceIndex;
2125 };
2126 struct
2127 {
2128 UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]; // 32bit: 3/0x03, 64bit: 3/0x03
2129 UCHAR QuantumReset;
2130 };
2131 struct
2132 {
2133 UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]; // 32bit: 4/0x04, 64bit: 4/0x04
2134 ULONG KernelTime;
2135 };
2136 struct
2137 {
2138 UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]; // 32 bit:, 64 bit: 64/0x40
2139 PKPRCB WaitPrcb;
2140 };
2141 struct
2142 {
2143 UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 32 bit:, 64 bit: 72/0x48
2144 PVOID LegoData;
2145 };
2146 struct
2147 {
2148 UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 32 bit:, 64 bit: 83/0x53
2149 UCHAR CallbackNestingLevel;
2150 ULONG UserTime;
2151 };
2152 };
2153
2154 KEVENT SuspendEvent;
2155 LIST_ENTRY ThreadListEntry;
2156 LIST_ENTRY MutantListHead;
2157
2158#if (NTDDI_VERSION >= NTDDI_WIN10)
2159 UCHAR AbEntrySummary;
2160 UCHAR AbWaitEntryCount;
2161 USHORT Spare20;
2162#if _WIN64
2163 ULONG SecureThreadCookie;
2164#endif
2165#elif (NTDDI_VERSION >= NTDDI_WINBLUE) // 6.3.9431.0
2166 SINGLE_LIST_ENTRY LockEntriesFreeList;
2167#endif
2168
2169#if (NTDDI_VERSION >= NTDDI_WINBLUE /* 0x06032580 */) // since 6.3.9600.16384
2170 KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES];
2171 SINGLE_LIST_ENTRY PropagateBoostsEntry;
2172 SINGLE_LIST_ENTRY IoSelfBoostsEntry;
2173 UCHAR PriorityFloorCounts[16];
2174 ULONG PriorityFloorSummary;
2175 volatile LONG AbCompletedIoBoostCount;
2176 #if (NTDDI_VERSION >= NTDDI_WIN10_RS1)
2177 LONG AbCompletedIoQoSBoostCount;
2178 #endif
2179
2180 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
2181 volatile SHORT KeReferenceCount;
2182 #else
2183 volatile SHORT AbReferenceCount;
2184 #endif
2185 #if (NTDDI_VERSION >= 0x06040000) // since 6.4.9841.0
2186 UCHAR AbOrphanedEntrySummary;
2187 UCHAR AbOwnedEntryCount;
2188 #else
2189 UCHAR AbFreeEntryCount;
2190 UCHAR AbWaitEntryCount;
2191 #endif
2192 ULONG ForegroundLossTime;
2193 union
2194 {
2195 LIST_ENTRY GlobalForegroundListEntry;
2196 struct
2197 {
2198 SINGLE_LIST_ENTRY ForegroundDpcStackListEntry;
2199 ULONG_PTR InGlobalForegroundList;
2200 };
2201 };
2202#endif
2203
2204#if _WIN64
2205 LONG64 ReadOperationCount;
2206 LONG64 WriteOperationCount;
2207 LONG64 OtherOperationCount;
2208 LONG64 ReadTransferCount;
2209 LONG64 WriteTransferCount;
2210 LONG64 OtherTransferCount;
2211#endif
2212#if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10041.0
2213 struct _KSCB *QueuedScb;
2214#ifndef _WIN64
2215 ULONG64 NpxState;
2216#endif
2217#endif
2218} KTHREAD;
2219
2220#endif
2221
2222
2223#define ASSERT_THREAD(object) \
2224 ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ThreadObject))
2225
2226//
2227// Kernel Process (KPROCESS)
2228//
2229typedef struct _KPROCESS
2230{
2231 DISPATCHER_HEADER Header;
2232 LIST_ENTRY ProfileListHead;
2233#if (NTDDI_VERSION >= NTDDI_LONGHORN)
2234 ULONG_PTR DirectoryTableBase;
2235 ULONG_PTR Unused0;
2236#else
2237 ULONG_PTR DirectoryTableBase[2];
2238#endif
2239#if defined(_M_IX86)
2240 KGDTENTRY LdtDescriptor;
2241 KIDTENTRY Int21Descriptor;
2242#endif
2243 USHORT IopmOffset;
2244#if defined(_M_IX86)
2245 UCHAR Iopl;
2246 UCHAR Unused;
2247#endif
2248 volatile KAFFINITY ActiveProcessors;
2249 ULONG KernelTime;
2250 ULONG UserTime;
2251 LIST_ENTRY ReadyListHead;
2252 SINGLE_LIST_ENTRY SwapListEntry;
2253 PVOID VdmTrapcHandler;
2254 LIST_ENTRY ThreadListHead;
2255 KSPIN_LOCK ProcessLock;
2256 KAFFINITY Affinity;
2257 union
2258 {
2259 struct
2260 {
2261 LONG AutoAlignment:1;
2262 LONG DisableBoost:1;
2263 LONG DisableQuantum:1;
2264 LONG ReservedFlags:29;
2265 };
2266 LONG ProcessFlags;
2267 };
2268 SCHAR BasePriority;
2269 SCHAR QuantumReset;
2270 UCHAR State;
2271 UCHAR ThreadSeed;
2272 UCHAR PowerState;
2273 UCHAR IdealNode;
2274 UCHAR Visited;
2275 union
2276 {
2277 KEXECUTE_OPTIONS Flags;
2278 UCHAR ExecuteOptions;
2279 };
2280 ULONG StackCount;
2281 LIST_ENTRY ProcessListEntry;
2282#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
2283 ULONGLONG CycleTime;
2284#endif // ]
2285} KPROCESS;
2286
2287#define ASSERT_PROCESS(object) \
2288 ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ProcessObject))
2289
2290//
2291// System Service Table Descriptor
2292//
2293typedef struct _KSERVICE_TABLE_DESCRIPTOR
2294{
2295 PULONG_PTR Base;
2296 PULONG Count;
2297 ULONG Limit;
2298#if defined(_IA64_)
2299 LONG TableBaseGpOffset;
2300#endif
2301 PUCHAR Number;
2302} KSERVICE_TABLE_DESCRIPTOR, *PKSERVICE_TABLE_DESCRIPTOR;
2303
2304#if (NTDDI_VERSION >= NTDDI_WIN8)
2305//
2306// Entropy Timing State
2307//
2308typedef struct _KENTROPY_TIMING_STATE
2309{
2310 ULONG EntropyCount;
2311 ULONG Buffer[64];
2312 KDPC Dpc;
2313 ULONG LastDeliveredBuffer;
2314 PULONG RawDataBuffer;
2315} KENTROPY_TIMING_STATE, *PKENTROPY_TIMING_STATE;
2316
2317//
2318// Constants from ks386.inc, ksamd64.inc and ksarm.h
2319//
2320#define KENTROPY_TIMING_INTERRUPTS_PER_BUFFER 0x400
2321#define KENTROPY_TIMING_BUFFER_MASK 0x7ff
2322#define KENTROPY_TIMING_ANALYSIS 0x0
2323
2324#endif /* (NTDDI_VERSION >= NTDDI_WIN8) */
2325
2326//
2327// Exported Loader Parameter Block
2328//
2329extern struct _LOADER_PARAMETER_BLOCK NTSYSAPI *KeLoaderBlock;
2330
2331//
2332// Exported Hardware Data
2333//
2334extern ULONG NTSYSAPI KiDmaIoCoherency;
2335extern ULONG NTSYSAPI KeMaximumIncrement;
2336extern ULONG NTSYSAPI KeMinimumIncrement;
2337extern ULONG NTSYSAPI KeDcacheFlushCount;
2338extern ULONG NTSYSAPI KeIcacheFlushCount;
2339extern ULONG_PTR NTSYSAPI KiBugCheckData[];
2340extern BOOLEAN NTSYSAPI KiEnableTimerWatchdog;
2341
2342//
2343// Exported System Service Descriptor Tables
2344//
2345extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES];
2346extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES];
2347
2348#endif // !NTOS_MODE_USER
2349
2350#endif // _KETYPES_H
PreviousMode
_In_ PVOID _In_ ULONG _Out_ PVOID _In_ ULONG _Inout_ PULONG _In_ KPROCESSOR_MODE PreviousMode
Definition: KdSystemDebugControl.c:35
VOID
#define VOID
Definition: acefi.h:82
BOOLEAN
unsigned char BOOLEAN
Definition: actypes.h:127
ServiceTable
static SERVICE_TABLE_ENTRYW ServiceTable[2]
Definition: eventlog.c:24
NTSYSAPI
#define NTSYSAPI
Definition: ntoskrnl.h:12
Buffer
Definition: bufpool.h:45
KAFFINITY
ULONG_PTR KAFFINITY
Definition: compat.h:85
DECLSPEC_ALIGN
#define DECLSPEC_ALIGN(x)
Definition: corecrt.h:141
NT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE NT_PRODUCT_TYPE
PNT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE * PNT_PRODUCT_TYPE
_NT_PRODUCT_TYPE
_NT_PRODUCT_TYPE
Definition: shellpath.c:63
NtProductWinNt
@ NtProductWinNt
Definition: shellpath.c:64
NtProductLanManNt
@ NtProductLanManNt
Definition: shellpath.c:65
NtProductServer
@ NtProductServer
Definition: shellpath.c:66
KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591
KSPIN_LOCK
ULONG KSPIN_LOCK
Definition: env_spec_w32.h:72
PKSPIN_LOCK
KSPIN_LOCK * PKSPIN_LOCK
Definition: env_spec_w32.h:73
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
_HARDWARE_COUNTER_TYPE
_HARDWARE_COUNTER_TYPE
Definition: pstypes.h:123
Unused
#define Unused(x)
Definition: atlwin.h:28
ULONG64
unsigned __int64 ULONG64
Definition: imports.h:198
LONG_PTR
__int3264 LONG_PTR
Definition: mstsclib_h.h:276
KernelMode
#define KernelMode
Definition: asm.h:38
UserMode
#define UserMode
Definition: asm.h:39
NUMBER_OF_LOCK_ENTRIES
#define NUMBER_OF_LOCK_ENTRIES
Definition: ketypes.h:1803
KINTERRUPT
struct _KINTERRUPT KINTERRUPT
PKSYSTEM_ROUTINE
VOID(NTAPI * PKSYSTEM_ROUTINE)(PKSTART_ROUTINE StartRoutine, PVOID StartContext)
Definition: ketypes.h:881
KeIcacheFlushCount
ULONG NTSYSAPI KeIcacheFlushCount
Definition: cpu.c:19
PKNODE
struct _KNODE * PKNODE
_KPROCESS_STATE
_KPROCESS_STATE
Definition: ketypes.h:478
ProcessOutOfMemory
@ ProcessOutOfMemory
Definition: ketypes.h:480
ProcessInMemory
@ ProcessInMemory
Definition: ketypes.h:479
ProcessOutSwap
@ ProcessOutSwap
Definition: ketypes.h:483
ProcessInSwap
@ ProcessInSwap
Definition: ketypes.h:482
ProcessInTransition
@ ProcessInTransition
Definition: ketypes.h:481
KPROFILE
struct _KPROFILE KPROFILE
KDPC_DATA
struct _KDPC_DATA KDPC_DATA
KTHREAD_COUNTERS
struct _KTHREAD_COUNTERS KTHREAD_COUNTERS
KDPC_LIST
struct _KDPC_LIST KDPC_LIST
PCOUNTER_READING
struct _COUNTER_READING * PCOUNTER_READING
KEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS KEXECUTE_OPTIONS
FIBER
struct _FIBER FIBER
PKDPC_LIST
struct _KDPC_LIST * PKDPC_LIST
ADJUST_REASON
enum _ADJUST_REASON ADJUST_REASON
PKEVENT_PAIR
struct _KEVENT_PAIR * PKEVENT_PAIR
_KOBJECTS
_KOBJECTS
Definition: ketypes.h:424
ApcObject
@ ApcObject
Definition: ketypes.h:443
Spare3Object
@ Spare3Object
Definition: ketypes.h:436
ProfileObject
@ ProfileObject
Definition: ketypes.h:448
EventSynchronizationObject
@ EventSynchronizationObject
Definition: ketypes.h:426
TimerNotificationObject
@ TimerNotificationObject
Definition: ketypes.h:433
Spare4Object
@ Spare4Object
Definition: ketypes.h:437
DeviceQueueObject
@ DeviceQueueObject
Definition: ketypes.h:445
TimerSynchronizationObject
@ TimerSynchronizationObject
Definition: ketypes.h:434
Spare5Object
@ Spare5Object
Definition: ketypes.h:438
Spare2Object
@ Spare2Object
Definition: ketypes.h:435
MaximumKernelObject
@ MaximumKernelObject
Definition: ketypes.h:450
QueueObject
@ QueueObject
Definition: ketypes.h:429
Spare8Object
@ Spare8Object
Definition: ketypes.h:441
Spare6Object
@ Spare6Object
Definition: ketypes.h:439
ProcessObject
@ ProcessObject
Definition: ketypes.h:428
SemaphoreObject
@ SemaphoreObject
Definition: ketypes.h:430
DpcObject
@ DpcObject
Definition: ketypes.h:444
EventNotificationObject
@ EventNotificationObject
Definition: ketypes.h:425
GateObject
@ GateObject
Definition: ketypes.h:432
ThreadObject
@ ThreadObject
Definition: ketypes.h:431
ThreadedDpcObject
@ ThreadedDpcObject
Definition: ketypes.h:449
Spare7Object
@ Spare7Object
Definition: ketypes.h:440
MutantObject
@ MutantObject
Definition: ketypes.h:427
InterruptObject
@ InterruptObject
Definition: ketypes.h:447
EventPairObject
@ EventPairObject
Definition: ketypes.h:446
Spare9Object
@ Spare9Object
Definition: ketypes.h:442
PPP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST * PPP_LOOKASIDE_LIST
KiBugCheckData
ULONG_PTR NTSYSAPI KiBugCheckData[]
Definition: bug.c:31
KEVENT_PAIR
struct _KEVENT_PAIR KEVENT_PAIR
PKTHREAD_COUNTERS
struct _KTHREAD_COUNTERS * PKTHREAD_COUNTERS
KCONTINUE_STATUS
enum _KCONTINUE_STATUS KCONTINUE_STATUS
RTL_RB_TREE
struct _RTL_RB_TREE RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.
