dd/d83/ndk_2ketypes_8h_source.html

 /*++ NDK Version: 0098

 Copyright (c) Alex Ionescu.  All rights reserved.

 Header Name:

     ketypes.h

 Abstract:

     Type definitions for the Kernel services.

 Author:

     Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006

 --*/

 #ifndef _KETYPES_H
 #define _KETYPES_H

 //
 // Dependencies
 //
 #include <umtypes.h>
 #ifndef NTOS_MODE_USER
 #include <haltypes.h>
 #include <potypes.h>
 #include <ifssupp.h>
 #endif

 //
 // A system call ID is formatted as such:
 // .________________________________________________________________.
 // | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
 // |--------------|-------------------------------------------------|
 // | TABLE NUMBER |                  TABLE OFFSET                   |
 // \----------------------------------------------------------------/
 //
 // The table number is then used as an index into the service descriptor table.
 #define TABLE_NUMBER_BITS 1
 #define TABLE_OFFSET_BITS 12

 //
 // There are 2 tables (kernel and shadow, used by Win32K)
 //
 #define NUMBER_SERVICE_TABLES 2
 #define NTOS_SERVICE_INDEX   0
 #define WIN32K_SERVICE_INDEX 1

 //
 // NB. From assembly code, the table number must be computed as an offset into
 //     the service descriptor table.
 //
 //     Each entry into the table is 16 bytes long on 32-bit architectures, and
 //     32 bytes long on 64-bit architectures.
 //
 //     Thus, Table Number 1 is offset 16 (0x10) on x86, and offset 32 (0x20) on
 //     x64.
 //
 #ifdef _WIN64
 #define BITS_PER_ENTRY 5 // (1 << 5) = 32 bytes
 #else
 #define BITS_PER_ENTRY 4 // (1 << 4) = 16 bytes
 #endif

 //
 // We want the table number, but leave some extra bits to we can have the offset
 // into the descriptor table.
 //
 #define SERVICE_TABLE_SHIFT (12 - BITS_PER_ENTRY)

 //
 // Now the table number (as an offset) is corrupted with part of the table offset
 // This mask will remove the extra unwanted bits, and give us the offset into the
 // descriptor table proper.
 //
 #define SERVICE_TABLE_MASK  (((1 << TABLE_NUMBER_BITS) - 1) << BITS_PER_ENTRY)

 //
 // To get the table offset (ie: the service call number), just keep the 12 bits
 //
 #define SERVICE_NUMBER_MASK ((1 << TABLE_OFFSET_BITS) - 1)

 //
 // We'll often need to check if this is a graphics call. This is done by comparing
 // the table number offset with the known Win32K table number offset.
 // This is usually index 1, so table number offset 0x10 (x86) or 0x20 (x64)
 //
 #define SERVICE_TABLE_TEST  (WIN32K_SERVICE_INDEX << BITS_PER_ENTRY)

 //
 // Context Record Flags
 //
 #define CONTEXT_DEBUGGER                (CONTEXT_FULL | CONTEXT_FLOATING_POINT)

 //
 // Maximum System Descriptor Table Entries
 //
 #define SSDT_MAX_ENTRIES                2

 //
 // Processor Architectures
 //
 #define PROCESSOR_ARCHITECTURE_INTEL    0
 #define PROCESSOR_ARCHITECTURE_MIPS     1
 #define PROCESSOR_ARCHITECTURE_ALPHA    2
 #define PROCESSOR_ARCHITECTURE_PPC      3
 #define PROCESSOR_ARCHITECTURE_SHX      4
 #define PROCESSOR_ARCHITECTURE_ARM      5
 #define PROCESSOR_ARCHITECTURE_IA64     6
 #define PROCESSOR_ARCHITECTURE_ALPHA64  7
 #define PROCESSOR_ARCHITECTURE_MSIL     8
 #define PROCESSOR_ARCHITECTURE_AMD64    9
 #define PROCESSOR_ARCHITECTURE_UNKNOWN  0xFFFF

 //
 // Object Type Mask for Kernel Dispatcher Objects
 //
 #define KOBJECT_TYPE_MASK               0x7F
 #define KOBJECT_LOCK_BIT                0x80

 //
 // Dispatcher Priority increments
 //
 #define THREAD_ALERT_INCREMENT          2

 //
 // Physical memory offset of KUSER_SHARED_DATA
 //
 #define KI_USER_SHARED_DATA_PHYSICAL    0x41000

 //
 // Quantum values and decrements
 //
 #define MAX_QUANTUM                     0x7F
 #define WAIT_QUANTUM_DECREMENT          1
 #define CLOCK_QUANTUM_DECREMENT         3

 //
 // Kernel Feature Bits
 //
 #define KF_V86_VIS                      0x00000001
 #define KF_RDTSC                        0x00000002
 #define KF_CR4                          0x00000004
 #define KF_CMOV                         0x00000008
 #define KF_GLOBAL_PAGE                  0x00000010
 #define KF_LARGE_PAGE                   0x00000020
 #define KF_MTRR                         0x00000040
 #define KF_CMPXCHG8B                    0x00000080
 #define KF_MMX                          0x00000100
 #define KF_WORKING_PTE                  0x00000200
 #define KF_PAT                          0x00000400
 #define KF_FXSR                         0x00000800
 #define KF_FAST_SYSCALL                 0x00001000
 #define KF_XMMI                         0x00002000
 #define KF_3DNOW                        0x00004000
 #define KF_AMDK6MTRR                    0x00008000
 #define KF_XMMI64                       0x00010000
 #define KF_DTS                          0x00020000
 #define KF_BRANCH                       0x00020000 // from ksamd64.inc
 #define KF_SSE3                         0x00080000
 #define KF_CMPXCHG16B                   0x00100000
 #define KF_XSTATE                       0x00800000 // from ks386.inc, ksamd64.inc
 #define KF_NX_BIT                       0x20000000
 #define KF_NX_DISABLED                  0x40000000
 #define KF_NX_ENABLED                   0x80000000

 #define KF_XSAVEOPT_BIT                 15
 #define KF_XSTATE_BIT                   23
 #define KF_RDWRFSGSBASE_BIT             28

 //
 // Internal Exception Codes
 //
 #define KI_EXCEPTION_INTERNAL           0x10000000
 #define KI_EXCEPTION_ACCESS_VIOLATION   (KI_EXCEPTION_INTERNAL | 0x04)

 typedef struct _FIBER                                    /* Field offsets:    */
 {                                                        /* i386  arm   x64   */
     PVOID FiberData;                                     /* 0x000 0x000 0x000 */
     struct _EXCEPTION_REGISTRATION_RECORD *ExceptionList;/* 0x004 0x004 0x008 */
     PVOID StackBase;                                     /* 0x008 0x008 0x010 */
     PVOID StackLimit;                                    /* 0x00C 0x00C 0x018 */
     PVOID DeallocationStack;                             /* 0x010 0x010 0x020 */
     CONTEXT FiberContext;                                /* 0x014 0x018 0x030 */
 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
     PVOID Wx86Tib;                                       /* 0x2E0 0x1b8 0x500 */
     struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer; /* 0x2E4 0x1bc 0x508 */
     PVOID FlsData;                                       /* 0x2E8 0x1c0 0x510 */
     ULONG GuaranteedStackBytes;                          /* 0x2EC 0x1c4 0x518 */
     ULONG TebFlags;                                      /* 0x2F0 0x1c8 0x51C */
 #else
     ULONG GuaranteedStackBytes;                          /* 0x2E0         */
     PVOID FlsData;                                       /* 0x2E4         */
     struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer;
 #endif
 } FIBER, *PFIBER;

 #ifndef NTOS_MODE_USER
 //
 // Number of dispatch codes supported by KINTERRUPT
 //
 #ifdef _M_AMD64
 #define DISPATCH_LENGTH                 4
 #elif (NTDDI_VERSION >= NTDDI_LONGHORN)
 #define DISPATCH_LENGTH                 135
 #else
 #define DISPATCH_LENGTH                 106
 #endif

 #else

 //
 // KPROCESSOR_MODE Type
 //
 typedef CCHAR KPROCESSOR_MODE;

 //
 // Dereferencable pointer to KUSER_SHARED_DATA in User-Mode
 //
 #define SharedUserData                  ((KUSER_SHARED_DATA *)USER_SHARED_DATA)

 //
 // Maximum WOW64 Entries in KUSER_SHARED_DATA
 //
 #define MAX_WOW64_SHARED_ENTRIES        16

 //
 // Maximum Processor Features supported in KUSER_SHARED_DATA
 //
 #define PROCESSOR_FEATURE_MAX           64

 //
 // Event Types
 //
 typedef enum _EVENT_TYPE
 {
     NotificationEvent,
     SynchronizationEvent
 } EVENT_TYPE;

 //
 // Timer Types
 //
 typedef enum _TIMER_TYPE
 {
     NotificationTimer,
     SynchronizationTimer
 } TIMER_TYPE;

 //
 // Wait Types
 //
 typedef enum _WAIT_TYPE
 {
     WaitAll,
     WaitAny
 } WAIT_TYPE;

 //
 // Processor Execution Modes
 //
 typedef enum _MODE
 {
     KernelMode,
     UserMode,
     MaximumMode
 } MODE;

 //
 // Wait Reasons
 //
 typedef enum _KWAIT_REASON
 {
     Executive,
     FreePage,
     PageIn,
     PoolAllocation,
     DelayExecution,
     Suspended,
     UserRequest,
     WrExecutive,
     WrFreePage,
     WrPageIn,
     WrPoolAllocation,
     WrDelayExecution,
     WrSuspended,
     WrUserRequest,
     WrEventPair,
     WrQueue,
     WrLpcReceive,
     WrLpcReply,
     WrVirtualMemory,
     WrPageOut,
     WrRendezvous,
     Spare2,
     WrGuardedMutex,
     Spare4,
     Spare5,
     Spare6,
     WrKernel,
     WrResource,
     WrPushLock,
     WrMutex,
     WrQuantumEnd,
     WrDispatchInt,
     WrPreempted,
     WrYieldExecution,
     MaximumWaitReason
 } KWAIT_REASON;

 //
 // Profiling Sources
 //
 typedef enum _KPROFILE_SOURCE
 {
     ProfileTime,
     ProfileAlignmentFixup,
     ProfileTotalIssues,
     ProfilePipelineDry,
     ProfileLoadInstructions,
     ProfilePipelineFrozen,
     ProfileBranchInstructions,
     ProfileTotalNonissues,
     ProfileDcacheMisses,
     ProfileIcacheMisses,
     ProfileCacheMisses,
     ProfileBranchMispredictions,
     ProfileStoreInstructions,
     ProfileFpInstructions,
     ProfileIntegerInstructions,
     Profile2Issue,
     Profile3Issue,
     Profile4Issue,
     ProfileSpecialInstructions,
     ProfileTotalCycles,
     ProfileIcacheIssues,
     ProfileDcacheAccesses,
     ProfileMemoryBarrierCycles,
     ProfileLoadLinkedIssues,
     ProfileMaximum
 } KPROFILE_SOURCE;

 //
 // NT Product and Architecture Types
 //
 typedef enum _NT_PRODUCT_TYPE
 {
     NtProductWinNt = 1,
     NtProductLanManNt,
     NtProductServer
 } NT_PRODUCT_TYPE, *PNT_PRODUCT_TYPE;

 typedef enum _ALTERNATIVE_ARCHITECTURE_TYPE
 {
     StandardDesign,
     NEC98x86,
     EndAlternatives
 } ALTERNATIVE_ARCHITECTURE_TYPE;

 #endif

 //
 // Thread States
 //
 typedef enum _KTHREAD_STATE
 {
     Initialized,
     Ready,
     Running,
     Standby,
     Terminated,
     Waiting,
     Transition,
     DeferredReady,
 #if (NTDDI_VERSION >= NTDDI_WS03)
     GateWait
 #endif
 } KTHREAD_STATE, *PKTHREAD_STATE;

 //
 // Kernel Object Types
 //
 typedef enum _KOBJECTS
 {
     EventNotificationObject = 0,
     EventSynchronizationObject = 1,
     MutantObject = 2,
     ProcessObject = 3,
     QueueObject = 4,
     SemaphoreObject = 5,
     ThreadObject = 6,
     GateObject = 7,
     TimerNotificationObject = 8,
     TimerSynchronizationObject = 9,
     Spare2Object = 10,
     Spare3Object = 11,
     Spare4Object = 12,
     Spare5Object = 13,
     Spare6Object = 14,
     Spare7Object = 15,
     Spare8Object = 16,
     Spare9Object = 17,
     ApcObject = 18,
     DpcObject = 19,
     DeviceQueueObject = 20,
     EventPairObject = 21,
     InterruptObject = 22,
     ProfileObject = 23,
     ThreadedDpcObject = 24,
     MaximumKernelObject = 25
 } KOBJECTS;

 //
 // Adjust reasons
 //
 typedef enum _ADJUST_REASON
 {
     AdjustNone = 0,
     AdjustUnwait = 1,
     AdjustBoost = 2
 } ADJUST_REASON;

 //
 // Continue Status
 //
 typedef enum _KCONTINUE_STATUS
 {
     ContinueError = 0,
     ContinueSuccess,
     ContinueProcessorReselected,
     ContinueNextProcessor
 } KCONTINUE_STATUS;

 //
 // Process States
 //
 typedef enum _KPROCESS_STATE
 {
     ProcessInMemory,
     ProcessOutOfMemory,
     ProcessInTransition,
     ProcessInSwap,
     ProcessOutSwap,
 } KPROCESS_STATE, *PKPROCESS_STATE;

 //
 // NtVdmControl Classes
 //
 typedef enum _VDMSERVICECLASS
 {
    VdmStartExecution = 0,
    VdmQueueInterrupt = 1,
    VdmDelayInterrupt = 2,
    VdmInitialize = 3,
    VdmFeatures = 4,
    VdmSetInt21Handler = 5,
    VdmQueryDir = 6,
    VdmPrinterDirectIoOpen = 7,
    VdmPrinterDirectIoClose = 8,
    VdmPrinterInitialize = 9,
    VdmSetLdtEntries = 10,
    VdmSetProcessLdtInfo = 11,
    VdmAdlibEmulation = 12,
    VdmPMCliControl = 13,
    VdmQueryVdmProcess = 14,
 } VDMSERVICECLASS;

 #ifdef NTOS_MODE_USER

 //
 // APC Normal Routine
 //
 typedef VOID
 (NTAPI *PKNORMAL_ROUTINE)(
     _In_ PVOID NormalContext,
     _In_ PVOID SystemArgument1,
     _In_ PVOID SystemArgument2
 );

 //
 // Timer Routine
 //
 typedef VOID
 (NTAPI *PTIMER_APC_ROUTINE)(
     _In_ PVOID TimerContext,
     _In_ ULONG TimerLowValue,
     _In_ LONG TimerHighValue
 );

 //
 // System Time Structure
 //
 typedef struct _KSYSTEM_TIME
 {
     ULONG LowPart;
     LONG High1Time;
     LONG High2Time;
 } KSYSTEM_TIME, *PKSYSTEM_TIME;

 //
 // Shared Kernel User Data
 //
 typedef struct _KUSER_SHARED_DATA
 {
     ULONG TickCountLowDeprecated;
     ULONG TickCountMultiplier;
     volatile KSYSTEM_TIME InterruptTime;
     volatile KSYSTEM_TIME SystemTime;
     volatile KSYSTEM_TIME TimeZoneBias;
     USHORT ImageNumberLow;
     USHORT ImageNumberHigh;
     WCHAR NtSystemRoot[260];
     ULONG MaxStackTraceDepth;
     ULONG CryptoExponent;
     ULONG TimeZoneId;
     ULONG LargePageMinimum;
     ULONG Reserved2[7];
     NT_PRODUCT_TYPE NtProductType;
     BOOLEAN ProductTypeIsValid;
     ULONG NtMajorVersion;
     ULONG NtMinorVersion;
     BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX];
     ULONG Reserved1;
     ULONG Reserved3;
     volatile ULONG TimeSlip;
     ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture;
     LARGE_INTEGER SystemExpirationDate;
     ULONG SuiteMask;
     BOOLEAN KdDebuggerEnabled;
 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
     UCHAR NXSupportPolicy;
 #endif
     volatile ULONG ActiveConsoleId;
     volatile ULONG DismountCount;
     ULONG ComPlusPackage;
     ULONG LastSystemRITEventTickCount;
     ULONG NumberOfPhysicalPages;
     BOOLEAN SafeBootMode;
     ULONG TraceLogging;
     ULONG Fill0;
     ULONGLONG TestRetInstruction;
     ULONG SystemCall;
     ULONG SystemCallReturn;
     ULONGLONG SystemCallPad[3];
     union {
         volatile KSYSTEM_TIME TickCount;
         volatile ULONG64 TickCountQuad;
     };
     ULONG Cookie;
 #if (NTDDI_VERSION >= NTDDI_WS03)
     LONGLONG ConsoleSessionForegroundProcessId;
     ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES];
 #endif
 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
     USHORT UserModeGlobalLogger[8];
     ULONG HeapTracingPid[2];
     ULONG CritSecTracingPid[2];
     union
     {
         ULONG SharedDataFlags;
         struct
         {
             ULONG DbgErrorPortPresent:1;
             ULONG DbgElevationEnabled:1;
             ULONG DbgVirtEnabled:1;
             ULONG DbgInstallerDetectEnabled:1;
             ULONG SpareBits:28;
         };
     };
     ULONG ImageFileExecutionOptions;
     KAFFINITY ActiveProcessorAffinity;
 #endif
 } KUSER_SHARED_DATA, *PKUSER_SHARED_DATA;