KLOCK_ENTRY
struct _KLOCK_ENTRY KLOCK_ENTRY
PKDPC_DATA
struct _KDPC_DATA * PKDPC_DATA
KTHREAD
struct _KTHREAD KTHREAD
KTIMER_TABLE
struct _KTIMER_TABLE KTIMER_TABLE
KiDmaIoCoherency
ULONG NTSYSAPI KiDmaIoCoherency
Definition: cpu.c:30
PP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST PP_LOOKASIDE_LIST
_VDMSERVICECLASS
_VDMSERVICECLASS
Definition: ketypes.h:490
VdmSetLdtEntries
@ VdmSetLdtEntries
Definition: ketypes.h:501
VdmSetProcessLdtInfo
@ VdmSetProcessLdtInfo
Definition: ketypes.h:502
VdmQueryDir
@ VdmQueryDir
Definition: ketypes.h:497
VdmSetInt21Handler
@ VdmSetInt21Handler
Definition: ketypes.h:496
VdmAdlibEmulation
@ VdmAdlibEmulation
Definition: ketypes.h:503
VdmQueueInterrupt
@ VdmQueueInterrupt
Definition: ketypes.h:492
VdmDelayInterrupt
@ VdmDelayInterrupt
Definition: ketypes.h:493
VdmPrinterDirectIoClose
@ VdmPrinterDirectIoClose
Definition: ketypes.h:499
VdmPrinterDirectIoOpen
@ VdmPrinterDirectIoOpen
Definition: ketypes.h:498
VdmPrinterInitialize
@ VdmPrinterInitialize
Definition: ketypes.h:500
VdmFeatures
@ VdmFeatures
Definition: ketypes.h:495
VdmPMCliControl
@ VdmPMCliControl
Definition: ketypes.h:504
VdmInitialize
@ VdmInitialize
Definition: ketypes.h:494
VdmQueryVdmProcess
@ VdmQueryVdmProcess
Definition: ketypes.h:505
VdmStartExecution
@ VdmStartExecution
Definition: ketypes.h:491
KTHREAD_STATE
enum _KTHREAD_STATE KTHREAD_STATE
COUNTER_READING
struct _COUNTER_READING COUNTER_READING
PKLOCK_ENTRY
struct _KLOCK_ENTRY * PKLOCK_ENTRY
PFIBER
struct _FIBER * PFIBER
KeMaximumIncrement
ULONG NTSYSAPI KeMaximumIncrement
Definition: clock.c:20
PKTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY * PKTIMER_TABLE_ENTRY
KPROCESS
struct _KPROCESS KPROCESS
PKRUNDOWN_ROUTINE
VOID(NTAPI * PKRUNDOWN_ROUTINE)(IN struct _KAPC *Apc)
Definition: ketypes.h:894
KLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE KLOCK_ENTRY_LOCK_STATE
KWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER KWAIT_STATUS_REGISTER
_KTHREAD_STATE
_KTHREAD_STATE
Definition: ketypes.h:406
Terminated
@ Terminated
Definition: ketypes.h:411
Ready
@ Ready
Definition: ketypes.h:408
Running
@ Running
Definition: ketypes.h:409
GateWait
@ GateWait
Definition: ketypes.h:416
Standby
@ Standby
Definition: ketypes.h:410
DeferredReady
@ DeferredReady
Definition: ketypes.h:414
Waiting
@ Waiting
Definition: ketypes.h:412
Transition
@ Transition
Definition: ketypes.h:413
Initialized
@ Initialized
Definition: ketypes.h:407
_KAPC_ENVIRONMENT
_KAPC_ENVIRONMENT
Definition: ketypes.h:910
AttachedApcEnvironment
@ AttachedApcEnvironment
Definition: ketypes.h:912
OriginalApcEnvironment
@ OriginalApcEnvironment
Definition: ketypes.h:911
CurrentApcEnvironment
@ CurrentApcEnvironment
Definition: ketypes.h:913
InsertApcEnvironment
@ InsertApcEnvironment
Definition: ketypes.h:914
PKPROFILE
struct _KPROFILE * PKPROFILE
PKTIMER_TABLE
struct _KTIMER_TABLE * PKTIMER_TABLE
PKENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE * PKENTROPY_TIMING_STATE
KPROCESS_STATE
enum _KPROCESS_STATE KPROCESS_STATE
PKTHREAD_STATE
enum _KTHREAD_STATE * PKTHREAD_STATE
SSDT_MAX_ENTRIES
#define SSDT_MAX_ENTRIES
Definition: ketypes.h:100
KNODE
struct _KNODE KNODE
KOBJECTS
enum _KOBJECTS KOBJECTS
KSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR KSERVICE_TABLE_DESCRIPTOR
KiEnableTimerWatchdog
BOOLEAN NTSYSAPI KiEnableTimerWatchdog
Definition: timerobj.c:20
PKPROCESS_STATE
enum _KPROCESS_STATE * PKPROCESS_STATE
KeServiceDescriptorTable
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES]
Definition: procobj.c:23
VDMSERVICECLASS
enum _VDMSERVICECLASS VDMSERVICECLASS
PGETSETCONTEXT
struct _GETSETCONTEXT * PGETSETCONTEXT
KeDcacheFlushCount
ULONG NTSYSAPI KeDcacheFlushCount
Definition: cpu.c:20
_KCONTINUE_STATUS
_KCONTINUE_STATUS
Definition: ketypes.h:467
ContinueNextProcessor
@ ContinueNextProcessor
Definition: ketypes.h:471
ContinueProcessorReselected
@ ContinueProcessorReselected
Definition: ketypes.h:470
ContinueError
@ ContinueError
Definition: ketypes.h:468
ContinueSuccess
@ ContinueSuccess
Definition: ketypes.h:469
DISPATCH_LENGTH
#define DISPATCH_LENGTH
Definition: ketypes.h:174
PKEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS * PKEXECUTE_OPTIONS
PKSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR * PKSERVICE_TABLE_DESCRIPTOR
_ADJUST_REASON
_ADJUST_REASON
Definition: ketypes.h:457
AdjustUnwait
@ AdjustUnwait
Definition: ketypes.h:459
AdjustNone
@ AdjustNone
Definition: ketypes.h:458
AdjustBoost
@ AdjustBoost
Definition: ketypes.h:460
KENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE KENTROPY_TIMING_STATE
KeLoaderBlock
struct _LOADER_PARAMETER_BLOCK NTSYSAPI * KeLoaderBlock
Definition: krnlinit.c:28
PKWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER * PKWAIT_STATUS_REGISTER
GETSETCONTEXT
struct _GETSETCONTEXT GETSETCONTEXT
PKKERNEL_ROUTINE
VOID(NTAPI * PKKERNEL_ROUTINE)(IN struct _KAPC *Apc, IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL, IN OUT PVOID *NormalContext OPTIONAL, IN OUT PVOID *SystemArgument1 OPTIONAL, IN OUT PVOID *SystemArgument2 OPTIONAL)
Definition: ketypes.h:898
SYNCH_COUNTERS
struct _SYNCH_COUNTERS SYNCH_COUNTERS
KeServiceDescriptorTableShadow
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES]
Definition: procobj.c:24
PSYNCH_COUNTERS
struct _SYNCH_COUNTERS * PSYNCH_COUNTERS
PKNORMAL_ROUTINE
VOID(NTAPI * PKNORMAL_ROUTINE)(IN PVOID NormalContext OPTIONAL, IN PVOID SystemArgument1 OPTIONAL, IN PVOID SystemArgument2 OPTIONAL)
Definition: ketypes.h:888
PRTL_RB_TREE
struct _RTL_RB_TREE * PRTL_RB_TREE
KeMinimumIncrement
ULONG NTSYSAPI KeMinimumIncrement
Definition: clock.c:21
KTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY KTIMER_TABLE_ENTRY
KAPC_ENVIRONMENT
enum _KAPC_ENVIRONMENT KAPC_ENVIRONMENT
PKLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE * PKLOCK_ENTRY_LOCK_STATE
_In_
#define _In_
Definition: no_sal2.h:158
RTL_SIZEOF_THROUGH_FIELD
#define RTL_SIZEOF_THROUGH_FIELD(type, field)
Definition: ntbasedef.h:684
TIMER_TYPE
enum _TIMER_TYPE TIMER_TYPE
_EVENT_TYPE
_EVENT_TYPE
Definition: ntdef.template.h:364
NotificationEvent
@ NotificationEvent
Definition: ntdef.template.h:365
SynchronizationEvent
@ SynchronizationEvent
Definition: ntdef.template.h:366
_WAIT_TYPE
_WAIT_TYPE
Definition: ntdef.template.h:374
WaitAll
@ WaitAll
Definition: ntdef.template.h:375
WaitAny
@ WaitAny
Definition: ntdef.template.h:376
EVENT_TYPE
enum _EVENT_TYPE EVENT_TYPE
WAIT_TYPE
enum _WAIT_TYPE WAIT_TYPE
_TIMER_TYPE
_TIMER_TYPE
Definition: ntdef.template.h:369
SynchronizationTimer
@ SynchronizationTimer
Definition: ntdef.template.h:371
NotificationTimer
@ NotificationTimer
Definition: ntdef.template.h:370
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
WCHAR
short WCHAR
Definition: pedump.c:58
SHORT
short SHORT
Definition: pedump.c:59
LONG
long LONG
Definition: pedump.c:60
USHORT
unsigned short USHORT
Definition: pedump.c:61
CHAR
char CHAR
Definition: pedump.c:57
Reserved4
@ Reserved4
Definition: sacdrv.h:1472
Reserved2
@ Reserved2
Definition: sacdrv.h:1470
Reserved5
@ Reserved5
Definition: sacdrv.h:1473
Reserved1
@ Reserved1
Definition: sacdrv.h:1464
KINTERRUPT_MODE
enum _KINTERRUPT_MODE KINTERRUPT_MODE
SCHAR
signed char SCHAR
Definition: sqltypes.h:14
_ACTIVATION_CONTEXT_STACK
Definition: rtltypes.h:966
_CONTEXT
Definition: nt_native.h:1409
_COUNTER_READING
Definition: ketypes.h:1157
_COUNTER_READING::Index
ULONG Index
Definition: ketypes.h:1159
_COUNTER_READING::Type
enum _HARDWARE_COUNTER_TYPE Type
Definition: ketypes.h:1158
_COUNTER_READING::Start
ULONG64 Start
Definition: ketypes.h:1160
_COUNTER_READING::Total
ULONG64 Total
Definition: ketypes.h:1161
_DISPATCHER_HEADER
Definition: ketypes.h:808
_EXCEPTION_REGISTRATION_RECORD
Definition: compat.h:725
_FIBER
Definition: ketypes.h:142
_FIBER::StackLimit
PVOID StackLimit
Definition: ketypes.h:146
_FIBER::FiberContext
CONTEXT FiberContext
Definition: ketypes.h:148
_FIBER::DeallocationStack
PVOID DeallocationStack
Definition: ketypes.h:147
_FIBER::Wx86Tib
PVOID Wx86Tib
Definition: ketypes.h:150
_FIBER::GuaranteedStackBytes