 //
 // VDM Structures
 //
 #include "pshpack1.h"
 typedef struct _VdmVirtualIca
 {
     LONG ica_count[8];
     LONG ica_int_line;
     LONG ica_cpu_int;
     USHORT ica_base;
     USHORT ica_hipiri;
     USHORT ica_mode;
     UCHAR ica_master;
     UCHAR ica_irr;
     UCHAR ica_isr;
     UCHAR ica_imr;
     UCHAR ica_ssr;
 } VDMVIRTUALICA, *PVDMVIRTUALICA;
 #include "poppack.h"

 typedef struct _VdmIcaUserData
 {
     PVOID pIcaLock;
     PVDMVIRTUALICA pIcaMaster;
     PVDMVIRTUALICA pIcaSlave;
     PULONG pDelayIrq;
     PULONG pUndelayIrq;
     PULONG pDelayIret;
     PULONG pIretHooked;
     PULONG pAddrIretBopTable;
     PHANDLE phWowIdleEvent;
     PLARGE_INTEGER pIcaTimeout;
     PHANDLE phMainThreadSuspended;
 } VDMICAUSERDATA, *PVDMICAUSERDATA;

 typedef struct _VDM_INITIALIZE_DATA
 {
     PVOID TrapcHandler;
     PVDMICAUSERDATA IcaUserData;
 } VDM_INITIALIZE_DATA, *PVDM_INITIALIZE_DATA;

 #else

 //
 // System Thread Start Routine
 //
 typedef
 VOID
 (NTAPI *PKSYSTEM_ROUTINE)(
     PKSTART_ROUTINE StartRoutine,
     PVOID StartContext
 );

 #ifndef _NTSYSTEM_
 typedef VOID
 (NTAPI *PKNORMAL_ROUTINE)(
   IN PVOID NormalContext OPTIONAL,
   IN PVOID SystemArgument1 OPTIONAL,
   IN PVOID SystemArgument2 OPTIONAL);

 typedef VOID
 (NTAPI *PKRUNDOWN_ROUTINE)(
   IN struct _KAPC *Apc);

 typedef VOID
 (NTAPI *PKKERNEL_ROUTINE)(
   IN struct _KAPC *Apc,
   IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL,
   IN OUT PVOID *NormalContext OPTIONAL,
   IN OUT PVOID *SystemArgument1 OPTIONAL,
   IN OUT PVOID *SystemArgument2 OPTIONAL);
 #endif

 //
 // APC Environment Types
 //
 typedef enum _KAPC_ENVIRONMENT
 {
     OriginalApcEnvironment,
     AttachedApcEnvironment,
     CurrentApcEnvironment,
     InsertApcEnvironment
 } KAPC_ENVIRONMENT;

 typedef struct _KTIMER_TABLE_ENTRY
 {
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM) || defined(_M_AMD64)
     KSPIN_LOCK Lock;
 #endif
     LIST_ENTRY Entry;
     ULARGE_INTEGER Time;
 } KTIMER_TABLE_ENTRY, *PKTIMER_TABLE_ENTRY;

 typedef struct _KTIMER_TABLE
 {
     PKTIMER TimerExpiry[64];
     KTIMER_TABLE_ENTRY TimerEntries[256];
 } KTIMER_TABLE, *PKTIMER_TABLE;

 typedef struct _KDPC_LIST
 {
     SINGLE_LIST_ENTRY ListHead;
     SINGLE_LIST_ENTRY* LastEntry;
 } KDPC_LIST, *PKDPC_LIST;

 typedef struct _SYNCH_COUNTERS
 {
     ULONG SpinLockAcquireCount;
     ULONG SpinLockContentionCount;
     ULONG SpinLockSpinCount;
     ULONG IpiSendRequestBroadcastCount;
     ULONG IpiSendRequestRoutineCount;
     ULONG IpiSendSoftwareInterruptCount;
     ULONG ExInitializeResourceCount;
     ULONG ExReInitializeResourceCount;
     ULONG ExDeleteResourceCount;
     ULONG ExecutiveResourceAcquiresCount;
     ULONG ExecutiveResourceContentionsCount;
     ULONG ExecutiveResourceReleaseExclusiveCount;
     ULONG ExecutiveResourceReleaseSharedCount;
     ULONG ExecutiveResourceConvertsCount;
     ULONG ExAcqResExclusiveAttempts;
     ULONG ExAcqResExclusiveAcquiresExclusive;
     ULONG ExAcqResExclusiveAcquiresExclusiveRecursive;
     ULONG ExAcqResExclusiveWaits;
     ULONG ExAcqResExclusiveNotAcquires;
     ULONG ExAcqResSharedAttempts;
     ULONG ExAcqResSharedAcquiresExclusive;
     ULONG ExAcqResSharedAcquiresShared;
     ULONG ExAcqResSharedAcquiresSharedRecursive;
     ULONG ExAcqResSharedWaits;
     ULONG ExAcqResSharedNotAcquires;
     ULONG ExAcqResSharedStarveExclusiveAttempts;
     ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive;
     ULONG ExAcqResSharedStarveExclusiveAcquiresShared;
     ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive;
     ULONG ExAcqResSharedStarveExclusiveWaits;
     ULONG ExAcqResSharedStarveExclusiveNotAcquires;
     ULONG ExAcqResSharedWaitForExclusiveAttempts;
     ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive;
     ULONG ExAcqResSharedWaitForExclusiveAcquiresShared;
     ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive;
     ULONG ExAcqResSharedWaitForExclusiveWaits;
     ULONG ExAcqResSharedWaitForExclusiveNotAcquires;
     ULONG ExSetResOwnerPointerExclusive;
     ULONG ExSetResOwnerPointerSharedNew;
     ULONG ExSetResOwnerPointerSharedOld;
     ULONG ExTryToAcqExclusiveAttempts;
     ULONG ExTryToAcqExclusiveAcquires;
     ULONG ExBoostExclusiveOwner;
     ULONG ExBoostSharedOwners;
     ULONG ExEtwSynchTrackingNotificationsCount;
     ULONG ExEtwSynchTrackingNotificationsAccountedCount;
 } SYNCH_COUNTERS, *PSYNCH_COUNTERS;

 //
 // PRCB DPC Data
 //
 typedef struct _KDPC_DATA
 {
 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
     KDPC_LIST DpcList;
 #else
     LIST_ENTRY DpcListHead;
 #endif
     ULONG_PTR DpcLock;
 #if defined(_M_AMD64) || defined(_M_ARM)
     volatile LONG DpcQueueDepth;
 #else
     volatile ULONG DpcQueueDepth;
 #endif
     ULONG DpcCount;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM)
     PKDPC ActiveDpc;
 #endif
 } KDPC_DATA, *PKDPC_DATA;

 //
 // Per-Processor Lookaside List
 //
 typedef struct _PP_LOOKASIDE_LIST
 {
     struct _GENERAL_LOOKASIDE *P;
     struct _GENERAL_LOOKASIDE *L;
 } PP_LOOKASIDE_LIST, *PPP_LOOKASIDE_LIST;

 //
 // Architectural Types
 //
 #include <arch/ketypes.h>

 //
 // Kernel Memory Node
 //
 #include <pshpack1.h>
 typedef struct _KNODE
 {
     SLIST_HEADER DeadStackList;
     SLIST_HEADER PfnDereferenceSListHead;
     KAFFINITY ProcessorMask;
     UCHAR Color;
     UCHAR Seed;
     UCHAR NodeNumber;
     struct _flags {
         UCHAR Removable : 1;
         UCHAR Fill : 7;
     } Flags;
     ULONG MmShiftedColor;
     ULONG FreeCount[2];
     struct _SINGLE_LIST_ENTRY *PfnDeferredList;
 } KNODE, *PKNODE;
 #include <poppack.h>

 //
 // Structure for Get/SetContext APC
 //
 typedef struct _GETSETCONTEXT
 {
     KAPC Apc;
     KEVENT Event;
     KPROCESSOR_MODE Mode;
     CONTEXT Context;
 } GETSETCONTEXT, *PGETSETCONTEXT;

 //
 // Kernel Profile Object
 //
 typedef struct _KPROFILE
 {
     CSHORT Type;
     CSHORT Size;
     LIST_ENTRY ProfileListEntry;
     struct _KPROCESS *Process;
     PVOID RangeBase;
     PVOID RangeLimit;
     ULONG BucketShift;
     PVOID Buffer;
     ULONG_PTR Segment;
     KAFFINITY Affinity;
     KPROFILE_SOURCE Source;
     BOOLEAN Started;
 } KPROFILE, *PKPROFILE;

 //
 // Kernel Interrupt Object
 //
 typedef struct _KINTERRUPT
 {
     CSHORT Type;
     CSHORT Size;
     LIST_ENTRY InterruptListEntry;
     PKSERVICE_ROUTINE ServiceRoutine;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
     PKSERVICE_ROUTINE MessageServiceRoutine;
     ULONG MessageIndex;
 #endif
     PVOID ServiceContext;
     KSPIN_LOCK SpinLock;
     ULONG TickCount;
     PKSPIN_LOCK ActualLock;
     PKINTERRUPT_ROUTINE DispatchAddress;
     ULONG Vector;
     KIRQL Irql;
     KIRQL SynchronizeIrql;
     BOOLEAN FloatingSave;
     BOOLEAN Connected;
     CCHAR Number;
     BOOLEAN ShareVector;
     KINTERRUPT_MODE Mode;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
     KINTERRUPT_POLARITY Polarity;
 #endif
     ULONG ServiceCount;
     ULONG DispatchCount;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
     ULONGLONG Rsvd1;
 #endif
 #ifdef _M_AMD64
     PKTRAP_FRAME TrapFrame;
     PVOID Reserved;
 #endif
     ULONG DispatchCode[DISPATCH_LENGTH];
 } KINTERRUPT;

 //
 // Kernel Event Pair Object
 //
 typedef struct _KEVENT_PAIR
 {
     CSHORT Type;
     CSHORT Size;
     KEVENT LowEvent;
     KEVENT HighEvent;
 } KEVENT_PAIR, *PKEVENT_PAIR;

 //
 // Kernel No Execute Options
 //
 typedef struct _KEXECUTE_OPTIONS
 {
     UCHAR ExecuteDisable:1;
     UCHAR ExecuteEnable:1;
     UCHAR DisableThunkEmulation:1;
     UCHAR Permanent:1;
     UCHAR ExecuteDispatchEnable:1;
     UCHAR ImageDispatchEnable:1;
     UCHAR Spare:2;
 } KEXECUTE_OPTIONS, *PKEXECUTE_OPTIONS;

 #if (NTDDI_VERSION >= NTDDI_WIN7)
 typedef union _KWAIT_STATUS_REGISTER
 {
     UCHAR Flags;
     struct
     {
         UCHAR State:2;
         UCHAR Affinity:1;
         UCHAR Priority:1;
         UCHAR Apc:1;
         UCHAR UserApc:1;
         UCHAR Alert:1;
         UCHAR Unused:1;
     };
 } KWAIT_STATUS_REGISTER, *PKWAIT_STATUS_REGISTER;

 typedef struct _COUNTER_READING
 {
     enum _HARDWARE_COUNTER_TYPE Type;
     ULONG Index;
     ULONG64 Start;
     ULONG64 Total;
 }COUNTER_READING, *PCOUNTER_READING;

 typedef struct _KTHREAD_COUNTERS
 {
     ULONG64 WaitReasonBitMap;
     struct _THREAD_PERFORMANCE_DATA* UserData;
     ULONG Flags;
     ULONG ContextSwitches;
     ULONG64 CycleTimeBias;
     ULONG64 HardwareCounters;
     COUNTER_READING HwCounter[16];
 }KTHREAD_COUNTERS, *PKTHREAD_COUNTERS;
 #endif

 #if (NTDDI_VERSION >= NTDDI_WIN8)
 typedef struct _RTL_RB_TREE
 {
     PRTL_BALANCED_NODE Root;
     PRTL_BALANCED_NODE Min;
 } RTL_RB_TREE, *PRTL_RB_TREE;
 #endif

 #if (NTDDI_VERSION >= NTDDI_WINBLUE)
 typedef struct _KLOCK_ENTRY_LOCK_STATE
 {
     union
     {
         struct
         {
 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 6.4.9841.0
             ULONG_PTR CrossThreadReleasable : 1;
 #else
             ULONG_PTR Waiting : 1;
 #endif
             ULONG_PTR Busy : 1;
             ULONG_PTR Reserved : (8 * sizeof(PVOID)) - 3; // previously Spare
             ULONG_PTR InTree : 1;
         };
         PVOID LockState;
     };
     union
     {
         PVOID SessionState;
         struct
         {
             ULONG SessionId;
 #ifdef _WIN64
             ULONG SessionPad;
 #endif
         };
     };
 } KLOCK_ENTRY_LOCK_STATE, *PKLOCK_ENTRY_LOCK_STATE;

 typedef struct _KLOCK_ENTRY
 {
     union
     {
         RTL_BALANCED_NODE TreeNode;
         SINGLE_LIST_ENTRY FreeListEntry;
     };
 #if (NTDDI_VERSION >= NTDDI_WIN10)
     union
     {
         ULONG EntryFlags;
         struct
         {
             UCHAR EntryOffset;
             union
             {
                 UCHAR ThreadLocalFlags;
                 struct
                 {
                     UCHAR WaitingBit : 1;
                     UCHAR Spare0 : 7;
                 };
             };
             union
             {
                 UCHAR AcquiredByte;
                 UCHAR AcquiredBit : 1;
             };
             union
             {
                 UCHAR CrossThreadFlags;
                 struct
                 {
                     UCHAR HeadNodeBit : 1;
                     UCHAR IoPriorityBit : 1;
                     UCHAR IoQoSWaiter : 1; // since TH2
                     UCHAR Spare1 : 5;
                 };
             };
         };
         struct
         {
             ULONG StaticState : 8;
             ULONG AllFlags : 24;
         };
     };
 #ifdef _WIN64
     ULONG SpareFlags;
 #endif
 #else
     union
     {
         PVOID ThreadUnsafe;
         struct
         {
             volatile UCHAR HeadNodeByte;
             UCHAR Reserved1[2];
             volatile UCHAR AcquiredByte;
         };
     };
 #endif

     union
     {
         KLOCK_ENTRY_LOCK_STATE LockState;
         PVOID LockUnsafe;
         struct
         {
 #if (NTDDI_VERSION >= NTDDI_WIN10)
             volatile UCHAR CrossThreadReleasableAndBusyByte;
 #else
             volatile UCHAR WaitingAndBusyByte;
 #endif
             UCHAR Reserved[sizeof(PVOID) - 2];
             UCHAR InTreeByte;
             union
             {
                 PVOID SessionState;
                 struct
                 {
                     ULONG SessionId;
 #ifdef _WIN64
                     ULONG SessionPad;
 #endif
                 };
             };
         };
     };
     union
     {
         struct
         {
             RTL_RB_TREE OwnerTree;
             RTL_RB_TREE WaiterTree;
         };
         CHAR CpuPriorityKey;
     };
     ULONG_PTR EntryLock;
     union
     {
 #if _WIN64
         ULONG AllBoosts : 17;
 #else
         USHORT AllBoosts;
 #endif
         struct
         {
             struct
             {
                 USHORT CpuBoostsBitmap : 15;
                 USHORT IoBoost : 1;
             };
             struct
             {
                 USHORT IoQoSBoost : 1;
                 USHORT IoNormalPriorityWaiterCount : 8;
                 USHORT IoQoSWaiterCount : 7;
             };
         };
     };
 #if _WIN64
     ULONG SparePad;
 #endif
 } KLOCK_ENTRY, *PKLOCK_ENTRY;

 #endif

 //
 // Kernel Thread (KTHREAD)
 //
 #if (NTDDI_VERSION < NTDDI_WIN8)

 typedef struct _KTHREAD
 {
     DISPATCHER_HEADER Header;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
     ULONGLONG CycleTime;
 #ifndef _WIN64 // [
     ULONG HighCycleTime;
 #endif // ]
     ULONGLONG QuantumTarget;
 #else // ][
     LIST_ENTRY MutantListHead;
 #endif // ]
     PVOID InitialStack;
     ULONG_PTR StackLimit; // FIXME: PVOID
     PVOID KernelStack;
     KSPIN_LOCK ThreadLock;
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
     KWAIT_STATUS_REGISTER WaitRegister;
     BOOLEAN Running;
     BOOLEAN Alerted[2];
     union
     {
         struct
         {
             ULONG KernelStackResident:1;
             ULONG ReadyTransition:1;
             ULONG ProcessReadyQueue:1;
             ULONG WaitNext:1;
             ULONG SystemAffinityActive:1;
             ULONG Alertable:1;
             ULONG GdiFlushActive:1;
             ULONG UserStackWalkActive:1;
             ULONG ApcInterruptRequest:1;
             ULONG ForceDeferSchedule:1;
             ULONG QuantumEndMigrate:1;
             ULONG UmsDirectedSwitchEnable:1;
             ULONG TimerActive:1;
             ULONG Reserved:19;
         };
         LONG MiscFlags;
     };
 #endif // ]
     union
     {
         KAPC_STATE ApcState;
         struct
         {
             UCHAR ApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
             SCHAR Priority;
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
             /* On x86, the following members "fall out" of the union */
             volatile ULONG NextProcessor;
             volatile ULONG DeferredProcessor;
 #else // ][
             /* On x86, the following members "fall out" of the union */
             volatile USHORT NextProcessor;
             volatile USHORT DeferredProcessor;
 #endif // ]
 #else // ][
             UCHAR ApcQueueable;
             /* On x86, the following members "fall out" of the union */
             volatile UCHAR NextProcessor;
             volatile UCHAR DeferredProcessor;
             UCHAR AdjustReason;
             SCHAR AdjustIncrement;
 #endif // ]
         };
     };
     KSPIN_LOCK ApcQueueLock;
 #ifndef _M_AMD64 // [
     ULONG ContextSwitches;
     volatile UCHAR State;
     UCHAR NpxState;
     KIRQL WaitIrql;
     KPROCESSOR_MODE WaitMode;
 #endif // ]
     LONG_PTR WaitStatus;
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
     PKWAIT_BLOCK WaitBlockList;
 #else // ][
     union
     {
         PKWAIT_BLOCK WaitBlockList;
         PKGATE GateObject;
     };
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
     union
     {
         struct
         {
             ULONG KernelStackResident:1;
             ULONG ReadyTransition:1;
             ULONG ProcessReadyQueue:1;
             ULONG WaitNext:1;
             ULONG SystemAffinityActive:1;
             ULONG Alertable:1;
             ULONG GdiFlushActive:1;
             ULONG Reserved:25;
         };
         LONG MiscFlags;
     };
 #else // ][
     BOOLEAN Alertable;
     BOOLEAN WaitNext;
 #endif // ]
     UCHAR WaitReason;
 #if (NTDDI_VERSION < NTDDI_LONGHORN)
     SCHAR Priority;
     BOOLEAN EnableStackSwap;
 #endif // ]
     volatile UCHAR SwapBusy;
     BOOLEAN Alerted[MaximumMode];
 #endif // ]
     union
     {
         LIST_ENTRY WaitListEntry;
         SINGLE_LIST_ENTRY SwapListEntry;
     };
     PKQUEUE Queue;
 #ifndef _M_AMD64 // [
     ULONG WaitTime;
     union
     {
         struct
         {
             SHORT KernelApcDisable;
             SHORT SpecialApcDisable;
         };
         ULONG CombinedApcDisable;
     };
 #endif // ]
     struct _TEB *Teb;

 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
     KTIMER Timer;
 #else // ][
     union
     {
         KTIMER Timer;
         struct
         {
             UCHAR TimerFill[FIELD_OFFSET(KTIMER, Period) + sizeof(LONG)];
 #if !defined(_WIN64) // [
         };
     };
 #endif // ]
 #endif // ]
             union
             {
                 struct
                 {
                     ULONG AutoAlignment:1;
                     ULONG DisableBoost:1;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
                     ULONG EtwStackTraceApc1Inserted:1;
                     ULONG EtwStackTraceApc2Inserted:1;
                     ULONG CycleChargePending:1;
                     ULONG CalloutActive:1;
                     ULONG ApcQueueable:1;
                     ULONG EnableStackSwap:1;
                     ULONG GuiThread:1;
                     ULONG ReservedFlags:23;
 #else // ][
                     LONG ReservedFlags:30;
 #endif // ]
                 };
                 LONG ThreadFlags;
             };
 #if defined(_WIN64) && (NTDDI_VERSION < NTDDI_WIN7) // [
         };
     };
 #endif // ]
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
 #if defined(_WIN64) // [
     ULONG Spare0;
 #else // ][
     PVOID ServiceTable;
 #endif // ]
 #endif // ]
     union
     {
         DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
 #if (NTDDI_VERSION < NTDDI_WIN7) // [
         struct
         {
             UCHAR WaitBlockFill0[FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 32bit = 23, 64bit = 43
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
             UCHAR IdealProcessor;
 #else // ][
             BOOLEAN SystemAffinityActive;
 #endif // ]
         };
         struct
         {
             UCHAR WaitBlockFill1[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 47 / 91
             CCHAR PreviousMode;
         };
         struct
         {
             UCHAR WaitBlockFill2[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 71 / 139
             UCHAR ResourceIndex;
         };
         struct
         {
             UCHAR WaitBlockFill3[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 95 / 187
             UCHAR LargeStack;
         };
 #endif // ]
 #ifdef _WIN64 // [
         struct
         {
             UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
             ULONG ContextSwitches;
         };
         struct
         {
             UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
             UCHAR State;
             UCHAR NpxState;
             UCHAR WaitIrql;
             CHAR WaitMode;
         };
         struct
         {
             UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
             ULONG WaitTime;
         };
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
         struct
         {
             UCHAR WaitBlockFill7[168];
             PVOID TebMappedLowVa;
             struct _UMS_CONTROL_BLOCK* Ucb;
         };
 #endif // ]
         struct
         {
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
             UCHAR WaitBlockFill8[188];
 #else // ][
             UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
 #endif // ]
             union
             {
                 struct
                 {
                     SHORT KernelApcDisable;
                     SHORT SpecialApcDisable;
                 };
                 ULONG CombinedApcDisable;
             };
         };
 #endif // ]
     };
     LIST_ENTRY QueueListEntry;
     PKTRAP_FRAME TrapFrame;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
     PVOID FirstArgument;
     union
     {
         PVOID CallbackStack;
         ULONG_PTR CallbackDepth;
     };
 #else // ][
     PVOID CallbackStack;
 #endif // ]
 #if (NTDDI_VERSION < NTDDI_LONGHORN) || ((NTDDI_VERSION < NTDDI_WIN7) && !defined(_WIN64)) // [
     PVOID ServiceTable;
 #endif // ]
 #if (NTDDI_VERSION < NTDDI_LONGHORN) && defined(_WIN64) // [
     ULONG KernelLimit;
 #endif // ]
     UCHAR ApcStateIndex;
 #if (NTDDI_VERSION < NTDDI_LONGHORN) // [
     UCHAR IdealProcessor;
     BOOLEAN Preempted;
     BOOLEAN ProcessReadyQueue;
 #ifdef _WIN64 // [
     PVOID Win32kTable;
     ULONG Win32kLimit;
 #endif // ]
     BOOLEAN KernelStackResident;
 #endif // ]
     SCHAR BasePriority;
     SCHAR PriorityDecrement;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
     BOOLEAN Preempted;
     UCHAR AdjustReason;
     CHAR AdjustIncrement;
 #if (NTDDI_VERSION >= NTDDI_WIN7)
     UCHAR PreviousMode;
 #else
     UCHAR Spare01;
 #endif
 #endif // ]
     CHAR Saturation;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
     ULONG SystemCallNumber;
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
     ULONG FreezeCount;
 #else // ][
     ULONG Spare02;
 #endif // ]
 #endif // ]
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
     GROUP_AFFINITY UserAffinity;
     struct _KPROCESS *Process;
     GROUP_AFFINITY Affinity;
     ULONG IdealProcessor;
     ULONG UserIdealProcessor;
 #else // ][
     KAFFINITY UserAffinity;
     struct _KPROCESS *Process;
     KAFFINITY Affinity;
 #endif // ]
     PKAPC_STATE ApcStatePointer[2];
     union
     {
         KAPC_STATE SavedApcState;
         struct
         {
             UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
             UCHAR WaitReason;
 #else // ][
             CCHAR FreezeCount;
 #endif // ]
 #ifndef _WIN64 // [
         };
     };
 #endif // ]
             CCHAR SuspendCount;
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
             CCHAR Spare1;
 #else // ][
             UCHAR UserIdealProcessor;
 #endif // ]
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
             UCHAR Spare03;
 #else // ][
             UCHAR CalloutActive;
 #endif // ]
 #ifdef _WIN64 // [
             UCHAR CodePatchInProgress;
         };
     };
 #endif // ]
 #if defined(_M_IX86) // [
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
     UCHAR OtherPlatformFill;
 #else // ][
     UCHAR Iopl;
 #endif // ]
 #endif // ]
     PVOID Win32Thread;
     PVOID StackBase;
     union
     {
         KAPC SuspendApc;
         struct
         {
             UCHAR SuspendApcFill0[1];
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
             UCHAR ResourceIndex;
 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
             CHAR Spare04;
 #else // ][
             SCHAR Quantum;
 #endif // ]
         };
         struct
         {
             UCHAR SuspendApcFill1[3];
             UCHAR QuantumReset;
         };
         struct
         {
             UCHAR SuspendApcFill2[4];
             ULONG KernelTime;
         };
         struct
         {
             UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)];
 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
             PKPRCB WaitPrcb;
 #else
             PVOID TlsArray;
 #endif
         };
         struct
         {
             UCHAR SuspendApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 40 / 72
             PVOID LegoData;
         };
         struct
         {
             UCHAR SuspendApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 47 / 83
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
             UCHAR LargeStack;
 #else // ][
             UCHAR PowerState;
 #endif // ]
 #ifdef _WIN64 // [
             ULONG UserTime;
 #endif // ]
         };
     };
 #ifndef _WIN64 // [
     ULONG UserTime;
 #endif // ]
     union
     {
         KSEMAPHORE SuspendSemaphore;
         struct
         {
             UCHAR SuspendSemaphorefill[FIELD_OFFSET(KSEMAPHORE, Limit) + 4]; // 20 / 28
 #ifdef _WIN64 // [
             ULONG SListFaultCount;
 #endif // ]
         };
     };
 #ifndef _WIN64 // [
     ULONG SListFaultCount;
 #endif // ]
     LIST_ENTRY ThreadListEntry;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
     LIST_ENTRY MutantListHead;
 #endif // ]
     PVOID SListFaultAddress;
 #ifdef _M_AMD64 // [
     LONG64 ReadOperationCount;
     LONG64 WriteOperationCount;
     LONG64 OtherOperationCount;
     LONG64 ReadTransferCount;
     LONG64 WriteTransferCount;
     LONG64 OtherTransferCount;
 #endif // ]
 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
     PKTHREAD_COUNTERS ThreadCounters;
     PXSTATE_SAVE XStateSave;
 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
     PVOID MdlForLockedTeb;
 #endif // ]
 } KTHREAD;

 #else // not (NTDDI_VERSION < NTDDI_WIN8)

 #if defined(_WIN64) && (NTDDI_VERSION < 0x06032580) // since WIN 8.1 Update1 6.3.9600.16384
 #define NUMBER_OF_LOCK_ENTRIES 5
 #else
 #define NUMBER_OF_LOCK_ENTRIES 6
 #endif

 typedef struct _KTHREAD
 {
     DISPATCHER_HEADER Header;
     PVOID SListFaultAddress;
     ULONG64 QuantumTarget;
     PVOID InitialStack;
     volatile VOID *StackLimit;
     PVOID StackBase;
     KSPIN_LOCK ThreadLock;
     volatile ULONG64 CycleTime;
 #ifndef _WIN64
     volatile ULONG HighCycleTime;
     PVOID ServiceTable;
 #endif
     ULONG CurrentRunTime;
     ULONG ExpectedRunTime;
     PVOID KernelStack;
     XSAVE_FORMAT* StateSaveArea;
     struct _KSCHEDULING_GROUP* SchedulingGroup;
     KWAIT_STATUS_REGISTER WaitRegister;
     BOOLEAN Running;
     BOOLEAN Alerted[MaximumMode];

     union
     {
         struct
         {
 #if (NTDDI_VERSION < NTDDI_WIN10)
             ULONG KernelStackResident : 1;
 #else
             ULONG AutoBoostActive : 1;
 #endif
             ULONG ReadyTransition : 1;
 #if (NTDDI_VERSION < NTDDI_WIN10TH2)
             ULONG ProcessReadyQueue : 1;
 #endif
             ULONG ProcessReadyQueue : 1;
             ULONG WaitNext : 1;
             ULONG SystemAffinityActive : 1;
             ULONG Alertable : 1;
 #if (NTDDI_VERSION < NTDDI_WIN81)
             ULONG CodePatchInProgress : 1;
 #endif
             ULONG UserStackWalkActive : 1;
             ULONG ApcInterruptRequest : 1;
             ULONG QuantumEndMigrate : 1;
             ULONG UmsDirectedSwitchEnable : 1;
             ULONG TimerActive : 1;
             ULONG SystemThread : 1;
             ULONG ProcessDetachActive : 1;
             ULONG CalloutActive : 1;
             ULONG ScbReadyQueue : 1;
             ULONG ApcQueueable : 1;
             ULONG ReservedStackInUse : 1;
             ULONG UmsPerformingSyscall : 1;
             ULONG DisableStackCheck : 1;
             ULONG Reserved : 12;
         };
         LONG MiscFlags;
     };

     union
     {
         struct
         {
             ULONG AutoAlignment : 1;
             ULONG DisableBoost : 1;
             ULONG UserAffinitySet : 1;
             ULONG AlertedByThreadId : 1;
             ULONG QuantumDonation : 1;
             ULONG EnableStackSwap : 1;
             ULONG GuiThread : 1;
             ULONG DisableQuantum : 1;
             ULONG ChargeOnlyGroup : 1;
             ULONG DeferPreemption : 1;
             ULONG QueueDeferPreemption : 1;
             ULONG ForceDeferSchedule : 1;
             ULONG ExplicitIdealProcessor : 1;
             ULONG FreezeCount : 1;
 #if (NTDDI_VERSION >= 0x060324D7) // since 6.3.9431.0
             ULONG TerminationApcRequest : 1;
 #endif
 #if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.16384
             ULONG AutoBoostEntriesExhausted : 1;
 #endif
 #if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.17031
             ULONG KernelStackResident : 1;
 #endif
 #if (NTDDI_VERSION >= NTDDI_WIN10)
             ULONG CommitFailTerminateRequest : 1;
             ULONG ProcessStackCountDecremented : 1;
             ULONG ThreadFlagsSpare : 5;
 #endif
             ULONG EtwStackTraceApcInserted : 8;
 #if (NTDDI_VERSION < NTDDI_WIN10)
             ULONG ReservedFlags : 10;
 #endif
         };
         LONG ThreadFlags;
     };

 #if (NTDDI_VERSION >= NTDDI_WIN10)
     volatile UCHAR Tag;
     UCHAR SystemHeteroCpuPolicy;
     UCHAR UserHeteroCpuPolicy : 7;
     UCHAR ExplicitSystemHeteroCpuPolicy : 1;
     UCHAR Spare0;
 #else
     ULONG Spare0;
 #endif
     ULONG SystemCallNumber;
 #ifdef _WIN64
     ULONG Spare1; // Win 10: Spare10
 #endif
     PVOID FirstArgument;
     PKTRAP_FRAME TrapFrame;

     union
     {
         KAPC_STATE ApcState;
         struct
         {
             UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]; // 32bit: 23/0x17, 64bit: 43/0x2B
             SCHAR Priority;
             ULONG UserIdealProcessor;
         };
     };

 #ifndef _WIN64
     ULONG ContextSwitches;
     volatile UCHAR State;
 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10074.0
     CHAR Spare12;
 #else
     CHAR NpxState;
 #endif
     KIRQL WaitIrql;
     KPROCESSOR_MODE WaitMode;
 #endif

     volatile INT_PTR WaitStatus;
     PKWAIT_BLOCK WaitBlockList;
     union
     {
         LIST_ENTRY WaitListEntry;
         SINGLE_LIST_ENTRY SwapListEntry;
     };
     PKQUEUE Queue;
     PVOID Teb;
 #if (NTDDI_VERSION >= NTDDI_WIN8 /* 0x060223F0 */) // since 6.2.9200.16384
     ULONG64 RelativeTimerBias;
 #endif
     KTIMER Timer;

     union
     {
         DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
 #ifdef _WIN64
         struct
         {
             UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 20/0x14
             ULONG ContextSwitches;
         };
         struct
         {
             UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 68/0x44
             UCHAR State;
 #if (NTDDI_VERSION >= NTDDI_WIN10)
             CHAR Spare13;
 #else
             CHAR NpxState;
 #endif
             UCHAR WaitIrql;
             CHAR WaitMode;
         };
         struct
         {
             UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 116/0x74
             ULONG WaitTime;
         };
         struct
         {
             UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 164/0xA4
             union
             {
                 struct
                 {
                     SHORT KernelApcDisable;
                     SHORT SpecialApcDisable;
                 };
                 ULONG CombinedApcDisable;
             };
         };
 #endif
         struct
         {
             UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 20/0x14, 64bit: 40/0x28
             struct _KTHREAD_COUNTERS *ThreadCounters;
         };
         struct
         {
             UCHAR WaitBlockFill9[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 44/0x2C, 64bit: 88/0x58
             PXSTATE_SAVE XStateSave;
         };
         struct
         {
             UCHAR WaitBlockFill10[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 68/0x44, 64bit: 136/0x88
             PVOID Win32Thread;
         };
         struct
         {
             UCHAR WaitBlockFill11[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, Object)]; // 32bit: 88/0x58, 64bit: 176/0xB0
 #ifdef _WIN64
             struct _UMS_CONTROL_BLOCK* Ucb;
             struct _KUMS_CONTEXT_HEADER* Uch;
 #else
             ULONG WaitTime;
             union
             {
                 struct
                 {
                     SHORT KernelApcDisable;
                     SHORT SpecialApcDisable;
                 };
                 ULONG CombinedApcDisable;
             };
 #endif
         };
     };