ULONG GuaranteedStackBytes
Definition: ketypes.h:153
_FIBER::StackBase
PVOID StackBase
Definition: ketypes.h:145
_FIBER::TebFlags
ULONG TebFlags
Definition: ketypes.h:154
_FIBER::ActivationContextStackPointer
struct _ACTIVATION_CONTEXT_STACK * ActivationContextStackPointer
Definition: ketypes.h:151
_FIBER::ExceptionList
struct _EXCEPTION_REGISTRATION_RECORD * ExceptionList
Definition: ketypes.h:144
_FIBER::FiberData
PVOID FiberData
Definition: ketypes.h:143
_FIBER::FlsData
PVOID FlsData
Definition: ketypes.h:152
_GENERAL_LOOKASIDE
Definition: extypes.h:134
_GETSETCONTEXT
Definition: ketypes.h:1048
_GETSETCONTEXT::Context
CONTEXT Context
Definition: ketypes.h:1052
_GETSETCONTEXT::Apc
KAPC Apc
Definition: ketypes.h:1049
_GETSETCONTEXT::Mode
KPROCESSOR_MODE Mode
Definition: ketypes.h:1051
_GETSETCONTEXT::Event
KEVENT Event
Definition: ketypes.h:1050
_GROUP_AFFINITY
Definition: ntbasedef.h:671
_KAPC
Definition: ketypes.h:615
_KAPC::NormalContext
PVOID NormalContext
Definition: ketypes.h:630
_KDPC_DATA
Definition: ketypes.h:992
_KDPC_DATA::DpcCount
ULONG DpcCount
Definition: ketypes.h:1004
_KDPC_DATA::DpcLock
ULONG_PTR DpcLock
Definition: ketypes.h:998
_KDPC_DATA::DpcQueueDepth
volatile ULONG DpcQueueDepth
Definition: ketypes.h:1002
_KDPC_DATA::ActiveDpc
PKDPC ActiveDpc
Definition: ketypes.h:1006
_KDPC_DATA::DpcList
KDPC_LIST DpcList
Definition: ketypes.h:994
_KDPC_LIST
Definition: ketypes.h:933
_KDPC_LIST::ListHead
SINGLE_LIST_ENTRY ListHead
Definition: ketypes.h:934
_KDPC_LIST::LastEntry
SINGLE_LIST_ENTRY * LastEntry
Definition: ketypes.h:935
_KDPC
Definition: ketypes.h:767
_KENTROPY_TIMING_STATE
Definition: ketypes.h:2309
_KENTROPY_TIMING_STATE::EntropyCount
ULONG EntropyCount
Definition: ketypes.h:2310
_KENTROPY_TIMING_STATE::LastDeliveredBuffer
ULONG LastDeliveredBuffer
Definition: ketypes.h:2313
_KENTROPY_TIMING_STATE::RawDataBuffer
PULONG RawDataBuffer
Definition: ketypes.h:2314
_KENTROPY_TIMING_STATE::Dpc
KDPC Dpc
Definition: ketypes.h:2312
_KEVENT_PAIR
Definition: ketypes.h:1119
_KEVENT_PAIR::Type
CSHORT Type
Definition: ketypes.h:1120
_KEVENT_PAIR::HighEvent
KEVENT HighEvent
Definition: ketypes.h:1123
_KEVENT_PAIR::Size
CSHORT Size
Definition: ketypes.h:1121
_KEVENT_PAIR::LowEvent
KEVENT LowEvent
Definition: ketypes.h:1122
_KEVENT
Definition: ketypes.h:879
_KEXECUTE_OPTIONS
Definition: ketypes.h:1130
_KEXECUTE_OPTIONS::DisableThunkEmulation
UCHAR DisableThunkEmulation
Definition: ketypes.h:1133
_KEXECUTE_OPTIONS::ExecuteDisable
UCHAR ExecuteDisable
Definition: ketypes.h:1131
_KEXECUTE_OPTIONS::ExecuteEnable
UCHAR ExecuteEnable
Definition: ketypes.h:1132
_KEXECUTE_OPTIONS::Permanent
UCHAR Permanent
Definition: ketypes.h:1134
_KEXECUTE_OPTIONS::ExecuteDispatchEnable
UCHAR ExecuteDispatchEnable
Definition: ketypes.h:1135
_KEXECUTE_OPTIONS::ImageDispatchEnable
UCHAR ImageDispatchEnable
Definition: ketypes.h:1136
_KEXECUTE_OPTIONS::Spare
UCHAR Spare
Definition: ketypes.h:1137
_KGATE
Definition: ketypes.h:890
_KGDTENTRY
Definition: ketypes.h:388
_KIDTENTRY
Definition: ketypes.h:439
_KINTERRUPT
Definition: ketypes.h:1078
_KINTERRUPT::SynchronizeIrql
KIRQL SynchronizeIrql
Definition: ketypes.h:1094
_KINTERRUPT::Number
CCHAR Number
Definition: ketypes.h:1097
_KINTERRUPT::ServiceCount
ULONG ServiceCount
Definition: ketypes.h:1103
_KINTERRUPT::DispatchAddress
PKINTERRUPT_ROUTINE DispatchAddress
Definition: ketypes.h:1091
_KINTERRUPT::DispatchCount
ULONG DispatchCount
Definition: ketypes.h:1104
_KINTERRUPT::Size
CSHORT Size
Definition: ketypes.h:1080
_KINTERRUPT::DispatchCode
ULONG DispatchCode[DISPATCH_LENGTH]
Definition: ketypes.h:1112
_KINTERRUPT::Connected
BOOLEAN Connected
Definition: ketypes.h:1096
_KINTERRUPT::Polarity
KINTERRUPT_POLARITY Polarity
Definition: ketypes.h:1101
_KINTERRUPT::Mode
KINTERRUPT_MODE Mode
Definition: ketypes.h:1099
_KINTERRUPT::ShareVector
BOOLEAN ShareVector
Definition: ketypes.h:1098
_KINTERRUPT::Vector
ULONG Vector
Definition: ketypes.h:1092
_KINTERRUPT::MessageServiceRoutine
PKSERVICE_ROUTINE MessageServiceRoutine
Definition: ketypes.h:1084
_KINTERRUPT::SpinLock
KSPIN_LOCK SpinLock
Definition: ketypes.h:1088
_KINTERRUPT::Irql
KIRQL Irql
Definition: ketypes.h:1093
_KINTERRUPT::FloatingSave
BOOLEAN FloatingSave
Definition: ketypes.h:1095
_KINTERRUPT::InterruptListEntry
LIST_ENTRY InterruptListEntry
Definition: ketypes.h:1081
_KINTERRUPT::MessageIndex
ULONG MessageIndex
Definition: ketypes.h:1085
_KINTERRUPT::TickCount
ULONG TickCount
Definition: ketypes.h:1089
_KINTERRUPT::ActualLock
PKSPIN_LOCK ActualLock
Definition: ketypes.h:1090
_KINTERRUPT::Type
CSHORT Type
Definition: ketypes.h:1079
_KINTERRUPT::Rsvd1
ULONGLONG Rsvd1
Definition: ketypes.h:1106
_KINTERRUPT::ServiceRoutine
PKSERVICE_ROUTINE ServiceRoutine
Definition: ketypes.h:1082
_KINTERRUPT::ServiceContext
PVOID ServiceContext
Definition: ketypes.h:1087
_KLOCK_ENTRY_LOCK_STATE
Definition: ketypes.h:1187
_KLOCK_ENTRY_LOCK_STATE::Busy
ULONG_PTR Busy
Definition: ketypes.h:1197
_KLOCK_ENTRY_LOCK_STATE::CrossThreadReleasable
ULONG_PTR CrossThreadReleasable
Definition: ketypes.h:1193
_KLOCK_ENTRY_LOCK_STATE::InTree
ULONG_PTR InTree
Definition: ketypes.h:1199
_KLOCK_ENTRY_LOCK_STATE::Reserved
ULONG_PTR Reserved
Definition: ketypes.h:1198
_KLOCK_ENTRY_LOCK_STATE::LockState
PVOID LockState
Definition: ketypes.h:1201
_KLOCK_ENTRY_LOCK_STATE::SessionId
ULONG SessionId
Definition: ketypes.h:1208
_KLOCK_ENTRY_LOCK_STATE::SessionState
PVOID SessionState
Definition: ketypes.h:1205
_KLOCK_ENTRY
Definition: ketypes.h:1217
_KLOCK_ENTRY::LockState
KLOCK_ENTRY_LOCK_STATE LockState
Definition: ketypes.h:1280
_KLOCK_ENTRY::Spare0
UCHAR Spare0
Definition: ketypes.h:1236
_KLOCK_ENTRY::AcquiredByte
UCHAR AcquiredByte
Definition: ketypes.h:1241
_KLOCK_ENTRY::SessionState
PVOID SessionState
Definition: ketypes.h:1293
_KLOCK_ENTRY::WaitingBit
UCHAR WaitingBit
Definition: ketypes.h:1235
_KLOCK_ENTRY::IoBoost
USHORT IoBoost
Definition: ketypes.h:1326
_KLOCK_ENTRY::WaiterTree
RTL_RB_TREE WaiterTree
Definition: ketypes.h:1309
_KLOCK_ENTRY::SessionId
ULONG SessionId
Definition: ketypes.h:1296
_KLOCK_ENTRY::IoQoSWaiterCount
USHORT IoQoSWaiterCount
Definition: ketypes.h:1332
_KLOCK_ENTRY::IoQoSBoost
USHORT IoQoSBoost
Definition: ketypes.h:1330
_KLOCK_ENTRY::EntryLock
ULONG_PTR EntryLock
Definition: ketypes.h:1313
_KLOCK_ENTRY::CrossThreadReleasableAndBusyByte
volatile UCHAR CrossThreadReleasableAndBusyByte
Definition: ketypes.h:1285
_KLOCK_ENTRY::OwnerTree
RTL_RB_TREE OwnerTree
Definition: ketypes.h:1308
_KLOCK_ENTRY::AllFlags
ULONG AllFlags
Definition: ketypes.h:1259
_KLOCK_ENTRY::HeadNodeBit
UCHAR HeadNodeBit
Definition: ketypes.h:1249
_KLOCK_ENTRY::FreeListEntry
SINGLE_LIST_ENTRY FreeListEntry
Definition: ketypes.h:1221
_KLOCK_ENTRY::IoQoSWaiter
UCHAR IoQoSWaiter
Definition: ketypes.h:1251
_KLOCK_ENTRY::EntryFlags
ULONG EntryFlags
Definition: ketypes.h:1226
_KLOCK_ENTRY::AcquiredBit
UCHAR AcquiredBit
Definition: ketypes.h:1242
_KLOCK_ENTRY::InTreeByte
UCHAR InTreeByte
Definition: ketypes.h:1290
_KLOCK_ENTRY::CpuBoostsBitmap
USHORT CpuBoostsBitmap
Definition: ketypes.h:1325
_KLOCK_ENTRY::LockUnsafe
PVOID LockUnsafe
Definition: ketypes.h:1281
_KLOCK_ENTRY::ThreadLocalFlags
UCHAR ThreadLocalFlags
Definition: ketypes.h:1232
_KLOCK_ENTRY::IoPriorityBit
UCHAR IoPriorityBit
Definition: ketypes.h:1250
_KLOCK_ENTRY::CpuPriorityKey
CHAR CpuPriorityKey
Definition: ketypes.h:1311
_KLOCK_ENTRY::AllBoosts
USHORT AllBoosts
Definition: ketypes.h:1319
_KLOCK_ENTRY::Spare1
UCHAR Spare1
Definition: ketypes.h:1252
_KLOCK_ENTRY::StaticState
ULONG StaticState
Definition: ketypes.h:1258
_KLOCK_ENTRY::EntryOffset
UCHAR EntryOffset
Definition: ketypes.h:1229
_KLOCK_ENTRY::TreeNode
RTL_BALANCED_NODE TreeNode
Definition: ketypes.h:1220
_KLOCK_ENTRY::CrossThreadFlags
UCHAR CrossThreadFlags
Definition: ketypes.h:1246
_KLOCK_ENTRY::IoNormalPriorityWaiterCount
USHORT IoNormalPriorityWaiterCount
Definition: ketypes.h:1331
_KNODE::_flags
Definition: ketypes.h:1035
_KNODE::_flags::Removable
UCHAR Removable
Definition: ketypes.h:1036
_KNODE::_flags::Fill
UCHAR Fill
Definition: ketypes.h:1037