 #ifdef _WIN64
     PVOID TebMappedLowVa;
 #endif
     LIST_ENTRY QueueListEntry;
 #if (NTDDI_VERSION >= 0x060223F0) // since 6.2.9200.16384
     union
     {
         ULONG NextProcessor;
         struct
         {
             ULONG NextProcessorNumber : 31;
             ULONG SharedReadyQueue : 1;
         };
     };
     LONG QueuePriority;
 #else
     ULONG NextProcessor;
     ULONG DeferredProcessor;
 #endif
     PKPROCESS Process;

     union
     {
         GROUP_AFFINITY UserAffinity;
         struct
         {
             UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
             CHAR PreviousMode;
             CHAR BasePriority;
             union
             {
                 CHAR PriorityDecrement;
                 struct
                 {
                     UCHAR ForegroundBoost : 4;
                     UCHAR UnusualBoost : 4;
                 };
             };
             UCHAR Preempted;
             UCHAR AdjustReason;
             CHAR AdjustIncrement;
         };
     };

 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
     ULONG_PTR AffinityVersion;
 #endif
     union
     {
         GROUP_AFFINITY Affinity;
         struct
         {
             UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
             UCHAR ApcStateIndex;
             UCHAR WaitBlockCount;
             ULONG IdealProcessor;
         };
     };

 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
 #ifdef _WIN64
     ULONG64 NpxState;
 #else
     ULONG Spare15;
 #endif
 #else
     PKAPC_STATE ApcStatePointer[2];
 #endif

     union
     {
         KAPC_STATE SavedApcState;
         struct
         {
             UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1]; // 32bit: 23/0x17, 64bit: 43/0x2B
             UCHAR WaitReason;
             CHAR SuspendCount;
             CHAR Saturation;
             SHORT SListFaultCount;
         };
     };

     union
     {
         KAPC SchedulerApc;
         struct
         {
             UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]; // 32bit:  1/0x01, 64bit: 1/0x01
             UCHAR ResourceIndex;
         };
         struct
         {
             UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]; // 32bit:  3/0x03, 64bit: 3/0x03
             UCHAR QuantumReset;
         };
         struct
         {
             UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]; // 32bit:  4/0x04, 64bit: 4/0x04
             ULONG KernelTime;
         };
         struct
         {
             UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]; // 32 bit:, 64 bit: 64/0x40
             PKPRCB WaitPrcb;
         };
         struct
         {
             UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 32 bit:, 64 bit: 72/0x48
             PVOID LegoData;
         };
         struct
         {
             UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 32 bit:, 64 bit: 83/0x53
             UCHAR CallbackNestingLevel;
             ULONG UserTime;
         };
     };

     KEVENT SuspendEvent;
     LIST_ENTRY ThreadListEntry;
     LIST_ENTRY MutantListHead;

 #if (NTDDI_VERSION >= NTDDI_WIN10)
     UCHAR AbEntrySummary;
     UCHAR AbWaitEntryCount;
     USHORT Spare20;
 #if _WIN64
     ULONG SecureThreadCookie;
 #endif
 #elif (NTDDI_VERSION >= NTDDI_WINBLUE) // 6.3.9431.0
     SINGLE_LIST_ENTRY LockEntriesFreeList;
 #endif

 #if (NTDDI_VERSION >= NTDDI_WINBLUE /* 0x06032580 */) // since 6.3.9600.16384
     KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES];
     SINGLE_LIST_ENTRY PropagateBoostsEntry;
     SINGLE_LIST_ENTRY IoSelfBoostsEntry;
     UCHAR PriorityFloorCounts[16];
     ULONG PriorityFloorSummary;
     volatile LONG AbCompletedIoBoostCount;
   #if (NTDDI_VERSION >= NTDDI_WIN10_RS1)
     LONG AbCompletedIoQoSBoostCount;
   #endif

   #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
     volatile SHORT KeReferenceCount;
   #else
     volatile SHORT AbReferenceCount;
   #endif
   #if (NTDDI_VERSION >= 0x06040000) // since 6.4.9841.0
     UCHAR AbOrphanedEntrySummary;
     UCHAR AbOwnedEntryCount;
   #else
     UCHAR AbFreeEntryCount;
     UCHAR AbWaitEntryCount;
   #endif
     ULONG ForegroundLossTime;
     union
     {
         LIST_ENTRY GlobalForegroundListEntry;
         struct
         {
             SINGLE_LIST_ENTRY ForegroundDpcStackListEntry;
             ULONG_PTR InGlobalForegroundList;
         };
     };
 #endif

 #if _WIN64
     LONG64 ReadOperationCount;
     LONG64 WriteOperationCount;
     LONG64 OtherOperationCount;
     LONG64 ReadTransferCount;
     LONG64 WriteTransferCount;
     LONG64 OtherTransferCount;
 #endif
 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10041.0
     struct _KSCB *QueuedScb;
 #ifndef _WIN64
     ULONG64 NpxState;
 #endif
 #endif
 } KTHREAD;

 #endif


 #define ASSERT_THREAD(object) \
     ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ThreadObject))

 //
 // Kernel Process (KPROCESS)
 //
 typedef struct _KPROCESS
 {
     DISPATCHER_HEADER Header;
     LIST_ENTRY ProfileListHead;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
     ULONG_PTR DirectoryTableBase;
     ULONG_PTR Unused0;
 #else
     ULONG_PTR DirectoryTableBase[2];
 #endif
 #if defined(_M_IX86)
     KGDTENTRY LdtDescriptor;
     KIDTENTRY Int21Descriptor;
 #endif
     USHORT IopmOffset;
 #if defined(_M_IX86)
     UCHAR Iopl;
     UCHAR Unused;
 #endif
     volatile KAFFINITY ActiveProcessors;
     ULONG KernelTime;
     ULONG UserTime;
     LIST_ENTRY ReadyListHead;
     SINGLE_LIST_ENTRY SwapListEntry;
     PVOID VdmTrapcHandler;
     LIST_ENTRY ThreadListHead;
     KSPIN_LOCK ProcessLock;
     KAFFINITY Affinity;
     union
     {
         struct
         {
             LONG AutoAlignment:1;
             LONG DisableBoost:1;
             LONG DisableQuantum:1;
             LONG ReservedFlags:29;
         };
         LONG ProcessFlags;
     };
     SCHAR BasePriority;
     SCHAR QuantumReset;
     UCHAR State;
     UCHAR ThreadSeed;
     UCHAR PowerState;
     UCHAR IdealNode;
     UCHAR Visited;
     union
     {
         KEXECUTE_OPTIONS Flags;
         UCHAR ExecuteOptions;
     };
     ULONG StackCount;
     LIST_ENTRY ProcessListEntry;
 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
     ULONGLONG CycleTime;
 #endif // ]
 } KPROCESS;

 #define ASSERT_PROCESS(object) \
     ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ProcessObject))

 //
 // System Service Table Descriptor
 //
 typedef struct _KSERVICE_TABLE_DESCRIPTOR
 {
     PULONG_PTR Base;
     PULONG Count;
     ULONG Limit;
 #if defined(_IA64_)
     LONG TableBaseGpOffset;
 #endif
     PUCHAR Number;
 } KSERVICE_TABLE_DESCRIPTOR, *PKSERVICE_TABLE_DESCRIPTOR;

 #if (NTDDI_VERSION >= NTDDI_WIN8)
 //
 // Entropy Timing State
 //
 typedef struct _KENTROPY_TIMING_STATE
 {
     ULONG EntropyCount;
     ULONG Buffer[64];
     KDPC Dpc;
     ULONG LastDeliveredBuffer;
     PULONG RawDataBuffer;
 } KENTROPY_TIMING_STATE, *PKENTROPY_TIMING_STATE;

 //
 // Constants from ks386.inc, ksamd64.inc and ksarm.h
 //
 #define KENTROPY_TIMING_INTERRUPTS_PER_BUFFER 0x400
 #define KENTROPY_TIMING_BUFFER_MASK 0x7ff
 #define KENTROPY_TIMING_ANALYSIS 0x0

 #endif /* (NTDDI_VERSION >= NTDDI_WIN8) */

 //
 // Exported Loader Parameter Block
 //
 extern struct _LOADER_PARAMETER_BLOCK NTSYSAPI *KeLoaderBlock;

 //
 // Exported Hardware Data
 //
 extern ULONG NTSYSAPI KiDmaIoCoherency;
 extern ULONG NTSYSAPI KeMaximumIncrement;
 extern ULONG NTSYSAPI KeMinimumIncrement;
 extern ULONG NTSYSAPI KeDcacheFlushCount;
 extern ULONG NTSYSAPI KeIcacheFlushCount;
 extern ULONG_PTR NTSYSAPI KiBugCheckData[];
 extern BOOLEAN NTSYSAPI KiEnableTimerWatchdog;

 //
 // Exported System Service Descriptor Tables
 //
 extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES];
 extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES];

 #endif // !NTOS_MODE_USER

 #endif // _KETYPES_H
ApcObject
Definition: ketypes.h:405

_EXCEPTION_REGISTRATION_RECORD
Definition: compat.h:384

_KUSER_SHARED_DATA::LargePageMinimum
ULONG LargePageMinimum
Definition: ketypes.h:1155

_KPROFILE::Started
BOOLEAN Started
Definition: ketypes.h:817

_KINTERRUPT::ServiceCount
ULONG ServiceCount
Definition: ketypes.h:849

_KWAIT_REASON
_KWAIT_REASON
Definition: ketypes.h:402

_KPROFILE::Type
CSHORT Type
Definition: ketypes.h:806

VdmPMCliControl
Definition: ketypes.h:466

WrFreePage
Definition: ketypes.h:411

_KTHREAD::SuspendApcFill3
UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]
Definition: ketypes.h:1881

_FIBER::StackBase
PVOID StackBase
Definition: ketypes.h:183

_KPROCESS::QuantumReset
SCHAR QuantumReset
Definition: ketypes.h:2012

_KTHREAD::ThreadFlags
LONG ThreadFlags
Definition: ketypes.h:1647

_KSYSTEM_TIME::LowPart
ULONG LowPart
Definition: ketypes.h:910

_FIBER::FiberContext
CONTEXT FiberContext
Definition: ketypes.h:186

ProfileCacheMisses
Definition: ketypes.h:385

KTIMER_TABLE
struct _KTIMER_TABLE KTIMER_TABLE

_KTHREAD::AbCompletedIoQoSBoostCount
LONG AbCompletedIoQoSBoostCount
Definition: ketypes.h:1920

_KUSER_SHARED_DATA::NtMinorVersion
ULONG NtMinorVersion
Definition: ketypes.h:1160

ProfileDcacheAccesses
Definition: ketypes.h:396

_KPROFILE::Buffer
PVOID Buffer
Definition: ketypes.h:813

Unused
_Must_inspect_result_ typedef _In_ PVOID Unused
Definition: iotypes.h:1128

_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAttempts
ULONG ExAcqResSharedWaitForExclusiveAttempts
Definition: ketypes.h:715

_KTHREAD::FreezeCount
ULONG FreezeCount
Definition: ketypes.h:1627

IN
#define IN
Definition: typedefs.h:38

NotificationEvent
Definition: ntdef.template.h:356

_KPROCESS::Unused0
ULONG_PTR Unused0
Definition: ketypes.h:1978

_KUSER_SHARED_DATA::SharedDataFlags
ULONG SharedDataFlags
Definition: ketypes.h:1192

_VDMSERVICECLASS
_VDMSERVICECLASS
Definition: ketypes.h:451

_KTHREAD
Definition: ketypes.h:1549

_KUSER_SHARED_DATA
Definition: ketypes.h:1143

KPROFILE_SOURCE
enum _KPROFILE_SOURCE KPROFILE_SOURCE

GateWait
Definition: ketypes.h:378

_KTHREAD::AutoBoostActive
ULONG AutoBoostActive
Definition: ketypes.h:1579

_KLOCK_ENTRY::Spare1
UCHAR Spare1
Definition: ketypes.h:998

PKPROCESS_STATE
enum _KPROCESS_STATE * PKPROCESS_STATE

_RTL_BALANCED_NODE
Definition: ntdef.template.h:321

_KINTERRUPT::Connected
BOOLEAN Connected
Definition: ketypes.h:842

_KPROFILE::Affinity
KAFFINITY Affinity
Definition: ketypes.h:815

_KTIMER_TABLE_ENTRY::Lock
KSPIN_LOCK Lock
Definition: ketypes.h:664

_KUSER_SHARED_DATA::UserModeGlobalLogger
USHORT UserModeGlobalLogger[16]
Definition: ketypes.h:1228

ProfileSpecialInstructions
Definition: ketypes.h:393

_KTHREAD::EtwStackTraceApcInserted
ULONG EtwStackTraceApcInserted
Definition: ketypes.h:1642

_KLOCK_ENTRY::AllBoosts
USHORT AllBoosts
Definition: ketypes.h:1065

PowerState
_In_ UCHAR _In_ POWER_STATE PowerState
Definition: pofuncs.h:42

QueueObject
Definition: ketypes.h:391

_KTHREAD::UserIdealProcessor
ULONG UserIdealProcessor
Definition: ketypes.h:1673

KAPC_STATE
KAPC_STATE
Definition: ketypes.h:1273

_KTHREAD::TimerActive
ULONG TimerActive
Definition: ketypes.h:1596

_KUSER_SHARED_DATA::Cookie
ULONG Cookie
Definition: ketypes.h:1220

KENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE KENTROPY_TIMING_STATE

_KPROCESS::DisableBoost
LONG DisableBoost
Definition: ketypes.h:2005

_KTHREAD::Spare20
USHORT Spare20
Definition: ketypes.h:1904

_KPROCESS_STATE
_KPROCESS_STATE
Definition: ketypes.h:439

Waiting
Definition: ketypes.h:374

_SYNCH_COUNTERS::ExTryToAcqExclusiveAttempts
ULONG ExTryToAcqExclusiveAttempts
Definition: ketypes.h:724

ContinueNextProcessor
Definition: ketypes.h:433

ProfileMaximum
Definition: ketypes.h:399

_KTHREAD::AbWaitEntryCount
UCHAR AbWaitEntryCount
Definition: ketypes.h:1903

_KPROFILE::RangeBase
PVOID RangeBase
Definition: ketypes.h:810

KDPC_DATA
struct _KDPC_DATA KDPC_DATA

_KLOCK_ENTRY::WaiterTree
RTL_RB_TREE WaiterTree
Definition: ketypes.h:1055

_KINTERRUPT::SpinLock
KSPIN_LOCK SpinLock
Definition: ketypes.h:834

_GENERAL_LOOKASIDE
Definition: extypes.h:134

_KUSER_SHARED_DATA::Reserved2
ULONG Reserved2[7]
Definition: ketypes.h:1156

_GETSETCONTEXT::Context
CONTEXT Context
Definition: ketypes.h:798

KAPC_ENVIRONMENT
enum _KAPC_ENVIRONMENT KAPC_ENVIRONMENT

_KTHREAD::EnableStackSwap
ULONG EnableStackSwap
Definition: ketypes.h:1619

_KENTROPY_TIMING_STATE::LastDeliveredBuffer
ULONG LastDeliveredBuffer
Definition: ketypes.h:2056

_ALTERNATIVE_ARCHITECTURE_TYPE
_ALTERNATIVE_ARCHITECTURE_TYPE
Definition: ketypes.h:883

_KTHREAD::AlertedByThreadId
ULONG AlertedByThreadId
Definition: ketypes.h:1617

_KTHREAD::AbCompletedIoBoostCount
volatile LONG AbCompletedIoBoostCount
Definition: ketypes.h:1918

_KTIMER_TABLE::TimerEntries
KTIMER_TABLE_ENTRY TimerEntries[256]
Definition: ketypes.h:673

_KPROCESS::DirectoryTableBase
ULONG_PTR DirectoryTableBase
Definition: ketypes.h:1977

KOBJECTS
enum _KOBJECTS KOBJECTS

_KPROCESS::State
UCHAR State
Definition: ketypes.h:2013

_KTHREAD::SpecialApcDisable
SHORT SpecialApcDisable
Definition: ketypes.h:1771

_KLOCK_ENTRY::IoNormalPriorityWaiterCount
USHORT IoNormalPriorityWaiterCount
Definition: ketypes.h:1077

_KQUEUE
Definition: ketypes.h:1279

_KLOCK_ENTRY::AcquiredBit
UCHAR AcquiredBit
Definition: ketypes.h:988

ThreadObject
Definition: ketypes.h:393

_SINGLE_LIST_ENTRY
Definition: ntbasedef.h:635

_KTIMER
Definition: ketypes.h:839

_KTHREAD::ForegroundLossTime
ULONG ForegroundLossTime
Definition: ketypes.h:1935

_KTHREAD::CombinedApcDisable
ULONG CombinedApcDisable
Definition: ketypes.h:1773

potypes.h

_FIBER::ExceptionList
struct _EXCEPTION_REGISTRATION_RECORD * ExceptionList
Definition: ketypes.h:182

StartRoutine
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine
Definition: psfuncs.h:87

DelayExecution
Definition: ketypes.h:407

_KLOCK_ENTRY::EntryFlags
ULONG EntryFlags
Definition: ketypes.h:972

_KDPC_LIST::LastEntry
SINGLE_LIST_ENTRY * LastEntry
Definition: ketypes.h:679

_SYNCH_COUNTERS::ExSetResOwnerPointerExclusive
ULONG ExSetResOwnerPointerExclusive
Definition: ketypes.h:721

WrPreempted
Definition: ketypes.h:435

_KUSER_SHARED_DATA::SystemExpirationDate
LARGE_INTEGER SystemExpirationDate
Definition: ketypes.h:1167

WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180

_KTHREAD::UserStackWalkActive
ULONG UserStackWalkActive
Definition: ketypes.h:1592

InterruptObject
Definition: ketypes.h:409

_KPROCESS::BasePriority
SCHAR BasePriority
Definition: ketypes.h:2011

VdmPrinterInitialize
Definition: ketypes.h:462

_KTHREAD::SavedApcState
KAPC_STATE SavedApcState
Definition: ketypes.h:1850

_KPROCESS::ProcessFlags
LONG ProcessFlags
Definition: ketypes.h:2009

Spare8Object
Definition: ketypes.h:403

_SYNCH_COUNTERS::ExSetResOwnerPointerSharedOld
ULONG ExSetResOwnerPointerSharedOld
Definition: ketypes.h:723

_SYNCH_COUNTERS::ExAcqResExclusiveAttempts
ULONG ExAcqResExclusiveAttempts
Definition: ketypes.h:698

_KTHREAD::ServiceTable
PVOID ServiceTable
Definition: ketypes.h:1561

_KTHREAD::UnusualBoost
UCHAR UnusualBoost
Definition: ketypes.h:1814

_FIBER::StackLimit
PVOID StackLimit
Definition: ketypes.h:184

_KOBJECTS
_KOBJECTS
Definition: ketypes.h:385

_KTRAP_FRAME
Definition: ketypes.h:306

_KTHREAD::SchedulerApcFill2
UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]
Definition: ketypes.h:1876

_KSERVICE_TABLE_DESCRIPTOR::Number
PUCHAR Number
Definition: ketypes.h:2044

_KTHREAD::ThreadCounters
struct _KTHREAD_COUNTERS * ThreadCounters
Definition: ketypes.h:1746

_KTHREAD::SchedulerApcFill5
UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted)+1]
Definition: ketypes.h:1891

SynchronizationTimer
Definition: ntdef.template.h:362

PUCHAR
unsigned char * PUCHAR
Definition: retypes.h:3

CHAR
char CHAR
Definition: xmlstorage.h:175

_KEVENT_PAIR::Size
CSHORT Size
Definition: ketypes.h:867

_KTHREAD::ProcessDetachActive
ULONG ProcessDetachActive
Definition: ketypes.h:1598

_KINTERRUPT::MessageServiceRoutine
PKSERVICE_ROUTINE MessageServiceRoutine
Definition: ketypes.h:830

_KPROCESS::IopmOffset
USHORT IopmOffset
Definition: ketypes.h:1986

EventSynchronizationObject
Definition: ketypes.h:388

_KTHREAD::SListFaultAddress
PVOID SListFaultAddress
Definition: ketypes.h:1552

_KLOCK_ENTRY_LOCK_STATE
Definition: ketypes.h:932

PKTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY * PKTIMER_TABLE_ENTRY

_KUSER_SHARED_DATA::ConsoleSessionForegroundProcessId
LONGLONG ConsoleSessionForegroundProcessId
Definition: ketypes.h:1223

Spare7Object
Definition: ketypes.h:402

_KSERVICE_TABLE_DESCRIPTOR::Limit
ULONG Limit
Definition: ketypes.h:2040

_KTHREAD::Spare15
ULONG Spare15
Definition: ketypes.h:1842

_KTHREAD::CommitFailTerminateRequest
ULONG CommitFailTerminateRequest
Definition: ketypes.h:1638

_KEXECUTE_OPTIONS
Definition: ketypes.h:875

TimerNotificationObject
Definition: ketypes.h:395

WrLpcReceive
Definition: ketypes.h:419

KWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER KWAIT_STATUS_REGISTER

DeviceQueueObject
Definition: ketypes.h:407

_KUSER_SHARED_DATA::TestRetInstruction
ULONGLONG TestRetInstruction
Definition: ketypes.h:1208

_KTHREAD::Priority
SCHAR Priority
Definition: ketypes.h:1672

WrGuardedMutex
Definition: ketypes.h:438

_KUSER_SHARED_DATA::MaxStackTraceDepth
ULONG MaxStackTraceDepth
Definition: ketypes.h:1152

_KLOCK_ENTRY::AcquiredByte
UCHAR AcquiredByte
Definition: ketypes.h:987

KCONTINUE_STATUS
enum _KCONTINUE_STATUS KCONTINUE_STATUS

ProfileMemoryBarrierCycles
Definition: ketypes.h:397

_KWAIT_STATUS_REGISTER::Unused
UCHAR Unused
Definition: ketypes.h:898

NtProductLanManNt
Definition: ntdef.template.h:351

PKUSER_SHARED_DATA
struct _KUSER_SHARED_DATA * PKUSER_SHARED_DATA

_KTHREAD::UmsPerformingSyscall
ULONG UmsPerformingSyscall
Definition: ketypes.h:1603

ContinueError
Definition: ketypes.h:430

_COUNTER_READING::Total
ULONG64 Total
Definition: ketypes.h:907

_KNODE::_flags::Removable
UCHAR Removable
Definition: ketypes.h:781

KDPC_LIST
struct _KDPC_LIST KDPC_LIST

_KUSER_SHARED_DATA::CryptoExponent
ULONG CryptoExponent
Definition: ketypes.h:1153

_KTHREAD::Saturation
CHAR Saturation
Definition: ketypes.h:1856

_KTHREAD::Alerted
BOOLEAN Alerted[MaximumMode]
Definition: ketypes.h:1570

Period
_In_ LARGE_INTEGER _In_ ULONG Period
Definition: kefuncs.h:1268

_FIBER
Definition: ketypes.h:179

_KTHREAD::TrapFrame
PKTRAP_FRAME TrapFrame
Definition: ketypes.h:1664

ProfileDcacheMisses
Definition: ketypes.h:383

_KTHREAD::QuantumDonation
ULONG QuantumDonation
Definition: ketypes.h:1618

ifssupp.h

_COUNTER_READING
Definition: ketypes.h:902

_KLOCK_ENTRY_LOCK_STATE::InTree
ULONG_PTR InTree
Definition: ketypes.h:945

_KTHREAD::SystemThread
ULONG SystemThread
Definition: ketypes.h:1597

VdmQueryVdmProcess
Definition: ketypes.h:467

KEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS KEXECUTE_OPTIONS

_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsCount
ULONG ExEtwSynchTrackingNotificationsCount
Definition: ketypes.h:728

_SYNCH_COUNTERS::IpiSendRequestBroadcastCount
ULONG IpiSendRequestBroadcastCount
Definition: ketypes.h:687

_XSTATE_SAVE
Definition: ketypes.h:970

_SYNCH_COUNTERS::ExAcqResSharedAttempts
ULONG ExAcqResSharedAttempts
Definition: ketypes.h:703

PKSPIN_LOCK
KSPIN_LOCK * PKSPIN_LOCK
Definition: env_spec_w32.h:73

_KUSER_SHARED_DATA::TimeSlip
volatile ULONG TimeSlip
Definition: ketypes.h:1164

_KTHREAD::WaitBlockList
PKWAIT_BLOCK WaitBlockList
Definition: ketypes.h:1690

KernelMode
Definition: ketypes.h:11

_KTHREAD::Reserved
ULONG Reserved
Definition: ketypes.h:1605

_KINTERRUPT::Type
CSHORT Type
Definition: ketypes.h:825

_KLOCK_ENTRY::IoQoSBoost
USHORT IoQoSBoost
Definition: ketypes.h:1076

_KENTROPY_TIMING_STATE::RawDataBuffer
PULONG RawDataBuffer
Definition: ketypes.h:2057

_KTHREAD::UserAffinitySet
ULONG UserAffinitySet
Definition: ketypes.h:1616

_KTHREAD::DeferPreemption
ULONG DeferPreemption
Definition: ketypes.h:1623

_KLOCK_ENTRY
Definition: ketypes.h:962

ProfileIntegerInstructions
Definition: ketypes.h:389

INT_PTR
int32_t INT_PTR
Definition: typedefs.h:62

_HARDWARE_COUNTER_TYPE
_HARDWARE_COUNTER_TYPE
Definition: pstypes.h:123

WrPushLock
Definition: ketypes.h:431

SSDT_MAX_ENTRIES
#define SSDT_MAX_ENTRIES
Definition: ketypes.h:100

_KTHREAD::Process
PKPROCESS Process
Definition: ketypes.h:1798

NUMBER_OF_LOCK_ENTRIES
#define NUMBER_OF_LOCK_ENTRIES
Definition: ketypes.h:1546

PKEVENT_PAIR
struct _KEVENT_PAIR * PKEVENT_PAIR

_KTHREAD::ProcessReadyQueue
ULONG ProcessReadyQueue
Definition: ketypes.h:1585

_KLOCK_ENTRY_LOCK_STATE::Busy
ULONG_PTR Busy
Definition: ketypes.h:943

KEVENT_PAIR
struct _KEVENT_PAIR KEVENT_PAIR

KiDmaIoCoherency
ULONG NTSYSAPI KiDmaIoCoherency
Definition: cpu.c:33

_KNODE::PfnDeferredList
struct _SINGLE_LIST_ENTRY * PfnDeferredList
Definition: ketypes.h:786

_KLOCK_ENTRY::LockState
KLOCK_ENTRY_LOCK_STATE LockState
Definition: ketypes.h:1026

KeIcacheFlushCount
ULONG NTSYSAPI KeIcacheFlushCount
Definition: cpu.c:19

_KUSER_SHARED_DATA::InterruptTime
volatile KSYSTEM_TIME InterruptTime
Definition: ketypes.h:1146

NTSYSAPI
#define NTSYSAPI
Definition: ntoskrnl.h:14

_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusiveRecursive
ULONG ExAcqResExclusiveAcquiresExclusiveRecursive
Definition: ketypes.h:700

ProfilePipelineFrozen
Definition: ketypes.h:380

_KGDTENTRY
Definition: ketypes.h:331

Suspended
Definition: ketypes.h:408

_KINTERRUPT::FloatingSave
BOOLEAN FloatingSave
Definition: ketypes.h:841

_KEXECUTE_OPTIONS::ExecuteDisable
UCHAR ExecuteDisable
Definition: ketypes.h:877

_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAttempts
ULONG ExAcqResSharedStarveExclusiveAttempts
Definition: ketypes.h:709

_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveWaits
ULONG ExAcqResSharedStarveExclusiveWaits
Definition: ketypes.h:713

SYNCH_COUNTERS
struct _SYNCH_COUNTERS SYNCH_COUNTERS

_KUSER_SHARED_DATA::SystemCallReturn
ULONG SystemCallReturn
Definition: ketypes.h:1210

_RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.
Definition: ketypes.h:924

_KLOCK_ENTRY::FreeListEntry
SINGLE_LIST_ENTRY FreeListEntry
Definition: ketypes.h:967

_KTHREAD_COUNTERS::HardwareCounters
ULONG64 HardwareCounters
Definition: ketypes.h:917

_KDPC_DATA::DpcLock
ULONG_PTR DpcLock
Definition: ketypes.h:742

_SYNCH_COUNTERS::ExAcqResSharedWaits
ULONG ExAcqResSharedWaits
Definition: ketypes.h:707

_KTHREAD_COUNTERS
Definition: ketypes.h:910

_KTHREAD::UmsDirectedSwitchEnable
ULONG UmsDirectedSwitchEnable
Definition: ketypes.h:1595

_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresExclusive
ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive
Definition: ketypes.h:710

_KTIMER_TABLE::TimerExpiry
PKTIMER TimerExpiry[64]
Definition: ketypes.h:672

PKDPC_DATA
struct _KDPC_DATA * PKDPC_DATA

_KINTERRUPT::Mode
KINTERRUPT_MODE Mode
Definition: ketypes.h:845

KPROCESS_STATE
enum _KPROCESS_STATE KPROCESS_STATE

_KTHREAD::HighCycleTime
volatile ULONG HighCycleTime
Definition: ketypes.h:1560

PKSERVICE_ROUTINE
KSERVICE_ROUTINE * PKSERVICE_ROUTINE
Definition: ketypes.h:500

Profile2Issue
Definition: ketypes.h:390

_KTHREAD::ExplicitIdealProcessor
ULONG ExplicitIdealProcessor
Definition: ketypes.h:1626

_KSERVICE_TABLE_DESCRIPTOR::Count
PULONG Count
Definition: ketypes.h:2039

_SYNCH_COUNTERS::ExAcqResSharedAcquiresExclusive
ULONG ExAcqResSharedAcquiresExclusive
Definition: ketypes.h:704

_KTIMER_TABLE_ENTRY
Definition: ketypes.h:661

_TIMER_TYPE
_TIMER_TYPE
Definition: ntdef.template.h:360

_KTHREAD::WaitPrcb
PKPRCB WaitPrcb
Definition: ketypes.h:1882

ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:63

_KLOCK_ENTRY_LOCK_STATE::LockState
PVOID LockState
Definition: ketypes.h:947

_KTHREAD::NextProcessor
ULONG NextProcessor
Definition: ketypes.h:1795

_KUSER_SHARED_DATA::SafeBootMode
BOOLEAN SafeBootMode
Definition: ketypes.h:1178

_KPROCESS::ReservedFlags
LONG ReservedFlags
Definition: ketypes.h:2007

_KNODE::DeadStackList
SLIST_HEADER DeadStackList
Definition: ketypes.h:774

_KTHREAD::AutoAlignment
ULONG AutoAlignment
Definition: ketypes.h:1614

_FIBER::FiberData
PVOID FiberData
Definition: ketypes.h:181

KiEnableTimerWatchdog
BOOLEAN NTSYSAPI KiEnableTimerWatchdog
Definition: timerobj.c:20

ProfileFpInstructions
Definition: ketypes.h:388

_ACTIVATION_CONTEXT_STACK
Definition: rtltypes.h:967

Running
Definition: ketypes.h:371

_KLOCK_ENTRY::IoQoSWaiter
UCHAR IoQoSWaiter
Definition: ketypes.h:997

PRTL_RB_TREE
struct _RTL_RB_TREE * PRTL_RB_TREE

PCOUNTER_READING
struct _COUNTER_READING * PCOUNTER_READING

KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591

CurrentApcEnvironment
Definition: ketypes.h:657

VdmStartExecution
Definition: ketypes.h:453

_KPROFILE::Process
struct _KPROCESS * Process
Definition: ketypes.h:809

_SYNCH_COUNTERS::ExecutiveResourceReleaseSharedCount
ULONG ExecutiveResourceReleaseSharedCount
Definition: ketypes.h:696

_KTHREAD::PriorityFloorCounts
UCHAR PriorityFloorCounts[16]
Definition: ketypes.h:1916

_KLOCK_ENTRY::AllFlags
ULONG AllFlags
Definition: ketypes.h:1005

Profile3Issue
Definition: ketypes.h:391

PNT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE * PNT_PRODUCT_TYPE

_SYNCH_COUNTERS::ExBoostSharedOwners
ULONG ExBoostSharedOwners
Definition: ketypes.h:727

_KLOCK_ENTRY::TreeNode
RTL_BALANCED_NODE TreeNode
Definition: ketypes.h:966

PKSYSTEM_ROUTINE
VOID(NTAPI * PKSYSTEM_ROUTINE)(PKSTART_ROUTINE StartRoutine, PVOID StartContext)
Definition: ketypes.h:625