_KNODE
Definition: ketypes.h:1028
_KNODE::DeadStackList
SLIST_HEADER DeadStackList
Definition: ketypes.h:1029
_KNODE::Seed
UCHAR Seed
Definition: ketypes.h:1033
_KNODE::FreeCount
ULONG_PTR FreeCount[2]
Definition: ketypes.h:1040
_KNODE::MmShiftedColor
ULONG MmShiftedColor
Definition: ketypes.h:1039
_KNODE::PfnDeferredList
struct _SINGLE_LIST_ENTRY * PfnDeferredList
Definition: ketypes.h:1041
_KNODE::Flags
struct _KNODE::_flags Flags
_KNODE::NodeNumber
UCHAR NodeNumber
Definition: ketypes.h:1034
_KNODE::ProcessorMask
KAFFINITY ProcessorMask
Definition: ketypes.h:1031
_KNODE::PfnDereferenceSListHead
SLIST_HEADER PfnDereferenceSListHead
Definition: ketypes.h:1030
_KNODE::Color
UCHAR Color
Definition: ketypes.h:1032
_KPRCB
Definition: ketypes.h:654
_KPROCESS
Definition: ketypes.h:2230
_KPROCESS::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:2231
_KPROCESS::BasePriority
SCHAR BasePriority
Definition: ketypes.h:2268
_KPROCESS::QuantumReset
SCHAR QuantumReset
Definition: ketypes.h:2269
_KPROCESS::ProcessListEntry
LIST_ENTRY ProcessListEntry
Definition: ketypes.h:2281
_KPROCESS::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:2252
_KPROCESS::StackCount
ULONG StackCount
Definition: ketypes.h:2280
_KPROCESS::ThreadSeed
UCHAR ThreadSeed
Definition: ketypes.h:2271
_KPROCESS::IdealNode
UCHAR IdealNode
Definition: ketypes.h:2273
_KPROCESS::DisableQuantum
LONG DisableQuantum
Definition: ketypes.h:2263
_KPROCESS::DisableBoost
LONG DisableBoost
Definition: ketypes.h:2262
_KPROCESS::IopmOffset
USHORT IopmOffset
Definition: ketypes.h:2243
_KPROCESS::ProcessFlags
LONG ProcessFlags
Definition: ketypes.h:2266
_KPROCESS::ExecuteOptions
UCHAR ExecuteOptions
Definition: ketypes.h:2278
_KPROCESS::Unused0
ULONG_PTR Unused0
Definition: ketypes.h:2235
_KPROCESS::VdmTrapcHandler
PVOID VdmTrapcHandler
Definition: ketypes.h:2253
_KPROCESS::ActiveProcessors
volatile KAFFINITY ActiveProcessors
Definition: ketypes.h:2248
_KPROCESS::KernelTime
ULONG KernelTime
Definition: ketypes.h:2249
_KPROCESS::AutoAlignment
LONG AutoAlignment
Definition: ketypes.h:2261
_KPROCESS::DirectoryTableBase
ULONG_PTR DirectoryTableBase
Definition: ketypes.h:2234
_KPROCESS::Visited
UCHAR Visited
Definition: ketypes.h:2274
_KPROCESS::UserTime
ULONG UserTime
Definition: ketypes.h:2250
_KPROCESS::CycleTime
ULONGLONG CycleTime
Definition: ketypes.h:2283
_KPROCESS::State
UCHAR State
Definition: ketypes.h:2270
_KPROCESS::Affinity
KAFFINITY Affinity
Definition: ketypes.h:2256
_KPROCESS::ProfileListHead
LIST_ENTRY ProfileListHead
Definition: ketypes.h:2232
_KPROCESS::ReservedFlags
LONG ReservedFlags
Definition: ketypes.h:2264
_KPROCESS::PowerState
UCHAR PowerState
Definition: ketypes.h:2272
_KPROCESS::Flags
KEXECUTE_OPTIONS Flags
Definition: ketypes.h:2277
_KPROCESS::ThreadListHead
LIST_ENTRY ThreadListHead
Definition: ketypes.h:2254
_KPROCESS::ReadyListHead
LIST_ENTRY ReadyListHead
Definition: ketypes.h:2251
_KPROCESS::ProcessLock
KSPIN_LOCK ProcessLock
Definition: ketypes.h:2255
_KPROFILE
Definition: ketypes.h:1059
_KPROFILE::Process
struct _KPROCESS * Process
Definition: ketypes.h:1063
_KPROFILE::Size
CSHORT Size
Definition: ketypes.h:1061
_KPROFILE::BucketShift
ULONG BucketShift
Definition: ketypes.h:1066
_KPROFILE::RangeLimit
PVOID RangeLimit
Definition: ketypes.h:1065
_KPROFILE::Source
KPROFILE_SOURCE Source
Definition: ketypes.h:1070
_KPROFILE::Buffer
PVOID Buffer
Definition: ketypes.h:1067
_KPROFILE::Started
BOOLEAN Started
Definition: ketypes.h:1071
_KPROFILE::Segment
ULONG_PTR Segment
Definition: ketypes.h:1068
_KPROFILE::RangeBase
PVOID RangeBase
Definition: ketypes.h:1064
_KPROFILE::Type
CSHORT Type
Definition: ketypes.h:1060
_KPROFILE::Affinity
KAFFINITY Affinity
Definition: ketypes.h:1069
_KPROFILE::ProfileListEntry
LIST_ENTRY ProfileListEntry
Definition: ketypes.h:1062
_KQUEUE
Definition: ketypes.h:1733
_KSEMAPHORE
Definition: ketypes.h:883
_KSERVICE_TABLE_DESCRIPTOR
Definition: ketypes.h:2294
_KSERVICE_TABLE_DESCRIPTOR::Count
PULONG Count
Definition: ketypes.h:2296
_KSERVICE_TABLE_DESCRIPTOR::Base
PULONG_PTR Base
Definition: ketypes.h:2295
_KSERVICE_TABLE_DESCRIPTOR::Limit
ULONG Limit
Definition: ketypes.h:2297
_KSERVICE_TABLE_DESCRIPTOR::Number
PUCHAR Number
Definition: ketypes.h:2301
_KSYSTEM_TIME
Definition: wdm.h:4
_KSYSTEM_TIME::High1Time
LONG High1Time
Definition: wdm.h:6
_KSYSTEM_TIME::High2Time
LONG High2Time
Definition: wdm.h:7
_KSYSTEM_TIME::LowPart
ULONG LowPart
Definition: wdm.h:5
_KTHREAD_COUNTERS
Definition: ketypes.h:1165
_KTHREAD_COUNTERS::CycleTimeBias
ULONG64 CycleTimeBias
Definition: ketypes.h:1170
_KTHREAD_COUNTERS::WaitReasonBitMap
ULONG64 WaitReasonBitMap
Definition: ketypes.h:1166
_KTHREAD_COUNTERS::HardwareCounters
ULONG64 HardwareCounters
Definition: ketypes.h:1171
_KTHREAD_COUNTERS::UserData
struct _THREAD_PERFORMANCE_DATA * UserData
Definition: ketypes.h:1167
_KTHREAD_COUNTERS::Flags
ULONG Flags
Definition: ketypes.h:1168
_KTHREAD_COUNTERS::HwCounter
COUNTER_READING HwCounter[16]
Definition: ketypes.h:1172
_KTHREAD_COUNTERS::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:1169
_KTHREAD
Definition: ketypes.h:1807
_KTHREAD::ApcInterruptRequest
ULONG ApcInterruptRequest
Definition: ketypes.h:1850
_KTHREAD::TrapFrame
PKTRAP_FRAME TrapFrame
Definition: ketypes.h:1921
_KTHREAD::InitialStack
PVOID InitialStack
Definition: ketypes.h:1811
_KTHREAD::SystemCallNumber
ULONG SystemCallNumber
Definition: ketypes.h:1916
_KTHREAD::Queue
PKQUEUE Queue
Definition: ketypes.h:1953
_KTHREAD::UserIdealProcessor
ULONG UserIdealProcessor
Definition: ketypes.h:1930
_KTHREAD::AdjustReason
UCHAR AdjustReason
Definition: ketypes.h:2075
_KTHREAD::UnusualBoost
UCHAR UnusualBoost
Definition: ketypes.h:2071
_KTHREAD::CurrentRunTime
ULONG CurrentRunTime
Definition: ketypes.h:1820
_KTHREAD::SchedulerApcFill4
UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]
Definition: ketypes.h:2143
_KTHREAD::Affinity
GROUP_AFFINITY Affinity
Definition: ketypes.h:2085
_KTHREAD::IdealProcessor
ULONG IdealProcessor
Definition: ketypes.h:2091
_KTHREAD::ThreadFlagsSpare
ULONG ThreadFlagsSpare
Definition: ketypes.h:1897
_KTHREAD::UserStackWalkActive
ULONG UserStackWalkActive
Definition: ketypes.h:1849
_KTHREAD::DisableBoost
ULONG DisableBoost
Definition: ketypes.h:1872
_KTHREAD::WaitStatus
volatile INT_PTR WaitStatus
Definition: ketypes.h:1946
_KTHREAD::ForegroundBoost
UCHAR ForegroundBoost
Definition: ketypes.h:2070
_KTHREAD::ProcessReadyQueue
ULONG ProcessReadyQueue
Definition: ketypes.h:1842
_KTHREAD::ChargeOnlyGroup
ULONG ChargeOnlyGroup
Definition: ketypes.h:1879
_KTHREAD::QuantumDonation
ULONG QuantumDonation
Definition: ketypes.h:1875
_KTHREAD::WaitMode
KPROCESSOR_MODE WaitMode
Definition: ketypes.h:1943
_KTHREAD::CallbackNestingLevel
UCHAR CallbackNestingLevel
Definition: ketypes.h:2149
_KTHREAD::WaitListEntry
LIST_ENTRY WaitListEntry
Definition: ketypes.h:1950
_KTHREAD::FreezeCount
ULONG FreezeCount
Definition: ketypes.h:1884
_KTHREAD::SListFaultCount
SHORT SListFaultCount
Definition: ketypes.h:2114
_KTHREAD::ReservedStackInUse
ULONG ReservedStackInUse
Definition: ketypes.h:1859
_KTHREAD::AbCompletedIoQoSBoostCount
LONG AbCompletedIoQoSBoostCount
Definition: ketypes.h:2177
_KTHREAD::PriorityDecrement
CHAR PriorityDecrement
Definition: ketypes.h:2067
_KTHREAD::QuantumEndMigrate
ULONG QuantumEndMigrate
Definition: ketypes.h:1851
_KTHREAD::Running
BOOLEAN Running
Definition: ketypes.h:1826
_KTHREAD::SavedApcState
KAPC_STATE SavedApcState
Definition: ketypes.h:2107
_KTHREAD::AffinityVersion
ULONG_PTR AffinityVersion
Definition: ketypes.h:2081
_KTHREAD::WaitBlockFill10
UCHAR WaitBlockFill10[2 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:2012
_KTHREAD::Reserved
ULONG Reserved
Definition: ketypes.h:1862
_KTHREAD::ExpectedRunTime
ULONG ExpectedRunTime
Definition: ketypes.h:1821
_KTHREAD::DisableQuantum
ULONG DisableQuantum
Definition: ketypes.h:1878
_KTHREAD::QuantumTarget
ULONG64 QuantumTarget
Definition: ketypes.h:1810
_KTHREAD::Win32Thread
PVOID Win32Thread
Definition: ketypes.h:2013
_KTHREAD::InGlobalForegroundList
ULONG_PTR InGlobalForegroundList