PageIn
Definition: ketypes.h:405

GETSETCONTEXT
struct _GETSETCONTEXT GETSETCONTEXT

Spare5Object
Definition: ketypes.h:400

AdjustUnwait
Definition: ketypes.h:421

_KTHREAD::XStateSave
PXSTATE_SAVE XStateSave
Definition: ketypes.h:1751

TimerSynchronizationObject
Definition: ketypes.h:396

_KTHREAD::ForegroundDpcStackListEntry
SINGLE_LIST_ENTRY ForegroundDpcStackListEntry
Definition: ketypes.h:1941

NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117

_KTHREAD::MiscFlags
LONG MiscFlags
Definition: ketypes.h:1607

_KWAIT_STATUS_REGISTER::UserApc
UCHAR UserApc
Definition: ketypes.h:896

_KUSER_SHARED_DATA::NtMajorVersion
ULONG NtMajorVersion
Definition: ketypes.h:1159

WrQuantumEnd
Definition: ketypes.h:433

_KTHREAD::KernelApcDisable
SHORT KernelApcDisable
Definition: ketypes.h:1770

_KPROFILE::Source
KPROFILE_SOURCE Source
Definition: ketypes.h:816

_KTHREAD::CallbackNestingLevel
UCHAR CallbackNestingLevel
Definition: ketypes.h:1892

_KUSER_SHARED_DATA::ImageFileExecutionOptions
ULONG ImageFileExecutionOptions
Definition: ketypes.h:1234

_KINTERRUPT::TickCount
ULONG TickCount
Definition: ketypes.h:835

PKSTART_ROUTINE
KSTART_ROUTINE * PKSTART_ROUTINE
Definition: ketypes.h:487

_KUSER_SHARED_DATA::SystemTime
volatile KSYSTEM_TIME SystemTime
Definition: ketypes.h:1147

_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresShared
ULONG ExAcqResSharedWaitForExclusiveAcquiresShared
Definition: ketypes.h:717

_RTL_RB_TREE::Min
PRTL_BALANCED_NODE Min
Definition: ketypes.h:927

_KEXECUTE_OPTIONS::Spare
UCHAR Spare
Definition: ketypes.h:883

ProcessOutSwap
Definition: ketypes.h:445

_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresShared
ULONG ExAcqResSharedStarveExclusiveAcquiresShared
Definition: ketypes.h:711

_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveNotAcquires
ULONG ExAcqResSharedStarveExclusiveNotAcquires
Definition: ketypes.h:714

_SYNCH_COUNTERS::ExAcqResSharedNotAcquires
ULONG ExAcqResSharedNotAcquires
Definition: ketypes.h:708

_GETSETCONTEXT::Apc
KAPC Apc
Definition: ketypes.h:795

LONG
long LONG
Definition: pedump.c:60

_SYNCH_COUNTERS::ExSetResOwnerPointerSharedNew
ULONG ExSetResOwnerPointerSharedNew
Definition: ketypes.h:722

_KPROCESS::ExecuteOptions
UCHAR ExecuteOptions
Definition: ketypes.h:2021

_KUSER_SHARED_DATA::NtProductType
NT_PRODUCT_TYPE NtProductType
Definition: ketypes.h:1157

_KDPC_DATA::DpcList
KDPC_LIST DpcList
Definition: ketypes.h:738

_KTHREAD::SystemHeteroCpuPolicy
UCHAR SystemHeteroCpuPolicy
Definition: ketypes.h:1652

_KTHREAD::ApcState
KAPC_STATE ApcState
Definition: ketypes.h:1668

SHORT
short SHORT
Definition: pedump.c:59

_KLOCK_ENTRY::EntryOffset
UCHAR EntryOffset
Definition: ketypes.h:975

WrDispatchInt
Definition: ketypes.h:434

_KTHREAD::SystemAffinityActive
ULONG SystemAffinityActive
Definition: ketypes.h:1587

PKTHREAD_COUNTERS
struct _KTHREAD_COUNTERS * PKTHREAD_COUNTERS

FreePage
Definition: ketypes.h:404

ProfileBranchMispredictions
Definition: ketypes.h:386

_KTHREAD::FirstArgument
PVOID FirstArgument
Definition: ketypes.h:1663

VdmQueueInterrupt
Definition: ketypes.h:454

_KLOCK_ENTRY::SessionId
ULONG SessionId
Definition: ketypes.h:1042

_KUSER_SHARED_DATA::KdDebuggerEnabled
BOOLEAN KdDebuggerEnabled
Definition: ketypes.h:1169

_KLOCK_ENTRY::EntryLock
ULONG_PTR EntryLock
Definition: ketypes.h:1059

_GETSETCONTEXT::Event
KEVENT Event
Definition: ketypes.h:796

_KDPC_LIST
Definition: ketypes.h:676

_KTHREAD::WaitNext
ULONG WaitNext
Definition: ketypes.h:1586

_SYNCH_COUNTERS::ExAcqResSharedAcquiresShared
ULONG ExAcqResSharedAcquiresShared
Definition: ketypes.h:705

_KUSER_SHARED_DATA::TickCountMultiplier
ULONG TickCountMultiplier
Definition: ketypes.h:1145

_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
Definition: ketypes.h:718

_KTHREAD_COUNTERS::CycleTimeBias
ULONG64 CycleTimeBias
Definition: ketypes.h:916

WrDelayExecution
Definition: ketypes.h:414

ProfileObject
Definition: ketypes.h:410

_KEXECUTE_OPTIONS::ImageDispatchEnable
UCHAR ImageDispatchEnable
Definition: ketypes.h:882

VdmFeatures
Definition: ketypes.h:457

_KLOCK_ENTRY::CrossThreadReleasableAndBusyByte
volatile UCHAR CrossThreadReleasableAndBusyByte
Definition: ketypes.h:1031

_KTHREAD::UserHeteroCpuPolicy
UCHAR UserHeteroCpuPolicy
Definition: ketypes.h:1653

_KTHREAD::ApcInterruptRequest
ULONG ApcInterruptRequest
Definition: ketypes.h:1593

BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185

_KPROFILE::ProfileListEntry
LIST_ENTRY ProfileListEntry
Definition: ketypes.h:808

_KTHREAD_COUNTERS::WaitReasonBitMap
ULONG64 WaitReasonBitMap
Definition: ketypes.h:912

Profile4Issue
Definition: ketypes.h:392

_KPROCESS::StackCount
ULONG StackCount
Definition: ketypes.h:2023

_LOADER_PARAMETER_BLOCK
Definition: arc.h:491

_GETSETCONTEXT
Definition: ketypes.h:793

_KPROFILE::RangeLimit
PVOID RangeLimit
Definition: ketypes.h:811

_KSERVICE_TABLE_DESCRIPTOR
Definition: ketypes.h:2036

KINTERRUPT_MODE
enum _KINTERRUPT_MODE KINTERRUPT_MODE

_PP_LOOKASIDE_LIST
Definition: ketypes.h:757

_KUSER_SHARED_DATA::TickCountLowDeprecated
ULONG TickCountLowDeprecated
Definition: ketypes.h:1144

DpcObject
Definition: ketypes.h:406

_KDPC_LIST::ListHead
SINGLE_LIST_ENTRY ListHead
Definition: ketypes.h:678

_KLOCK_ENTRY::IoQoSWaiterCount
USHORT IoQoSWaiterCount
Definition: ketypes.h:1078

VDMSERVICECLASS
enum _VDMSERVICECLASS VDMSERVICECLASS

Spare4Object
Definition: ketypes.h:399

Initialized
Definition: ketypes.h:369

PKLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE * PKLOCK_ENTRY_LOCK_STATE

_KLOCK_ENTRY::IoBoost
USHORT IoBoost
Definition: ketypes.h:1072

_KTHREAD::QueueListEntry
LIST_ENTRY QueueListEntry
Definition: ketypes.h:1782

_KPROCESS::ProcessListEntry
LIST_ENTRY ProcessListEntry
Definition: ketypes.h:2024

Terminated
Definition: ketypes.h:373

ProfileLoadLinkedIssues
Definition: ketypes.h:398

Reserved
_Reserved_ PVOID Reserved
Definition: winddi.h:3974

PKKERNEL_ROUTINE
VOID(NTAPI * PKKERNEL_ROUTINE)(IN struct _KAPC *Apc, IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL, IN OUT PVOID *NormalContext OPTIONAL, IN OUT PVOID *SystemArgument1 OPTIONAL, IN OUT PVOID *SystemArgument2 OPTIONAL)
Definition: ketypes.h:642

Buffer
Definition: bufpool.h:45

_KTHREAD::WaitBlockFill10
UCHAR WaitBlockFill10[2 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1755

_KTHREAD::KernelStack
PVOID KernelStack
Definition: ketypes.h:1565

_KUSER_SHARED_DATA::ImageNumberHigh
USHORT ImageNumberHigh
Definition: ketypes.h:1150

_FIBER::DeallocationStack
PVOID DeallocationStack
Definition: ketypes.h:185

NtProductWinNt
Definition: ntdef.template.h:350

_ULARGE_INTEGER
Definition: ms-dtyp.idl:184

DECLSPEC_ALIGN
struct DECLSPEC_ALIGN(16) _M128A
Definition: ketypes.h:915

_GETSETCONTEXT::Mode
KPROCESSOR_MODE Mode
Definition: ketypes.h:797

_KTIMER_TABLE
Definition: ketypes.h:670

PVOID
void * PVOID
Definition: retypes.h:9

_FIBER::FlsData
PVOID FlsData
Definition: ketypes.h:190

_KLOCK_ENTRY::CpuPriorityKey
CHAR CpuPriorityKey
Definition: ketypes.h:1057

_KTHREAD::Timer
KTIMER Timer
Definition: ketypes.h:1701

_KINTERRUPT::DispatchCount
ULONG DispatchCount
Definition: ketypes.h:850

_KPROCESS::ThreadListHead
LIST_ENTRY ThreadListHead
Definition: ketypes.h:1997

KTHREAD_STATE
enum _KTHREAD_STATE KTHREAD_STATE

_KLOCK_ENTRY_LOCK_STATE::Reserved
ULONG_PTR Reserved
Definition: ketypes.h:944

_KTHREAD::ScbReadyQueue
ULONG ScbReadyQueue
Definition: ketypes.h:1600

_KEXECUTE_OPTIONS::DisableThunkEmulation
UCHAR DisableThunkEmulation
Definition: ketypes.h:879

_KPROCESS::DisableQuantum
LONG DisableQuantum
Definition: ketypes.h:2006

KSYSTEM_TIME
struct _KSYSTEM_TIME KSYSTEM_TIME

_KDPC_DATA::DpcCount
ULONG DpcCount
Definition: ketypes.h:748

_KINTERRUPT::Number
CCHAR Number
Definition: ketypes.h:843

KeLoaderBlock
struct _LOADER_PARAMETER_BLOCK NTSYSAPI * KeLoaderBlock
Definition: krnlinit.c:29

WrLpcReply
Definition: ketypes.h:420

MAX_WOW64_SHARED_ENTRIES
#define MAX_WOW64_SHARED_ENTRIES
Definition: ketypes.h:1141

ProfileTime
Definition: ketypes.h:375

ProcessInMemory
Definition: ketypes.h:441

SemaphoreObject
Definition: ketypes.h:392

PKSYSTEM_TIME
struct _KSYSTEM_TIME * PKSYSTEM_TIME

_KTHREAD::WaitReason
UCHAR WaitReason
Definition: ketypes.h:1854

_KTHREAD::BasePriority
CHAR BasePriority
Definition: ketypes.h:1807

_KTIMER_TABLE_ENTRY::Time
ULARGE_INTEGER Time
Definition: ketypes.h:667

ProfileTotalCycles
Definition: ketypes.h:394

_KLOCK_ENTRY_LOCK_STATE::SessionId
ULONG SessionId
Definition: ketypes.h:954

_SYNCH_COUNTERS::ExecutiveResourceAcquiresCount
ULONG ExecutiveResourceAcquiresCount
Definition: ketypes.h:693

ContinueSuccess
Definition: ketypes.h:431

EVENT_TYPE
enum _EVENT_TYPE EVENT_TYPE

_SYNCH_COUNTERS::ExDeleteResourceCount
ULONG ExDeleteResourceCount
Definition: ketypes.h:692

_KUSER_SHARED_DATA::ImageNumberLow
USHORT ImageNumberLow
Definition: ketypes.h:1149

PKWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER * PKWAIT_STATUS_REGISTER

UserTime
_Out_ PULONG UserTime
Definition: kefuncs.h:784

Spare9Object
Definition: ketypes.h:404

_KTHREAD::ExplicitSystemHeteroCpuPolicy
UCHAR ExplicitSystemHeteroCpuPolicy
Definition: ketypes.h:1654

_KNODE::Flags
struct _KNODE::_flags Flags

KLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE KLOCK_ENTRY_LOCK_STATE

WrUserRequest
Definition: ketypes.h:416

_KUSER_SHARED_DATA::TickCount
volatile KSYSTEM_TIME TickCount
Definition: ketypes.h:1213

PKINTERRUPT_ROUTINE
VOID(NTAPI * PKINTERRUPT_ROUTINE)(VOID)
Definition: ketypes.h:490

ThreadedDpcObject
Definition: ketypes.h:411

_KTHREAD::DisableBoost
ULONG DisableBoost
Definition: ketypes.h:1615

_KTHREAD::Alertable
ULONG Alertable
Definition: ketypes.h:1588

SystemArgument1
_In_opt_ PVOID _In_opt_ PVOID SystemArgument1
Definition: ketypes.h:675

_KTHREAD::NpxState
ULONG64 NpxState
Definition: ketypes.h:1958

_KTHREAD::PropagateBoostsEntry
SINGLE_LIST_ENTRY PropagateBoostsEntry
Definition: ketypes.h:1914

_KINTERRUPT::InterruptListEntry
LIST_ENTRY InterruptListEntry
Definition: ketypes.h:827

_KTHREAD::WaitStatus
volatile INT_PTR WaitStatus
Definition: ketypes.h:1689

LONGLONG
int64_t LONGLONG
Definition: typedefs.h:66

PFIBER
struct _FIBER * PFIBER

_KPROCESS::Affinity
KAFFINITY Affinity
Definition: ketypes.h:1999

LONG64
int64_t LONG64
Definition: typedefs.h:66

KPROCESS
struct _KPROCESS KPROCESS

PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103

PTIMER_APC_ROUTINE
VOID(NTAPI * PTIMER_APC_ROUTINE)(_In_ PVOID TimerContext, _In_ ULONG TimerLowValue, _In_ LONG TimerHighValue)
Definition: ketypes.h:1096

KeMaximumIncrement
ULONG NTSYSAPI KeMaximumIncrement
Definition: clock.c:20

VdmPrinterDirectIoClose
Definition: ketypes.h:461

_KLOCK_ENTRY::CpuBoostsBitmap
USHORT CpuBoostsBitmap
Definition: ketypes.h:1071

KLOCK_ENTRY
struct _KLOCK_ENTRY KLOCK_ENTRY

_KWAIT_STATUS_REGISTER::Priority
UCHAR Priority
Definition: ketypes.h:894

_KTIMER_TABLE_ENTRY::Entry
LIST_ENTRY Entry
Definition: ketypes.h:666

_COUNTER_READING::Start
ULONG64 Start
Definition: ketypes.h:906

_KINTERRUPT::Irql
KIRQL Irql
Definition: ketypes.h:839

_FIBER::TebFlags
ULONG TebFlags
Definition: ketypes.h:192

_KTHREAD::KernelTime
ULONG KernelTime
Definition: ketypes.h:1877

PKRUNDOWN_ROUTINE
VOID(NTAPI * PKRUNDOWN_ROUTINE)(IN struct _KAPC *Apc)
Definition: ketypes.h:638

_KINTERRUPT::Rsvd1
ULONGLONG Rsvd1
Definition: ketypes.h:852

_KTHREAD_COUNTERS::UserData
struct _THREAD_PERFORMANCE_DATA * UserData
Definition: ketypes.h:913

VdmPrinterDirectIoOpen
Definition: ketypes.h:460

WrYieldExecution
Definition: ketypes.h:436

_KSYSTEM_TIME::High1Time
LONG High1Time
Definition: ketypes.h:911

_KLOCK_ENTRY::HeadNodeBit
UCHAR HeadNodeBit
Definition: ketypes.h:995

_KLOCK_ENTRY::WaitingBit
UCHAR WaitingBit
Definition: ketypes.h:981

AdjustBoost
Definition: ketypes.h:422

_KNODE::MmShiftedColor
ULONG MmShiftedColor
Definition: ketypes.h:784

MODE
enum _MODE MODE

UserMode
Definition: ketypes.h:12

PROCESSOR_FEATURE_MAX
#define PROCESSOR_FEATURE_MAX

MaximumKernelObject
Definition: ketypes.h:412

_KUSER_SHARED_DATA::AlternativeArchitecture
ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture
Definition: ketypes.h:1165

_KTHREAD::SchedulerApc
KAPC SchedulerApc
Definition: ketypes.h:1863

_KPROCESS::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:1995

_KWAIT_STATUS_REGISTER::Flags
UCHAR Flags
Definition: ketypes.h:889

_KLOCK_ENTRY::CrossThreadFlags
UCHAR CrossThreadFlags
Definition: ketypes.h:992

CCHAR
char CCHAR
Definition: typedefs.h:50

_KTHREAD::Spare0
UCHAR Spare0
Definition: ketypes.h:1655

_SYNCH_COUNTERS::ExAcqResExclusiveNotAcquires
ULONG ExAcqResExclusiveNotAcquires
Definition: ketypes.h:702

WaitAny
Definition: ntdef.template.h:367

Transition
Definition: ketypes.h:375

ULONGLONG
uint64_t ULONGLONG
Definition: typedefs.h:65

_KLOCK_ENTRY::IoPriorityBit
UCHAR IoPriorityBit
Definition: ketypes.h:996

_KTHREAD::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:1694

KUSER_SHARED_DATA
struct _KUSER_SHARED_DATA KUSER_SHARED_DATA

_KPROCESS::Visited
UCHAR Visited
Definition: ketypes.h:2017

_KINTERRUPT::ShareVector
BOOLEAN ShareVector
Definition: ketypes.h:844

ProcessInTransition
Definition: ketypes.h:443

_KUSER_SHARED_DATA::DbgElevationEnabled
ULONG DbgElevationEnabled
Definition: ketypes.h:1195

_KTHREAD::ExpectedRunTime
ULONG ExpectedRunTime
Definition: ketypes.h:1564

_KTHREAD::StackLimit
volatile VOID * StackLimit
Definition: ketypes.h:1555

SCHAR
signed char SCHAR
Definition: sqltypes.h:14

WrRendezvous
Definition: ketypes.h:423

WrResource
Definition: ketypes.h:430

Affinity
_In_ ULONG _In_ ULONG _In_ ULONG _Out_ PKIRQL _Out_ PKAFFINITY Affinity
Definition: halfuncs.h:170

InsertApcEnvironment
Definition: ketypes.h:658

_KINTERRUPT::MessageIndex
ULONG MessageIndex
Definition: ketypes.h:831

WrExecutive
Definition: ketypes.h:410

WAIT_TYPE
enum _WAIT_TYPE WAIT_TYPE

RTL_RB_TREE
struct _RTL_RB_TREE RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.

_KTHREAD::IoSelfBoostsEntry
SINGLE_LIST_ENTRY IoSelfBoostsEntry
Definition: ketypes.h:1915

_KTHREAD::Queue
PKQUEUE Queue
Definition: ketypes.h:1696

_KINTERRUPT::Polarity
KINTERRUPT_POLARITY Polarity
Definition: ketypes.h:847

_KEVENT_PAIR
Definition: ketypes.h:864

_KTHREAD::QuantumTarget
ULONG64 QuantumTarget
Definition: ketypes.h:1553

RTL_SIZEOF_THROUGH_FIELD
#define RTL_SIZEOF_THROUGH_FIELD(type, field)
Definition: ntbasedef.h:679

_KTHREAD::WaitBlockFill8
UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1745

_KUSER_SHARED_DATA::TimeZoneId
ULONG TimeZoneId
Definition: ketypes.h:1154

_KUSER_SHARED_DATA::Reserved3
ULONG Reserved3
Definition: ketypes.h:1163

WrKernel
Definition: ketypes.h:429

_SYNCH_COUNTERS::ExReInitializeResourceCount
ULONG ExReInitializeResourceCount
Definition: ketypes.h:691

_KEXECUTE_OPTIONS::Permanent
UCHAR Permanent
Definition: ketypes.h:880

_KTHREAD::SchedulingGroup
struct _KSCHEDULING_GROUP * SchedulingGroup
Definition: ketypes.h:1567

_KLOCK_ENTRY::LockUnsafe
PVOID LockUnsafe
Definition: ketypes.h:1027

KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7

VdmQueryDir
Definition: ketypes.h:459

ProfileIcacheIssues
Definition: ketypes.h:395

PPP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST * PPP_LOOKASIDE_LIST

_KTHREAD::ChargeOnlyGroup
ULONG ChargeOnlyGroup
Definition: ketypes.h:1622

Standby
Definition: ketypes.h:372

_KTHREAD::ForegroundBoost
UCHAR ForegroundBoost
Definition: ketypes.h:1813

FIBER
struct _FIBER FIBER

_SYNCH_COUNTERS
Definition: ketypes.h:682

Object
static IUnknown Object
Definition: main.c:512

_KTHREAD::WaitListEntry
LIST_ENTRY WaitListEntry
Definition: ketypes.h:1693

LONG
#define LONG
Definition: msvc.h:36

_KTHREAD::AffinityFill
UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:1831

_KTHREAD::SuspendEvent
KEVENT SuspendEvent
Definition: ketypes.h:1897

_KTHREAD::AdjustReason
UCHAR AdjustReason
Definition: ketypes.h:1818

_PP_LOOKASIDE_LIST::L
struct _GENERAL_LOOKASIDE * L
Definition: ketypes.h:760

_FIBER::GuaranteedStackBytes
ULONG GuaranteedStackBytes
Definition: ketypes.h:191

_KUSER_SHARED_DATA::NumberOfPhysicalPages
ULONG NumberOfPhysicalPages
Definition: ketypes.h:1177

_KPROCESS::CycleTime
ULONGLONG CycleTime
Definition: ketypes.h:2026

_KTHREAD::AbEntrySummary
UCHAR AbEntrySummary
Definition: ketypes.h:1902

_KTHREAD::QuantumEndMigrate
ULONG QuantumEndMigrate
Definition: ketypes.h:1594

KINTERRUPT_POLARITY
enum _KINTERRUPT_POLARITY KINTERRUPT_POLARITY

ULONG64
unsigned __int64 ULONG64
Definition: imports.h:198

TIMER_TYPE
enum _TIMER_TYPE TIMER_TYPE

_KTHREAD::DisableStackCheck
ULONG DisableStackCheck
Definition: ketypes.h:1604

ProfileTotalNonissues
Definition: ketypes.h:382

_KTHREAD_COUNTERS::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:915

VdmSetProcessLdtInfo
Definition: ketypes.h:464

UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181

KTHREAD_COUNTERS
struct _KTHREAD_COUNTERS KTHREAD_COUNTERS

_KINTERRUPT::Vector
ULONG Vector
Definition: ketypes.h:838

_SYNCH_COUNTERS::ExBoostExclusiveOwner
ULONG ExBoostExclusiveOwner
Definition: ketypes.h:726

_KUSER_SHARED_DATA::Reserved1
ULONG Reserved1
Definition: ketypes.h:1162

_KTHREAD_COUNTERS::HwCounter
COUNTER_READING HwCounter[16]
Definition: ketypes.h:918

_KINTERRUPT::ServiceRoutine
PKSERVICE_ROUTINE ServiceRoutine
Definition: ketypes.h:828

_KTHREAD::AbFreeEntryCount
UCHAR AbFreeEntryCount
Definition: ketypes.h:1932

_KPROCESS::ThreadSeed
UCHAR ThreadSeed
Definition: ketypes.h:2014

_SYNCH_COUNTERS::ExecutiveResourceConvertsCount
ULONG ExecutiveResourceConvertsCount
Definition: ketypes.h:697

Spare6Object
Definition: ketypes.h:401

_EVENT_TYPE
_EVENT_TYPE
Definition: ntdef.template.h:355

NEC98x86
Definition: ketypes.h:885

OriginalApcEnvironment
Definition: ketypes.h:655

_KPROFILE::Size
CSHORT Size
Definition: ketypes.h:807

ProfileBranchInstructions
Definition: ketypes.h:381

_KAPC::NormalContext
PVOID NormalContext
Definition: ketypes.h:550

PoolAllocation
Definition: ketypes.h:406

_KDPC
Definition: ketypes.h:687

SynchronizationEvent
Definition: ntdef.template.h:357

_KPROCESS::IdealNode
UCHAR IdealNode
Definition: ketypes.h:2016

_KPRCB
Definition: ketypes.h:555

_KTHREAD::RelativeTimerBias
ULONG64 RelativeTimerBias
Definition: ketypes.h:1699

haltypes.h

ProcessObject
Definition: ketypes.h:390

_CONTEXT
Definition: compat.h:314

_KWAIT_STATUS_REGISTER::State
UCHAR State
Definition: ketypes.h:892

PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:414

VOID
#define VOID
Definition: acefi.h:82

_COUNTER_READING::Index
ULONG Index
Definition: ketypes.h:905

_SYNCH_COUNTERS::ExecutiveResourceContentionsCount
ULONG ExecutiveResourceContentionsCount
Definition: ketypes.h:694

Ready
Definition: ketypes.h:370

_KEVENT_PAIR::LowEvent
KEVENT LowEvent
Definition: ketypes.h:868

_KUSER_SHARED_DATA::SuiteMask
ULONG SuiteMask
Definition: ketypes.h:1168

_KTHREAD::IdealProcessor
ULONG IdealProcessor
Definition: ketypes.h:1834

_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresExclusive
ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive
Definition: ketypes.h:716

_KTHREAD::InGlobalForegroundList
ULONG_PTR InGlobalForegroundList
Definition: ketypes.h:1942

_KTHREAD::SchedulerApcFill4
UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]
Definition: ketypes.h:1886

_KAPC
Definition: ketypes.h:535

_GROUP_AFFINITY
Definition: ntbasedef.h:666

_KPROCESS::ReadyListHead
LIST_ENTRY ReadyListHead
Definition: ketypes.h:1994

_MODE
_MODE
Definition: ketypes.h:10

_KAPC_ENVIRONMENT
_KAPC_ENVIRONMENT
Definition: ketypes.h:653

ProfileIcacheMisses
Definition: ketypes.h:384

_LIST_ENTRY
Definition: typedefs.h:117

ProfileTotalIssues
Definition: ketypes.h:377

_KGATE
Definition: ketypes.h:810

_KINTERRUPT
Definition: ketypes.h:823

_SYNCH_COUNTERS::SpinLockSpinCount
ULONG SpinLockSpinCount
Definition: ketypes.h:686

_KTHREAD::ForceDeferSchedule
ULONG ForceDeferSchedule
Definition: ketypes.h:1625

PGETSETCONTEXT
struct _GETSETCONTEXT * PGETSETCONTEXT

_KTHREAD::ApcStateFill
UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]
Definition: ketypes.h:1671

KTHREAD
struct _KTHREAD KTHREAD

WrPageOut
Definition: ketypes.h:422

_KUSER_SHARED_DATA::ActiveConsoleId
volatile ULONG ActiveConsoleId
Definition: ketypes.h:1173

_KUSER_SHARED_DATA::TimeZoneBias
volatile KSYSTEM_TIME TimeZoneBias
Definition: ketypes.h:1148

_SYNCH_COUNTERS::ExAcqResSharedAcquiresSharedRecursive
ULONG ExAcqResSharedAcquiresSharedRecursive
Definition: ketypes.h:706

GateObject
Definition: ketypes.h:394

_KNODE::Color
UCHAR Color
Definition: ketypes.h:777

VdmAdlibEmulation
Definition: ketypes.h:465

_SYNCH_COUNTERS::IpiSendRequestRoutineCount
ULONG IpiSendRequestRoutineCount
Definition: ketypes.h:688

_KTHREAD::PriorityFloorSummary
ULONG PriorityFloorSummary
Definition: ketypes.h:1917

_KPROCESS::ProcessLock
KSPIN_LOCK ProcessLock
Definition: ketypes.h:1998

_KWAIT_BLOCK
Definition: ketypes.h:443

_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
Definition: ketypes.h:712

_KTHREAD::CurrentRunTime
ULONG CurrentRunTime
Definition: ketypes.h:1563

PKTIMER_TABLE
struct _KTIMER_TABLE * PKTIMER_TABLE

ServiceTable
static SERVICE_TABLE_ENTRYW ServiceTable[2]
Definition: eventlog.c:24

SystemArgument2
_In_opt_ PVOID _In_opt_ PVOID _In_opt_ PVOID SystemArgument2
Definition: ketypes.h:675

DeferredReady
Definition: ketypes.h:376

_DISPATCHER_HEADER
Definition: ketypes.h:728

_KEVENT_PAIR::Type
CSHORT Type
Definition: ketypes.h:866

_KENTROPY_TIMING_STATE
Definition: ketypes.h:2051

_KTHREAD::QuantumReset
UCHAR QuantumReset
Definition: ketypes.h:1872

_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusive
ULONG ExAcqResExclusiveAcquiresExclusive
Definition: ketypes.h:699

EventNotificationObject
Definition: ketypes.h:387

_In_
#define _In_
Definition: no_sal2.h:204

_KINTERRUPT::ActualLock
PKSPIN_LOCK ActualLock
Definition: ketypes.h:836

_KTHREAD::StackBase
PVOID StackBase
Definition: ketypes.h:1556

_KINTERRUPT::DispatchCode
ULONG DispatchCode[DISPATCH_LENGTH]
Definition: ketypes.h:858

_KTHREAD::SavedApcStateFill
UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending)+1]
Definition: ketypes.h:1853

KeMinimumIncrement
ULONG NTSYSAPI KeMinimumIncrement
Definition: clock.c:21

_KSYSTEM_TIME::High2Time
LONG High2Time
Definition: ketypes.h:912

_KTHREAD::QueueDeferPreemption
ULONG QueueDeferPreemption
Definition: ketypes.h:1624

MaximumMode
Definition: ketypes.h:13

_TEB
Definition: compat.h:484

_KUSER_SHARED_DATA::DbgVirtEnabled
ULONG DbgVirtEnabled
Definition: ketypes.h:1196

_KDPC_DATA::DpcQueueDepth
volatile ULONG DpcQueueDepth
Definition: ketypes.h:746

_KLOCK_ENTRY_LOCK_STATE::SessionState
PVOID SessionState
Definition: ketypes.h:951

_SYNCH_COUNTERS::ExTryToAcqExclusiveAcquires
ULONG ExTryToAcqExclusiveAcquires
Definition: ketypes.h:725

_KUSER_SHARED_DATA::DbgInstallerDetectEnabled
ULONG DbgInstallerDetectEnabled
Definition: ketypes.h:1197

_KTHREAD::LockEntries
KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES]
Definition: ketypes.h:1913

_SYNCH_COUNTERS::SpinLockContentionCount
ULONG SpinLockContentionCount
Definition: ketypes.h:685

State
enum State_ State
Definition: pofuncs.h:54

ContinueProcessorReselected
Definition: ketypes.h:432

_KPROCESS
Definition: ketypes.h:1972

VdmDelayInterrupt
Definition: ketypes.h:455

_KNODE::_flags
Definition: ketypes.h:780

_KTHREAD::PreviousMode
CHAR PreviousMode
Definition: ketypes.h:1806

_KTHREAD::SchedulerApcFill1
UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]
Definition: ketypes.h:1871

_KUSER_SHARED_DATA::NtSystemRoot
WCHAR NtSystemRoot[260]
Definition: ketypes.h:1151

_KPROFILE::Segment
ULONG_PTR Segment
Definition: ketypes.h:814

_NT_PRODUCT_TYPE
_NT_PRODUCT_TYPE
Definition: ntdef.template.h:349

_PP_LOOKASIDE_LIST::P
struct _GENERAL_LOOKASIDE * P
Definition: ketypes.h:759

_KLOCK_ENTRY::ThreadLocalFlags
UCHAR ThreadLocalFlags
Definition: ketypes.h:978

_KLOCK_ENTRY::OwnerTree
RTL_RB_TREE OwnerTree
Definition: ketypes.h:1054

WrQueue
Definition: ketypes.h:418

_KTHREAD::CalloutActive
ULONG CalloutActive
Definition: ketypes.h:1599

USHORT
unsigned short USHORT
Definition: pedump.c:61

PSYNCH_COUNTERS
struct _SYNCH_COUNTERS * PSYNCH_COUNTERS

WrVirtualMemory
Definition: ketypes.h:421

_KENTROPY_TIMING_STATE::Dpc
KDPC Dpc
Definition: ketypes.h:2055

_KUSER_SHARED_DATA::TickCountQuad
volatile ULONG64 TickCountQuad
Definition: ketypes.h:1214

WaitAll
Definition: ntdef.template.h:366

_KTHREAD::PriorityDecrement
CHAR PriorityDecrement
Definition: ketypes.h:1810

ProcessOutOfMemory
Definition: ketypes.h:442

_KTHREAD::SuspendCount
CHAR SuspendCount
Definition: ketypes.h:1855

KAFFINITY
ULONG_PTR KAFFINITY
Definition: compat.h:75

_KNODE::_flags::Fill
UCHAR Fill
Definition: ketypes.h:782

Spare2Object
Definition: ketypes.h:397

_KDPC_DATA
Definition: ketypes.h:735

_SYNCH_COUNTERS::ExAcqResExclusiveWaits
ULONG ExAcqResExclusiveWaits
Definition: ketypes.h:701