Definition: ketypes.h:2199
_KTHREAD::SystemAffinityActive
ULONG SystemAffinityActive
Definition: ketypes.h:1844
_KTHREAD::Alerted
BOOLEAN Alerted[MaximumMode]
Definition: ketypes.h:1827
_KTHREAD::CycleTime
volatile ULONG64 CycleTime
Definition: ketypes.h:1815
_KTHREAD::ForegroundLossTime
ULONG ForegroundLossTime
Definition: ketypes.h:2192
_KTHREAD::GlobalForegroundListEntry
LIST_ENTRY GlobalForegroundListEntry
Definition: ketypes.h:2195
_KTHREAD::AbFreeEntryCount
UCHAR AbFreeEntryCount
Definition: ketypes.h:2189
_KTHREAD::QueuedScb
struct _KSCB * QueuedScb
Definition: ketypes.h:2213
_KTHREAD::ThreadFlags
LONG ThreadFlags
Definition: ketypes.h:1904
_KTHREAD::CombinedApcDisable
ULONG CombinedApcDisable
Definition: ketypes.h:2030
_KTHREAD::Alertable
ULONG Alertable
Definition: ketypes.h:1845
_KTHREAD::WaitPrcb
PKPRCB WaitPrcb
Definition: ketypes.h:2139
_KTHREAD::ThreadLock
KSPIN_LOCK ThreadLock
Definition: ketypes.h:1814
_KTHREAD::AbCompletedIoBoostCount
volatile LONG AbCompletedIoBoostCount
Definition: ketypes.h:2175
_KTHREAD::ApcStateFill
UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]
Definition: ketypes.h:1928
_KTHREAD::FirstArgument
PVOID FirstArgument
Definition: ketypes.h:1920
_KTHREAD::CalloutActive
ULONG CalloutActive
Definition: ketypes.h:1856
_KTHREAD::Priority
SCHAR Priority
Definition: ketypes.h:1929
_KTHREAD::UserAffinitySet
ULONG UserAffinitySet
Definition: ketypes.h:1873
_KTHREAD::SpecialApcDisable
SHORT SpecialApcDisable
Definition: ketypes.h:2028
_KTHREAD::CommitFailTerminateRequest
ULONG CommitFailTerminateRequest
Definition: ketypes.h:1895
_KTHREAD::SuspendApcFill3
UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]
Definition: ketypes.h:2138
_KTHREAD::ApcStateIndex
UCHAR ApcStateIndex
Definition: ketypes.h:2089
_KTHREAD::SListFaultAddress
PVOID SListFaultAddress
Definition: ketypes.h:1809
_KTHREAD::Spare20
USHORT Spare20
Definition: ketypes.h:2161
_KTHREAD::SchedulerApcFill0
UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]
Definition: ketypes.h:2123
_KTHREAD::Teb
PVOID Teb
Definition: ketypes.h:1954
_KTHREAD::ThreadCounters
struct _KTHREAD_COUNTERS * ThreadCounters
Definition: ketypes.h:2003
_KTHREAD::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:1951
_KTHREAD::PreviousMode
CHAR PreviousMode
Definition: ketypes.h:2063
_KTHREAD::LockEntries
KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES]
Definition: ketypes.h:2170
_KTHREAD::ServiceTable
PVOID ServiceTable
Definition: ketypes.h:1818
_KTHREAD::QueueDeferPreemption
ULONG QueueDeferPreemption
Definition: ketypes.h:1881
_KTHREAD::SchedulerApcFill5
UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted)+1]
Definition: ketypes.h:2148
_KTHREAD::NpxState
ULONG64 NpxState
Definition: ketypes.h:2215
_KTHREAD::AutoAlignment
ULONG AutoAlignment
Definition: ketypes.h:1871
_KTHREAD::AutoBoostActive
ULONG AutoBoostActive
Definition: ketypes.h:1836
_KTHREAD::ReadyTransition
ULONG ReadyTransition
Definition: ketypes.h:1838
_KTHREAD::ScbReadyQueue
ULONG ScbReadyQueue
Definition: ketypes.h:1857
_KTHREAD::UserAffinity
GROUP_AFFINITY UserAffinity
Definition: ketypes.h:2059
_KTHREAD::KernelStack
PVOID KernelStack
Definition: ketypes.h:1822
_KTHREAD::GuiThread
ULONG GuiThread
Definition: ketypes.h:1877
_KTHREAD::DeferredProcessor
ULONG DeferredProcessor
Definition: ketypes.h:2053
_KTHREAD::KernelTime
ULONG KernelTime
Definition: ketypes.h:2134
_KTHREAD::Spare15
ULONG Spare15
Definition: ketypes.h:2099
_KTHREAD::ResourceIndex
UCHAR ResourceIndex
Definition: ketypes.h:2124
_KTHREAD::ThreadListEntry
LIST_ENTRY ThreadListEntry
Definition: ketypes.h:2155
_KTHREAD::SystemHeteroCpuPolicy
UCHAR SystemHeteroCpuPolicy
Definition: ketypes.h:1909
_KTHREAD::UmsPerformingSyscall
ULONG UmsPerformingSyscall
Definition: ketypes.h:1860
_KTHREAD::BasePriority
CHAR BasePriority
Definition: ketypes.h:2064
_KTHREAD::WaitTime
ULONG WaitTime
Definition: ketypes.h:2022
_KTHREAD::UserHeteroCpuPolicy
UCHAR UserHeteroCpuPolicy
Definition: ketypes.h:1910
_KTHREAD::SchedulerApcFill2
UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]
Definition: ketypes.h:2133
_KTHREAD::AffinityFill
UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:2088
_KTHREAD::PriorityFloorSummary
ULONG PriorityFloorSummary
Definition: ketypes.h:2174
_KTHREAD::QuantumReset
UCHAR QuantumReset
Definition: ketypes.h:2129
_KTHREAD::LegoData
PVOID LegoData
Definition: ketypes.h:2144
_KTHREAD::WaitReason
UCHAR WaitReason
Definition: ketypes.h:2111
_KTHREAD::KeReferenceCount
volatile SHORT KeReferenceCount
Definition: ketypes.h:2181
_KTHREAD::XStateSave
PXSTATE_SAVE XStateSave
Definition: ketypes.h:2008
_KTHREAD::StackBase
PVOID StackBase
Definition: ketypes.h:1813
_KTHREAD::SystemThread
ULONG SystemThread
Definition: ketypes.h:1854
_KTHREAD::NextProcessor
ULONG NextProcessor
Definition: ketypes.h:2052
_KTHREAD::ExplicitIdealProcessor
ULONG ExplicitIdealProcessor
Definition: ketypes.h:1883
_KTHREAD::EnableStackSwap
ULONG EnableStackSwap
Definition: ketypes.h:1876
_KTHREAD::WaitBlockFill8
UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:2002
_KTHREAD::MiscFlags
LONG MiscFlags
Definition: ketypes.h:1864
_KTHREAD::TimerActive
ULONG TimerActive
Definition: ketypes.h:1853
_KTHREAD::AbWaitEntryCount
UCHAR AbWaitEntryCount
Definition: ketypes.h:2160
_KTHREAD::AdjustIncrement
CHAR AdjustIncrement
Definition: ketypes.h:2076
_KTHREAD::HighCycleTime
volatile ULONG HighCycleTime
Definition: ketypes.h:1817
_KTHREAD::MutantListHead
LIST_ENTRY MutantListHead
Definition: ketypes.h:2156
_KTHREAD::SchedulerApcFill1
UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]
Definition: ketypes.h:2128
_KTHREAD::PriorityFloorCounts
UCHAR PriorityFloorCounts[16]
Definition: ketypes.h:2173
_KTHREAD::ExplicitSystemHeteroCpuPolicy
UCHAR ExplicitSystemHeteroCpuPolicy
Definition: ketypes.h:1911
_KTHREAD::Tag
volatile UCHAR Tag
Definition: ketypes.h:1908
_KTHREAD::AbEntrySummary
UCHAR AbEntrySummary
Definition: ketypes.h:2159
_KTHREAD::KernelApcDisable
SHORT KernelApcDisable
Definition: ketypes.h:2027
_KTHREAD::AlertedByThreadId
ULONG AlertedByThreadId
Definition: ketypes.h:1874
_KTHREAD::IoSelfBoostsEntry
SINGLE_LIST_ENTRY IoSelfBoostsEntry
Definition: ketypes.h:2172
_KTHREAD::SuspendEvent
KEVENT SuspendEvent
Definition: ketypes.h:2154
_KTHREAD::Spare12
CHAR Spare12
Definition: ketypes.h:1938
_KTHREAD::PropagateBoostsEntry
SINGLE_LIST_ENTRY PropagateBoostsEntry
Definition: ketypes.h:2171
_KTHREAD::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:1808
_KTHREAD::WaitRegister
KWAIT_STATUS_REGISTER WaitRegister
Definition: ketypes.h:1825
_KTHREAD::WaitBlockList
PKWAIT_BLOCK WaitBlockList
Definition: ketypes.h:1947
_KTHREAD::ProcessStackCountDecremented
ULONG ProcessStackCountDecremented
Definition: ketypes.h:1896
_KTHREAD::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:1935
_KTHREAD::RelativeTimerBias
ULONG64 RelativeTimerBias
Definition: ketypes.h:1956
_KTHREAD::DisableStackCheck
ULONG DisableStackCheck
Definition: ketypes.h:1861
_KTHREAD::EtwStackTraceApcInserted
ULONG EtwStackTraceApcInserted
Definition: ketypes.h:1899
_KTHREAD::SavedApcStateFill
UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending)+1]
Definition: ketypes.h:2110
_KTHREAD::WaitBlockFill9
UCHAR WaitBlockFill9[1 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:2007
_KTHREAD::Saturation
CHAR Saturation
Definition: ketypes.h:2113
_KTHREAD::StateSaveArea
XSAVE_FORMAT * StateSaveArea
Definition: ketypes.h:1823
_KTHREAD::SuspendCount
CHAR SuspendCount
Definition: ketypes.h:2112
_KTHREAD::DeferPreemption
ULONG DeferPreemption
Definition: ketypes.h:1880
_KTHREAD::Spare0
UCHAR Spare0
Definition: ketypes.h:1912
_KTHREAD::Timer
KTIMER Timer
Definition: ketypes.h:1958
_KTHREAD::WaitBlockFill11
UCHAR WaitBlockFill11[3 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, Object)]
Definition: ketypes.h:2017
_KTHREAD::StackLimit
volatile VOID * StackLimit
Definition: ketypes.h:1812
_KTHREAD::QueueListEntry
LIST_ENTRY QueueListEntry
Definition: ketypes.h:2039
_KTHREAD::ProcessDetachActive
ULONG ProcessDetachActive