_KSEMAPHORE
Definition: ketypes.h:803

ALTERNATIVE_ARCHITECTURE_TYPE
enum _ALTERNATIVE_ARCHITECTURE_TYPE ALTERNATIVE_ARCHITECTURE_TYPE

PKPROFILE
struct _KPROFILE * PKPROFILE

KSPIN_LOCK
ULONG KSPIN_LOCK
Definition: env_spec_w32.h:72

_KENTROPY_TIMING_STATE::EntropyCount
ULONG EntropyCount
Definition: ketypes.h:2053

umtypes.h

_KLOCK_ENTRY::StaticState
ULONG StaticState
Definition: ketypes.h:1004

_KPROCESS::ActiveProcessors
volatile KAFFINITY ActiveProcessors
Definition: ketypes.h:1991

_KTHREAD::CycleTime
volatile ULONG64 CycleTime
Definition: ketypes.h:1558

VdmSetLdtEntries
Definition: ketypes.h:463

_KLOCK_ENTRY::Spare0
UCHAR Spare0
Definition: ketypes.h:982

FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:254

WrPoolAllocation
Definition: ketypes.h:413

_KPROCESS::ProfileListHead
LIST_ENTRY ProfileListHead
Definition: ketypes.h:1975

WrEventPair
Definition: ketypes.h:417

LONG_PTR
__int3264 LONG_PTR
Definition: mstsclib_h.h:276

_SYNCH_COUNTERS::SpinLockAcquireCount
ULONG SpinLockAcquireCount
Definition: ketypes.h:684

_KTHREAD::WaitBlockCount
UCHAR WaitBlockCount
Definition: ketypes.h:1833

OPTIONAL
#define OPTIONAL
Definition: typedefs.h:40

PULONG
unsigned int * PULONG
Definition: retypes.h:1

_KUSER_SHARED_DATA::SystemCallPad
ULONGLONG SystemCallPad[3]
Definition: ketypes.h:1211

_KTHREAD::AdjustIncrement
CHAR AdjustIncrement
Definition: ketypes.h:1819

_KUSER_SHARED_DATA::NXSupportPolicy
UCHAR NXSupportPolicy
Definition: ketypes.h:1171

_SYNCH_COUNTERS::ExInitializeResourceCount
ULONG ExInitializeResourceCount
Definition: ketypes.h:690

_FIBER::Wx86Tib
PVOID Wx86Tib
Definition: ketypes.h:188

ketypes.h

Reserved1
Definition: bcd.h:201

_KTHREAD::Spare12
CHAR Spare12
Definition: ketypes.h:1681

_KINTERRUPT::SynchronizeIrql
KIRQL SynchronizeIrql
Definition: ketypes.h:840

_KTHREAD::SchedulerApcFill0
UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]
Definition: ketypes.h:1866

NtProductServer
Definition: ntdef.template.h:352

_KEVENT
Definition: ketypes.h:799

_KPROCESS::KernelTime
ULONG KernelTime
Definition: ketypes.h:1992

_KTHREAD::ThreadListEntry
LIST_ENTRY ThreadListEntry
Definition: ketypes.h:1898

XSAVE_FORMAT
XSAVE_FORMAT
Definition: ketypes.h:944

_KTHREAD::ReservedStackInUse
ULONG ReservedStackInUse
Definition: ketypes.h:1602

_KTHREAD::QueuedScb
struct _KSCB * QueuedScb
Definition: ketypes.h:1956

_KUSER_SHARED_DATA::LastSystemRITEventTickCount
ULONG LastSystemRITEventTickCount
Definition: ketypes.h:1176

_KTHREAD::Teb
PVOID Teb
Definition: ketypes.h:1697

_LARGE_INTEGER
Definition: typedefs.h:100

_KEXECUTE_OPTIONS::ExecuteEnable
UCHAR ExecuteEnable
Definition: ketypes.h:878

_KSERVICE_TABLE_DESCRIPTOR::Base
PULONG_PTR Base
Definition: ketypes.h:2038

_KPROFILE::BucketShift
ULONG BucketShift
Definition: ketypes.h:812

PKTHREAD_STATE
enum _KTHREAD_STATE * PKTHREAD_STATE

WrPageIn
Definition: ketypes.h:412

_KTHREAD::UserTime
ULONG UserTime
Definition: ketypes.h:1893

KSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR KSERVICE_TABLE_DESCRIPTOR

PKENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE * PKENTROPY_TIMING_STATE

_KPROCESS::Flags
KEXECUTE_OPTIONS Flags
Definition: ketypes.h:2020

VdmInitialize
Definition: ketypes.h:456

COUNTER_READING
struct _COUNTER_READING COUNTER_READING

_KTHREAD::ResourceIndex
UCHAR ResourceIndex
Definition: ketypes.h:1867

_KTHREAD::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:1551

DISPATCH_LENGTH
#define DISPATCH_LENGTH
Definition: ketypes.h:207

Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219

_KLOCK_ENTRY_LOCK_STATE::CrossThreadReleasable
ULONG_PTR CrossThreadReleasable
Definition: ketypes.h:939

KWAIT_REASON
enum _KWAIT_REASON KWAIT_REASON

_ADJUST_REASON
_ADJUST_REASON
Definition: ketypes.h:418

ProcessInSwap
Definition: ketypes.h:444

_KTHREAD::GlobalForegroundListEntry
LIST_ENTRY GlobalForegroundListEntry
Definition: ketypes.h:1938

_KTHREAD::LegoData
PVOID LegoData
Definition: ketypes.h:1887

_KTHREAD::UserAffinityFill
UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:1805

_KTHREAD::Running
BOOLEAN Running
Definition: ketypes.h:1569

_KLOCK_ENTRY::SessionState
PVOID SessionState
Definition: ketypes.h:1039

_KTHREAD_COUNTERS::Flags
ULONG Flags
Definition: ketypes.h:914

_KTHREAD::StateSaveArea
XSAVE_FORMAT * StateSaveArea
Definition: ketypes.h:1566

OUT
#define OUT
Definition: typedefs.h:39

KeServiceDescriptorTable
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES]
Definition: procobj.c:23

NT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE NT_PRODUCT_TYPE

_KTHREAD::State
volatile UCHAR State
Definition: ketypes.h:1679

ProfileLoadInstructions
Definition: ketypes.h:379

_KTHREAD::Win32Thread
PVOID Win32Thread
Definition: ketypes.h:1756

_KLOCK_ENTRY::InTreeByte
UCHAR InTreeByte
Definition: ketypes.h:1036

_KTHREAD::Affinity
GROUP_AFFINITY Affinity
Definition: ketypes.h:1828

_KINTERRUPT::Size
CSHORT Size
Definition: ketypes.h:826

AttachedApcEnvironment
Definition: ketypes.h:656

_KTHREAD_STATE
_KTHREAD_STATE
Definition: ketypes.h:367

KINTERRUPT
struct _KINTERRUPT KINTERRUPT

ULONG
unsigned int ULONG
Definition: retypes.h:1

_KWAIT_STATUS_REGISTER::Apc
UCHAR Apc
Definition: ketypes.h:895

KeDcacheFlushCount
ULONG NTSYSAPI KeDcacheFlushCount
Definition: cpu.c:20

_KTHREAD::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:1678

_KTHREAD::SListFaultCount
SHORT SListFaultCount
Definition: ketypes.h:1857

_RTL_RB_TREE::Root
PRTL_BALANCED_NODE Root
Definition: ketypes.h:926

VdmSetInt21Handler
Definition: ketypes.h:458

TimerContext
_In_ PLARGE_INTEGER _In_opt_ PTIMER_APC_ROUTINE _In_opt_ PVOID TimerContext
Definition: zwfuncs.h:428

ProfileAlignmentFixup
Definition: ketypes.h:376

_KTHREAD::DeferredProcessor
ULONG DeferredProcessor
Definition: ketypes.h:1796

PULONG_PTR
uint32_t * PULONG_PTR
Definition: typedefs.h:63

_KPROCESS::PowerState
UCHAR PowerState
Definition: ketypes.h:2015

_KNODE::NodeNumber
UCHAR NodeNumber
Definition: ketypes.h:779

_KUSER_SHARED_DATA::SystemCall
ULONG SystemCall
Definition: ketypes.h:1209

_KTHREAD::Preempted
UCHAR Preempted
Definition: ketypes.h:1817

PKEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS * PKEXECUTE_OPTIONS

_KTHREAD::WaitTime
ULONG WaitTime
Definition: ketypes.h:1765

_KTHREAD::Tag
volatile UCHAR Tag
Definition: ketypes.h:1651

_KTHREAD::ReadyTransition
ULONG ReadyTransition
Definition: ketypes.h:1581

_SYNCH_COUNTERS::IpiSendSoftwareInterruptCount
ULONG IpiSendSoftwareInterruptCount
Definition: ketypes.h:689

_KTHREAD::DisableQuantum
ULONG DisableQuantum
Definition: ketypes.h:1621

_KTHREAD::ApcStateIndex
UCHAR ApcStateIndex
Definition: ketypes.h:1832

_SLIST_HEADER
Definition: rtltypes.h:134

_KPROFILE
Definition: ketypes.h:804

_KNODE::PfnDereferenceSListHead
SLIST_HEADER PfnDereferenceSListHead
Definition: ketypes.h:775

PKDPC_LIST
struct _KDPC_LIST * PKDPC_LIST

WrMutex
Definition: ketypes.h:432

KWAIT_BLOCK
struct _KWAIT_BLOCK KWAIT_BLOCK

_KNODE::ProcessorMask
KAFFINITY ProcessorMask
Definition: ketypes.h:776

StandardDesign
Definition: ketypes.h:884

_KTHREAD::ApcQueueable
ULONG ApcQueueable
Definition: ketypes.h:1601

PKNORMAL_ROUTINE
VOID(NTAPI * PKNORMAL_ROUTINE)(IN PVOID NormalContext OPTIONAL, IN PVOID SystemArgument1 OPTIONAL, IN PVOID SystemArgument2 OPTIONAL)
Definition: ketypes.h:632

_KTHREAD::WaitMode
KPROCESSOR_MODE WaitMode
Definition: ketypes.h:1686

_KDPC_DATA::ActiveDpc
PKDPC ActiveDpc
Definition: ketypes.h:750

_KNODE::Seed
UCHAR Seed
Definition: ketypes.h:778

_KEVENT_PAIR::HighEvent
KEVENT HighEvent
Definition: ketypes.h:869

_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveWaits
ULONG ExAcqResSharedWaitForExclusiveWaits
Definition: ketypes.h:719

EventPairObject
Definition: ketypes.h:408

KPROFILE_SOURCE
enum _KPROFILE_SOURCE KPROFILE_SOURCE

void
Definition: nsiface.idl:2306

_COUNTER_READING::Type
enum _HARDWARE_COUNTER_TYPE Type
Definition: ketypes.h:904

NotificationTimer
Definition: ntdef.template.h:361

WrSuspended
Definition: ketypes.h:415

_KTHREAD::WaitBlockFill9
UCHAR WaitBlockFill9[1 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1750

_KPROCESS::UserTime
ULONG UserTime
Definition: ketypes.h:1993

_KPROCESS::AutoAlignment
LONG AutoAlignment
Definition: ketypes.h:2004

MutantObject
Definition: ketypes.h:389

_KINTERRUPT::DispatchAddress
PKINTERRUPT_ROUTINE DispatchAddress
Definition: ketypes.h:837

_KEXECUTE_OPTIONS::ExecuteDispatchEnable
UCHAR ExecuteDispatchEnable
Definition: ketypes.h:881

CSHORT
short CSHORT
Definition: umtypes.h:127

_WAIT_TYPE
_WAIT_TYPE
Definition: ntdef.template.h:365

ProfilePipelineDry
Definition: ketypes.h:378

_KSYSTEM_TIME
Definition: ketypes.h:909

_KTHREAD::InitialStack
PVOID InitialStack
Definition: ketypes.h:1554

_KUSER_SHARED_DATA::DbgErrorPortPresent
ULONG DbgErrorPortPresent
Definition: ketypes.h:1194

ADJUST_REASON
enum _ADJUST_REASON ADJUST_REASON

KPROFILE
struct _KPROFILE KPROFILE

_KTHREAD::AffinityVersion
ULONG_PTR AffinityVersion
Definition: ketypes.h:1824

KTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY KTIMER_TABLE_ENTRY

_KINTERRUPT::ServiceContext
PVOID ServiceContext
Definition: ketypes.h:833

_KTHREAD::UserAffinity
GROUP_AFFINITY UserAffinity
Definition: ketypes.h:1802

PKLOCK_ENTRY
struct _KLOCK_ENTRY * PKLOCK_ENTRY

_KWAIT_STATUS_REGISTER::Alert
UCHAR Alert
Definition: ketypes.h:897

KiBugCheckData
ULONG_PTR NTSYSAPI KiBugCheckData[]
Definition: bug.c:30

PKNODE
struct _KNODE * PKNODE

_KTHREAD::ThreadLock
KSPIN_LOCK ThreadLock
Definition: ketypes.h:1557

Limit
_In_ LONG _In_ LONG Limit
Definition: kefuncs.h:328

_KNODE::FreeCount
ULONG FreeCount[2]
Definition: ketypes.h:785

UserRequest
Definition: ketypes.h:409

_KTHREAD::WaitRegister
KWAIT_STATUS_REGISTER WaitRegister
Definition: ketypes.h:1568

_KTHREAD::GuiThread
ULONG GuiThread
Definition: ketypes.h:1620

_KTHREAD::ProcessStackCountDecremented
ULONG ProcessStackCountDecremented
Definition: ketypes.h:1639

Spare3Object
Definition: ketypes.h:398

_KPROCESS::VdmTrapcHandler
PVOID VdmTrapcHandler
Definition: ketypes.h:1996

_KTHREAD::SystemCallNumber
ULONG SystemCallNumber
Definition: ketypes.h:1659

EndAlternatives
Definition: ketypes.h:886

_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveNotAcquires
ULONG ExAcqResSharedWaitForExclusiveNotAcquires
Definition: ketypes.h:720

_SYNCH_COUNTERS::ExecutiveResourceReleaseExclusiveCount
ULONG ExecutiveResourceReleaseExclusiveCount
Definition: ketypes.h:695

_FIBER::ActivationContextStackPointer
struct _ACTIVATION_CONTEXT_STACK * ActivationContextStackPointer
Definition: ketypes.h:189

ProfileStoreInstructions
Definition: ketypes.h:387

PKAPC_STATE
* PKAPC_STATE
Definition: ketypes.h:1273

_KWAIT_STATUS_REGISTER
Definition: ketypes.h:887

_KUSER_SHARED_DATA::ComPlusPackage
ULONG ComPlusPackage
Definition: ketypes.h:1175

Executive
Definition: ketypes.h:403

_KIDTENTRY
Definition: ketypes.h:382

THREAD_WAIT_OBJECTS
#define THREAD_WAIT_OBJECTS
Definition: ketypes.h:480

_KUSER_SHARED_DATA::ProcessorFeatures
BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX]
Definition: ketypes.h:1161

PKSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR * PKSERVICE_TABLE_DESCRIPTOR

_KCONTINUE_STATUS
_KCONTINUE_STATUS
Definition: ketypes.h:428

_KPROCESS::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:1974

_KPROFILE_SOURCE
_KPROFILE_SOURCE
Definition: winternl.h:2122

_KTHREAD::KeReferenceCount
volatile SHORT KeReferenceCount
Definition: ketypes.h:1924

_KTHREAD::ThreadFlagsSpare
ULONG ThreadFlagsSpare
Definition: ketypes.h:1640

AdjustNone
Definition: ketypes.h:420

_KTHREAD::MutantListHead
LIST_ENTRY MutantListHead
Definition: ketypes.h:1899

MaximumWaitReason
Definition: ketypes.h:440

_KTHREAD::WaitBlockFill11
UCHAR WaitBlockFill11[3 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, Object)]
Definition: ketypes.h:1760

_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsAccountedCount
ULONG ExEtwSynchTrackingNotificationsAccountedCount
Definition: ketypes.h:729

_KUSER_SHARED_DATA::SpareBits
ULONG SpareBits
Definition: ketypes.h:1201

_KUSER_SHARED_DATA::DismountCount
volatile ULONG DismountCount
Definition: ketypes.h:1174

_KTHREAD::WaitIrql
KIRQL WaitIrql
Definition: ketypes.h:1685

_KUSER_SHARED_DATA::ProductTypeIsValid
BOOLEAN ProductTypeIsValid
Definition: ketypes.h:1158

_KWAIT_STATUS_REGISTER::Affinity
UCHAR Affinity
Definition: ketypes.h:893

_KUSER_SHARED_DATA::Wow64SharedInformation
ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES]
Definition: ketypes.h:1224

KNODE
struct _KNODE KNODE

_KNODE
Definition: ketypes.h:772

PP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST PP_LOOKASIDE_LIST

KeServiceDescriptorTableShadow
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES]
Definition: procobj.c:24