Definition: ketypes.h:1855
_KTHREAD::ApcState
KAPC_STATE ApcState
Definition: ketypes.h:1925
_KTHREAD::SchedulingGroup
struct _KSCHEDULING_GROUP * SchedulingGroup
Definition: ketypes.h:1824
_KTHREAD::Process
PKPROCESS Process
Definition: ketypes.h:2055
_KTHREAD::WaitIrql
KIRQL WaitIrql
Definition: ketypes.h:1942
_KTHREAD::SchedulerApc
KAPC SchedulerApc
Definition: ketypes.h:2120
_KTHREAD::Preempted
UCHAR Preempted
Definition: ketypes.h:2074
_KTHREAD::UserTime
ULONG UserTime
Definition: ketypes.h:2150
_KTHREAD::UmsDirectedSwitchEnable
ULONG UmsDirectedSwitchEnable
Definition: ketypes.h:1852
_KTHREAD::ApcQueueable
ULONG ApcQueueable
Definition: ketypes.h:1858
_KTHREAD::ForegroundDpcStackListEntry
SINGLE_LIST_ENTRY ForegroundDpcStackListEntry
Definition: ketypes.h:2198
_KTHREAD::State
volatile UCHAR State
Definition: ketypes.h:1936
_KTHREAD::WaitNext
ULONG WaitNext
Definition: ketypes.h:1843
_KTHREAD::UserAffinityFill
UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:2062
_KTHREAD::ForceDeferSchedule
ULONG ForceDeferSchedule
Definition: ketypes.h:1882
_KTHREAD::WaitBlockCount
UCHAR WaitBlockCount
Definition: ketypes.h:2090
_KTIMER_TABLE_ENTRY
Definition: ketypes.h:918
_KTIMER_TABLE_ENTRY::Lock
KSPIN_LOCK Lock
Definition: ketypes.h:920
_KTIMER_TABLE_ENTRY::Time
ULARGE_INTEGER Time
Definition: ketypes.h:923
_KTIMER_TABLE_ENTRY::Entry
LIST_ENTRY Entry
Definition: ketypes.h:922
_KTIMER_TABLE
Definition: ketypes.h:927
_KTIMER_TABLE::TimerEntries
KTIMER_TABLE_ENTRY TimerEntries[256]
Definition: ketypes.h:929
_KTIMER_TABLE::TimerExpiry
PKTIMER TimerExpiry[64]
Definition: ketypes.h:928
_KTIMER
Definition: ketypes.h:919
_KTRAP_FRAME
Definition: ketypes.h:406
_KUSER_SHARED_DATA
Definition: wdm.h:25
_KUSER_SHARED_DATA::LangGenerationCount
ULONG LangGenerationCount
Definition: wdm.h:117
_KUSER_SHARED_DATA::CookiePad
ULONG CookiePad[1]
Definition: wdm.h:103
_KUSER_SHARED_DATA::QpcInterruptTimeIncrementShift
UCHAR QpcInterruptTimeIncrementShift
Definition: wdm.h:111
_KUSER_SHARED_DATA::XState
XSTATE_CONFIGURATION XState
Definition: wdm.h:132
_KUSER_SHARED_DATA::DbgStateSeparationEnabled
ULONG DbgStateSeparationEnabled
Definition: wdm.h:80
_KUSER_SHARED_DATA::ProductTypeIsValid
BOOLEAN ProductTypeIsValid
Definition: wdm.h:45
_KUSER_SHARED_DATA::DUMMYUNIONNAME2
union _KUSER_SHARED_DATA::@4204 DUMMYUNIONNAME2
_KUSER_SHARED_DATA::AitSamplingValue
ULONG AitSamplingValue
Definition: wdm.h:38
_KUSER_SHARED_DATA::DbgInstallerDetectEnabled
ULONG DbgInstallerDetectEnabled
Definition: wdm.h:73
_KUSER_SHARED_DATA::SystemTime
volatile KSYSTEM_TIME SystemTime
Definition: wdm.h:29
_KUSER_SHARED_DATA::ActiveGroupCount
volatile UCHAR ActiveGroupCount
Definition: wdm.h:122
_KUSER_SHARED_DATA::TimeZoneBiasEffectiveStart
LARGE_INTEGER TimeZoneBiasEffectiveStart
Definition: wdm.h:130
_KUSER_SHARED_DATA::QpcSystemTimeIncrement
ULONGLONG QpcSystemTimeIncrement
Definition: wdm.h:108
_KUSER_SHARED_DATA::TickCountLowDeprecated
ULONG TickCountLowDeprecated
Definition: wdm.h:26
_KUSER_SHARED_DATA::NtProductType
NT_PRODUCT_TYPE NtProductType
Definition: wdm.h:44
_KUSER_SHARED_DATA::QpcData
USHORT QpcData
Definition: wdm.h:124
_KUSER_SHARED_DATA::QpcFrequency
LONGLONG QpcFrequency
Definition: wdm.h:86
_KUSER_SHARED_DATA::SystemCallPad
ULONGLONG SystemCallPad[2]
Definition: wdm.h:97
_KUSER_SHARED_DATA::DbgConsoleBrokerEnabled
ULONG DbgConsoleBrokerEnabled
Definition: wdm.h:76
_KUSER_SHARED_DATA::ActiveProcessorCount
ULONG ActiveProcessorCount
Definition: wdm.h:121
_KUSER_SHARED_DATA::TimeZoneBiasStamp
volatile ULONG TimeZoneBiasStamp
Definition: wdm.h:42
_KUSER_SHARED_DATA::RNGSeedVersion
ULONGLONG RNGSeedVersion
Definition: wdm.h:40
_KUSER_SHARED_DATA::VirtualizationFlags
UCHAR VirtualizationFlags
Definition: wdm.h:66
_KUSER_SHARED_DATA::SystemCall
ULONG SystemCall
Definition: wdm.h:87
_KUSER_SHARED_DATA::TestRetInstruction
ULONGLONG TestRetInstruction
Definition: wdm.h:85
_KUSER_SHARED_DATA::QpcInterruptTimeIncrement
ULONGLONG QpcInterruptTimeIncrement
Definition: wdm.h:109
_KUSER_SHARED_DATA::ActiveConsoleId
volatile ULONG ActiveConsoleId
Definition: wdm.h:60
_KUSER_SHARED_DATA::InterruptTimeBias
volatile ULONGLONG InterruptTimeBias
Definition: wdm.h:119
_KUSER_SHARED_DATA::DUMMYSTRUCTNAME2
struct _KUSER_SHARED_DATA::@4204::@4208 DUMMYSTRUCTNAME2
_KUSER_SHARED_DATA::KdDebuggerEnabled
BOOLEAN KdDebuggerEnabled
Definition: wdm.h:57
_KUSER_SHARED_DATA::NtMajorVersion
ULONG NtMajorVersion
Definition: wdm.h:47
_KUSER_SHARED_DATA::AppCompatFlag
ULONG AppCompatFlag
Definition: wdm.h:39
_KUSER_SHARED_DATA::BaselineSystemTimeQpc
ULONGLONG BaselineSystemTimeQpc
Definition: wdm.h:106
_KUSER_SHARED_DATA::QpcShift
UCHAR QpcShift
Definition: wdm.h:127
_KUSER_SHARED_DATA::TickCountMultiplier
ULONG TickCountMultiplier
Definition: wdm.h:27
_KUSER_SHARED_DATA::ConsoleSessionForegroundProcessId
LONGLONG ConsoleSessionForegroundProcessId
Definition: wdm.h:104
_KUSER_SHARED_DATA::NativeProcessorArchitecture
USHORT NativeProcessorArchitecture
Definition: wdm.h:46
_KUSER_SHARED_DATA::SharedDataFlags
ULONG SharedDataFlags
Definition: wdm.h:68
_KUSER_SHARED_DATA::NXSupportPolicy
UCHAR NXSupportPolicy
Definition: wdm.h:58
_KUSER_SHARED_DATA::QpcBias
volatile ULONGLONG QpcBias
Definition: wdm.h:120
_KUSER_SHARED_DATA::ProcessorFeatures
BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX]
Definition: wdm.h:49
_KUSER_SHARED_DATA::LastSystemRITEventTickCount
ULONG LastSystemRITEventTickCount
Definition: wdm.h:63
_KUSER_SHARED_DATA::NumberOfPhysicalPages
ULONG NumberOfPhysicalPages
Definition: wdm.h:64
_KUSER_SHARED_DATA::DbgMultiUsersInSessionSku
ULONG DbgMultiUsersInSessionSku
Definition: wdm.h:79
_KUSER_SHARED_DATA::BootId
ULONG BootId
Definition: wdm.h:54
_KUSER_SHARED_DATA::TickCountQuad
volatile ULONG64 TickCountQuad
Definition: wdm.h:100
_KUSER_SHARED_DATA::TickCount
volatile KSYSTEM_TIME TickCount
Definition: wdm.h:99
_KUSER_SHARED_DATA::LargePageMinimum
ULONG LargePageMinimum
Definition: wdm.h:37
_KUSER_SHARED_DATA::InterruptTime
volatile KSYSTEM_TIME InterruptTime
Definition: wdm.h:28
_KUSER_SHARED_DATA::SpareBits
ULONG SpareBits
Definition: wdm.h:81
_KUSER_SHARED_DATA::NtBuildNumber
ULONG NtBuildNumber
Definition: wdm.h:43
_KUSER_SHARED_DATA::CryptoExponent
ULONG CryptoExponent
Definition: wdm.h:35
_KUSER_SHARED_DATA::DbgSecureBootEnabled
ULONG DbgSecureBootEnabled
Definition: wdm.h:77
_KUSER_SHARED_DATA::TimeZoneId
ULONG TimeZoneId
Definition: wdm.h:36
_KUSER_SHARED_DATA::SafeBootMode
BOOLEAN SafeBootMode
Definition: wdm.h:65
_KUSER_SHARED_DATA::DbgMultiSessionSku
ULONG DbgMultiSessionSku
Definition: wdm.h:78
_KUSER_SHARED_DATA::QpcBypassEnabled
UCHAR volatile QpcBypassEnabled
Definition: wdm.h:126
_KUSER_SHARED_DATA::TimeSlip
volatile ULONG TimeSlip
Definition: wdm.h:52
_KUSER_SHARED_DATA::SystemExpirationDate
LARGE_INTEGER SystemExpirationDate
Definition: wdm.h:55
_KUSER_SHARED_DATA::NtMinorVersion
ULONG NtMinorVersion
Definition: wdm.h:48
_KUSER_SHARED_DATA::Cookie
ULONG Cookie
Definition: wdm.h:102
_KUSER_SHARED_DATA::NtSystemRoot
WCHAR NtSystemRoot[260]
Definition: wdm.h:33
_KUSER_SHARED_DATA::ActiveProcessorAffinity
ULONG ActiveProcessorAffinity
Definition: wdm.h:118
_KUSER_SHARED_DATA::DUMMYUNIONNAME3
union _KUSER_SHARED_DATA::@4207 DUMMYUNIONNAME3
_KUSER_SHARED_DATA::ImageNumberHigh
USHORT ImageNumberHigh
Definition: wdm.h:32
_KUSER_SHARED_DATA::QpcSystemTimeIncrementShift
UCHAR QpcSystemTimeIncrementShift
Definition: wdm.h:110
_KUSER_SHARED_DATA::Reserved1
ULONG Reserved1
Definition: wdm.h:50
_KUSER_SHARED_DATA::MaxStackTraceDepth
ULONG MaxStackTraceDepth
Definition: wdm.h:34
_KUSER_SHARED_DATA::SuiteMask
ULONG SuiteMask
Definition: wdm.h:56
_KUSER_SHARED_DATA::DbgErrorPortPresent
ULONG DbgErrorPortPresent
Definition: wdm.h:70
_KUSER_SHARED_DATA::DbgVirtEnabled
ULONG DbgVirtEnabled
Definition: wdm.h:72
_KUSER_SHARED_DATA::ImageFileExecutionOptions
ULONG ImageFileExecutionOptions
Definition: wdm.h:116
_KUSER_SHARED_DATA::CyclesPerYield
USHORT CyclesPerYield
Definition: wdm.h:59
_KUSER_SHARED_DATA::UnparkedProcessorCount
USHORT UnparkedProcessorCount
Definition: wdm.h:112
_KUSER_SHARED_DATA::ComPlusPackage
ULONG ComPlusPackage
Definition: wdm.h:62
_KUSER_SHARED_DATA::DUMMYUNIONNAME
union _KUSER_SHARED_DATA::@4206 DUMMYUNIONNAME
_KUSER_SHARED_DATA::EnclaveFeatureMask
ULONG EnclaveFeatureMask[4]
Definition: wdm.h:113
_KUSER_SHARED_DATA::Reserved3
ULONG Reserved3
Definition: wdm.h:51
_KUSER_SHARED_DATA::AlternativeArchitecture
ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture
Definition: wdm.h:53
_KUSER_SHARED_DATA::DUMMYSTRUCTNAME
struct _KUSER_SHARED_DATA::@4205::@4209 DUMMYSTRUCTNAME
_KUSER_SHARED_DATA::TimeUpdateLock
ULONGLONG TimeUpdateLock
Definition: wdm.h:105
_KUSER_SHARED_DATA::DismountCount
volatile ULONG DismountCount
Definition: wdm.h:61
_KUSER_SHARED_DATA::TimeZoneBias
volatile KSYSTEM_TIME TimeZoneBias
Definition: wdm.h:30
_KUSER_SHARED_DATA::DbgLkgEnabled
ULONG DbgLkgEnabled
Definition: wdm.h:74
_KUSER_SHARED_DATA::TimeZoneBiasEffectiveEnd
LARGE_INTEGER TimeZoneBiasEffectiveEnd
Definition: wdm.h:131
_KUSER_SHARED_DATA::BaselineInterruptTimeQpc
ULONGLONG BaselineInterruptTimeQpc
Definition: wdm.h:107
_KUSER_SHARED_DATA::DataFlagsPad
ULONG DataFlagsPad[1]
Definition: wdm.h:84
_KUSER_SHARED_DATA::DbgDynProcessorEnabled
ULONG DbgDynProcessorEnabled
Definition: wdm.h:75
_KUSER_SHARED_DATA::UserModeGlobalLogger
USHORT UserModeGlobalLogger[16]
Definition: wdm.h:115
_KUSER_SHARED_DATA::TelemetryCoverageRound
ULONG TelemetryCoverageRound
Definition: wdm.h:114
_KUSER_SHARED_DATA::ImageNumberLow
USHORT ImageNumberLow
Definition: wdm.h:31
_KWAIT_BLOCK
Definition: ketypes.h:523
_LIST_ENTRY
Definition: typedefs.h:120
_LOADER_PARAMETER_BLOCK
Definition: arc.h:813
_PP_LOOKASIDE_LIST
Definition: ketypes.h:1014
_PP_LOOKASIDE_LIST::P
struct _GENERAL_LOOKASIDE * P
Definition: ketypes.h:1015
_PP_LOOKASIDE_LIST::L
struct _GENERAL_LOOKASIDE * L
Definition: ketypes.h:1016
_RTL_BALANCED_NODE
Definition: ntdef.template.h:331
_RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.
Definition: ketypes.h:1179
_RTL_RB_TREE::Root
PRTL_BALANCED_NODE Root
Definition: ketypes.h:1180
_RTL_RB_TREE::Min
PRTL_BALANCED_NODE Min
Definition: ketypes.h:1181
_SINGLE_LIST_ENTRY
Definition: ntbasedef.h:640
_SYNCH_COUNTERS
Definition: ketypes.h:939
_SYNCH_COUNTERS::ExTryToAcqExclusiveAcquires
ULONG ExTryToAcqExclusiveAcquires
Definition: ketypes.h:981
_SYNCH_COUNTERS::ExTryToAcqExclusiveAttempts
ULONG ExTryToAcqExclusiveAttempts
Definition: ketypes.h:980
_SYNCH_COUNTERS::ExInitializeResourceCount
ULONG ExInitializeResourceCount
Definition: ketypes.h:946
_SYNCH_COUNTERS::ExecutiveResourceReleaseSharedCount
ULONG ExecutiveResourceReleaseSharedCount
Definition: ketypes.h:952
_SYNCH_COUNTERS::ExAcqResSharedAcquiresExclusive
ULONG ExAcqResSharedAcquiresExclusive
Definition: ketypes.h:960
_SYNCH_COUNTERS::ExAcqResExclusiveNotAcquires
ULONG ExAcqResExclusiveNotAcquires
Definition: ketypes.h:958
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveNotAcquires
ULONG ExAcqResSharedStarveExclusiveNotAcquires
Definition: ketypes.h:970
_SYNCH_COUNTERS::ExSetResOwnerPointerSharedOld
ULONG ExSetResOwnerPointerSharedOld
Definition: ketypes.h:979
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
Definition: ketypes.h:974
_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusiveRecursive
ULONG ExAcqResExclusiveAcquiresExclusiveRecursive
Definition: ketypes.h:956
_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsAccountedCount
ULONG ExEtwSynchTrackingNotificationsAccountedCount
Definition: ketypes.h:985
_SYNCH_COUNTERS::ExecutiveResourceConvertsCount
ULONG ExecutiveResourceConvertsCount
Definition: ketypes.h:953
_SYNCH_COUNTERS::ExecutiveResourceReleaseExclusiveCount
ULONG ExecutiveResourceReleaseExclusiveCount
Definition: ketypes.h:951
_SYNCH_COUNTERS::IpiSendRequestBroadcastCount
ULONG IpiSendRequestBroadcastCount
Definition: ketypes.h:943
_SYNCH_COUNTERS::ExAcqResExclusiveWaits
ULONG ExAcqResExclusiveWaits
Definition: ketypes.h:957
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveWaits
ULONG ExAcqResSharedWaitForExclusiveWaits
Definition: ketypes.h:975
_SYNCH_COUNTERS::ExAcqResSharedWaits
ULONG ExAcqResSharedWaits
Definition: ketypes.h:963
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresExclusive
ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive
Definition: ketypes.h:972
_SYNCH_COUNTERS::SpinLockContentionCount
ULONG SpinLockContentionCount
Definition: ketypes.h:941
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAttempts
ULONG ExAcqResSharedStarveExclusiveAttempts
Definition: ketypes.h:965
_SYNCH_COUNTERS::ExAcqResSharedAttempts
ULONG ExAcqResSharedAttempts
Definition: ketypes.h:959
_SYNCH_COUNTERS::ExDeleteResourceCount
ULONG ExDeleteResourceCount
Definition: ketypes.h:948
_SYNCH_COUNTERS::ExecutiveResourceContentionsCount
ULONG ExecutiveResourceContentionsCount
Definition: ketypes.h:950
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAttempts
ULONG ExAcqResSharedWaitForExclusiveAttempts
Definition: ketypes.h:971
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveNotAcquires
ULONG ExAcqResSharedWaitForExclusiveNotAcquires
Definition: ketypes.h:976
_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsCount
ULONG ExEtwSynchTrackingNotificationsCount
Definition: ketypes.h:984
_SYNCH_COUNTERS::ExBoostSharedOwners
ULONG ExBoostSharedOwners
Definition: ketypes.h:983
_SYNCH_COUNTERS::IpiSendRequestRoutineCount
ULONG IpiSendRequestRoutineCount
Definition: ketypes.h:944
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
Definition: ketypes.h:968
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresShared
ULONG ExAcqResSharedStarveExclusiveAcquiresShared
Definition: ketypes.h:967
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveWaits
ULONG ExAcqResSharedStarveExclusiveWaits
Definition: ketypes.h:969
_SYNCH_COUNTERS::ExAcqResSharedAcquiresShared
ULONG ExAcqResSharedAcquiresShared
Definition: ketypes.h:961
_SYNCH_COUNTERS::SpinLockSpinCount
ULONG SpinLockSpinCount
Definition: ketypes.h:942
_SYNCH_COUNTERS::IpiSendSoftwareInterruptCount
ULONG IpiSendSoftwareInterruptCount
Definition: ketypes.h:945
_SYNCH_COUNTERS::ExSetResOwnerPointerExclusive
ULONG ExSetResOwnerPointerExclusive
Definition: ketypes.h:977
_SYNCH_COUNTERS::ExAcqResSharedNotAcquires
ULONG ExAcqResSharedNotAcquires
Definition: ketypes.h:964
_SYNCH_COUNTERS::ExReInitializeResourceCount
ULONG ExReInitializeResourceCount
Definition: ketypes.h:947
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresShared
ULONG ExAcqResSharedWaitForExclusiveAcquiresShared
Definition: ketypes.h:973
_SYNCH_COUNTERS::ExecutiveResourceAcquiresCount
ULONG ExecutiveResourceAcquiresCount
Definition: ketypes.h:949
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresExclusive
ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive
Definition: ketypes.h:966
_SYNCH_COUNTERS::ExAcqResExclusiveAttempts
ULONG ExAcqResExclusiveAttempts
Definition: ketypes.h:954
_SYNCH_COUNTERS::ExSetResOwnerPointerSharedNew
ULONG ExSetResOwnerPointerSharedNew
Definition: ketypes.h:978
_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusive
ULONG ExAcqResExclusiveAcquiresExclusive
Definition: ketypes.h:955
_SYNCH_COUNTERS::SpinLockAcquireCount
ULONG SpinLockAcquireCount
Definition: ketypes.h:940
_SYNCH_COUNTERS::ExBoostExclusiveOwner
ULONG ExBoostExclusiveOwner
Definition: ketypes.h:982
_SYNCH_COUNTERS::ExAcqResSharedAcquiresSharedRecursive
ULONG ExAcqResSharedAcquiresSharedRecursive
Definition: ketypes.h:962
_TEB
Definition: compat.h:836
_ULARGE_INTEGER
Definition: ms-dtyp.idl:184
_XSTATE_CONFIGURATION
Definition: ketypes.h:1370
_XSTATE_SAVE
Definition: ketypes.h:1062
MODE
#define MODE
Definition: telnetd.h:42
PULONG_PTR
uint32_t * PULONG_PTR
Definition: typedefs.h:65
INT_PTR
int32_t INT_PTR
Definition: typedefs.h:64
OPTIONAL
#define OPTIONAL
Definition: typedefs.h:41
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
LONG64
int64_t LONG64
Definition: typedefs.h:68
UCHAR
unsigned char UCHAR
Definition: typedefs.h:53
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
LONGLONG
int64_t LONGLONG
Definition: typedefs.h:68
NTAPI
#define NTAPI
Definition: typedefs.h:36
PVOID
void * PVOID
Definition: typedefs.h:50
ULONGLONG
uint64_t ULONGLONG
Definition: typedefs.h:67
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
IN
#define IN
Definition: typedefs.h:39
PUCHAR
unsigned char * PUCHAR
Definition: typedefs.h:53
ULONG
uint32_t ULONG
Definition: typedefs.h:59
OUT
#define OUT
Definition: typedefs.h:40
CCHAR
char CCHAR
Definition: typedefs.h:51
CSHORT
short CSHORT
Definition: umtypes.h:127
_KWAIT_STATUS_REGISTER
Definition: ketypes.h:1142
_KWAIT_STATUS_REGISTER::Affinity
UCHAR Affinity
Definition: ketypes.h:1147
_KWAIT_STATUS_REGISTER::Priority
UCHAR Priority
Definition: ketypes.h:1148
_KWAIT_STATUS_REGISTER::Alert
UCHAR Alert
Definition: ketypes.h:1151
_KWAIT_STATUS_REGISTER::UserApc
UCHAR UserApc
Definition: ketypes.h:1150
_KWAIT_STATUS_REGISTER::Unused
UCHAR Unused
Definition: ketypes.h:1152
_KWAIT_STATUS_REGISTER::State
UCHAR State
Definition: ketypes.h:1146
_KWAIT_STATUS_REGISTER::Flags
UCHAR Flags
Definition: ketypes.h:1143
_KWAIT_STATUS_REGISTER::Apc
UCHAR Apc
Definition: ketypes.h:1149
_LARGE_INTEGER
Definition: typedefs.h:103
_SLIST_HEADER
Definition: rtltypes.h:138
Object
_Must_inspect_result_ _In_ WDFCOLLECTION _In_ WDFOBJECT Object
Definition: wdfcollection.h:123
PowerState
_Must_inspect_result_ _In_ PWDFDEVICE_INIT _In_ WDF_DEVICE_POWER_STATE PowerState
Definition: wdfdevice.h:3040
PROCESSOR_FEATURE_MAX
#define PROCESSOR_FEATURE_MAX
Definition: wdm.h:10
KSYSTEM_TIME
struct _KSYSTEM_TIME KSYSTEM_TIME
_ALTERNATIVE_ARCHITECTURE_TYPE
_ALTERNATIVE_ARCHITECTURE_TYPE
Definition: wdm.h:13
EndAlternatives
@ EndAlternatives
Definition: wdm.h:16
StandardDesign
@ StandardDesign
Definition: wdm.h:14
NEC98x86
@ NEC98x86
Definition: wdm.h:15
PKSYSTEM_TIME
struct _KSYSTEM_TIME * PKSYSTEM_TIME
ALTERNATIVE_ARCHITECTURE_TYPE
enum _ALTERNATIVE_ARCHITECTURE_TYPE ALTERNATIVE_ARCHITECTURE_TYPE
Reserved
_Reserved_ PVOID Reserved
Definition: winddi.h:3974
KPROFILE_SOURCE
enum _KPROFILE_SOURCE KPROFILE_SOURCE
PTIMER_APC_ROUTINE
VOID(CALLBACK * PTIMER_APC_ROUTINE)(PVOID, ULONG, LONG)
Definition: winternl.h:3621
_KPROFILE_SOURCE
_KPROFILE_SOURCE
Definition: winternl.h:3730
ProfileFpInstructions
@ ProfileFpInstructions
Definition: winternl.h:3744
ProfileIntegerInstructions
@ ProfileIntegerInstructions
Definition: winternl.h:3745
ProfileBranchMispredictions
@ ProfileBranchMispredictions
Definition: winternl.h:3742
ProfileMaximum
@ ProfileMaximum
Definition: winternl.h:3755
ProfileStoreInstructions
@ ProfileStoreInstructions
Definition: winternl.h:3743
ProfileAlignmentFixup
@ ProfileAlignmentFixup
Definition: winternl.h:3732
ProfilePipelineDry
@ ProfilePipelineDry
Definition: winternl.h:3734
ProfileMemoryBarrierCycles
@ ProfileMemoryBarrierCycles
Definition: winternl.h:3753
Profile3Issue
@ Profile3Issue
Definition: winternl.h:3747
ProfileLoadLinkedIssues
@ ProfileLoadLinkedIssues
Definition: winternl.h:3754
ProfileDcacheMisses
@ ProfileDcacheMisses
Definition: winternl.h:3739
ProfileIcacheIssues
@ ProfileIcacheIssues
Definition: winternl.h:3751
ProfileIcacheMisses
@ ProfileIcacheMisses
Definition: winternl.h:3740
ProfileTotalNonissues
@ ProfileTotalNonissues
Definition: winternl.h:3738
ProfileTime
@ ProfileTime
Definition: winternl.h:3731
ProfileSpecialInstructions
@ ProfileSpecialInstructions
Definition: winternl.h:3749
Profile2Issue
@ Profile2Issue
Definition: winternl.h:3746
ProfileTotalCycles
@ ProfileTotalCycles
Definition: winternl.h:3750
ProfileBranchInstructions
@ ProfileBranchInstructions
Definition: winternl.h:3737
ProfilePipelineFrozen
@ ProfilePipelineFrozen
Definition: winternl.h:3736
ProfileDcacheAccesses
@ ProfileDcacheAccesses
Definition: winternl.h:3752
ProfileLoadInstructions
@ ProfileLoadInstructions
Definition: winternl.h:3735
ProfileTotalIssues
@ ProfileTotalIssues
Definition: winternl.h:3733
Profile4Issue
@ Profile4Issue
Definition: winternl.h:3748
ProfileCacheMisses
@ ProfileCacheMisses
Definition: winternl.h:3741
Affinity
_In_ ULONG _In_ ULONG _In_ ULONG _Out_ PKIRQL _Out_ PKAFFINITY Affinity
Definition: halfuncs.h:174
UserTime
_Out_ PULONG UserTime
Definition: kefuncs.h:759
Period
_In_ LARGE_INTEGER _In_ ULONG Period
Definition: kefuncs.h:1313
Limit
_In_ LONG _In_ LONG Limit
Definition: kefuncs.h:304
XSAVE_FORMAT
XSAVE_FORMAT
Definition: ketypes.h:1034
PKSTART_ROUTINE
KSTART_ROUTINE * PKSTART_ROUTINE
Definition: ketypes.h:567
_KWAIT_REASON
_KWAIT_REASON
Definition: ketypes.h:466
WrLpcReply
@ WrLpcReply
Definition: ketypes.h:484
WrGuardedMutex
@ WrGuardedMutex
Definition: ketypes.h:502
WrIoRing
@ WrIoRing
Definition: ketypes.h:512
WrPageIn
@ WrPageIn
Definition: ketypes.h:476
WrPoolAllocation
@ WrPoolAllocation
Definition: ketypes.h:477
Suspended
@ Suspended
Definition: ketypes.h:472
WrRcu
@ WrRcu
Definition: ketypes.h:518
WrPageOut
@ WrPageOut
Definition: ketypes.h:486
PageIn
@ PageIn
Definition: ketypes.h:469
WrDeferredPreempt
@ WrDeferredPreempt
Definition: ketypes.h:506
WrKernel
@ WrKernel
Definition: ketypes.h:493
WrRundown
@ WrRundown
Definition: ketypes.h:503
PoolAllocation
@ PoolAllocation
Definition: ketypes.h:470
WrYieldExecution
@ WrYieldExecution
Definition: ketypes.h:500
WrUserRequest
@ WrUserRequest
Definition: ketypes.h:480
WrProcessInSwap
@ WrProcessInSwap
Definition: ketypes.h:490
UserRequest
@ UserRequest
Definition: ketypes.h:473
WrLpcReceive
@ WrLpcReceive
Definition: ketypes.h:483
WrFreePage
@ WrFreePage
Definition: ketypes.h:475
DelayExecution
@ DelayExecution
Definition: ketypes.h:471
WrKeyedEvent
@ WrKeyedEvent
Definition: ketypes.h:488
WrPhysicalFault
@ WrPhysicalFault
Definition: ketypes.h:509
WrDispatchInt
@ WrDispatchInt
Definition: ketypes.h:498
WrMutex
@ WrMutex
Definition: ketypes.h:496
WrCpuRateControl
@ WrCpuRateControl
Definition: ketypes.h:491
WrExecutive
@ WrExecutive
Definition: ketypes.h:474
WrQuantumEnd
@ WrQuantumEnd
Definition: ketypes.h:497
WrResource
@ WrResource
Definition: ketypes.h:494
WrEventPair
@ WrEventPair
Definition: ketypes.h:481
WrCalloutStack
@ WrCalloutStack
Definition: ketypes.h:492
WrPushLock
@ WrPushLock
Definition: ketypes.h:495
WrPreempted
@ WrPreempted
Definition: ketypes.h:499
WrQueue
@ WrQueue
Definition: ketypes.h:482
WrFastMutex
@ WrFastMutex
Definition: ketypes.h:501
WrAlertByThreadId
@ WrAlertByThreadId
Definition: ketypes.h:505
MaximumWaitReason
@ MaximumWaitReason
Definition: ketypes.h:520
WrRendezvous
@ WrRendezvous
Definition: ketypes.h:487
FreePage
@ FreePage
Definition: ketypes.h:468
WrVirtualMemory
@ WrVirtualMemory
Definition: ketypes.h:485
WrDelayExecution
@ WrDelayExecution
Definition: ketypes.h:478
WrTerminated
@ WrTerminated
Definition: ketypes.h:489
WrSuspended
@ WrSuspended
Definition: ketypes.h:479
Executive
@ Executive
Definition: ketypes.h:467
WrMdlCache
@ WrMdlCache
Definition: ketypes.h:515
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
PKSERVICE_ROUTINE
KSERVICE_ROUTINE * PKSERVICE_ROUTINE
Definition: ketypes.h:580
MAX_WOW64_SHARED_ENTRIES
#define MAX_WOW64_SHARED_ENTRIES
SystemArgument1
_In_opt_ PVOID _In_opt_ PVOID SystemArgument1
Definition: ketypes.h:756
KUSER_SHARED_DATA
KUSER_SHARED_DATA
Definition: ketypes.h:1709
KWAIT_BLOCK
struct _KWAIT_BLOCK KWAIT_BLOCK
_MODE
_MODE
Definition: ketypes.h:10
MaximumMode
@ MaximumMode
Definition: ketypes.h:13
KINTERRUPT_POLARITY
enum _KINTERRUPT_POLARITY KINTERRUPT_POLARITY
THREAD_WAIT_OBJECTS
#define THREAD_WAIT_OBJECTS
Definition: ketypes.h:560
PKAPC_STATE
* PKAPC_STATE
Definition: ketypes.h:1727
PKINTERRUPT_ROUTINE
VOID(NTAPI * PKINTERRUPT_ROUTINE)(VOID)
Definition: ketypes.h:570
PKUSER_SHARED_DATA
* PKUSER_SHARED_DATA
Definition: ketypes.h:1709
KWAIT_REASON
enum _KWAIT_REASON KWAIT_REASON
SystemArgument2
_In_opt_ PVOID _In_opt_ PVOID _In_opt_ PVOID SystemArgument2
Definition: ketypes.h:757
KAPC_STATE
KAPC_STATE
Definition: ketypes.h:1727
StartRoutine
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine
Definition: psfuncs.h:92
TimerContext
_In_ PLARGE_INTEGER _In_opt_ PTIMER_APC_ROUTINE _In_opt_ PVOID TimerContext
Definition: zwfuncs.h:430