25 CONSTANT(CR4_XMMEXCPT
),
26 //CONSTANT(CR4_PGE_V),
27 //CONSTANT(CR4_XSAVE),
29 HEADER("KeFeatureBits flags"),
32 CONSTANT(KF_GLOBAL_PAGE
),
33 CONSTANT(KF_LARGE_PAGE
),
34 CONSTANT(KF_CMPXCHG8B
),
35 CONSTANT(KF_FAST_SYSCALL
),
37 //CONSTANT(KF_XSTATE),
39 HEADER("Machine type definitions"),
40 CONSTANT(MACHINE_TYPE_ISA
),
41 CONSTANT(MACHINE_TYPE_EISA
),
42 CONSTANT(MACHINE_TYPE_MCA
),
46 CONSTANT(EFLAGS_INTERRUPT_MASK
),
47 CONSTANT(EFLAGS_V86_MASK
),
48 CONSTANT(EFLAGS_ALIGN_CHECK
),
51 CONSTANT(EFLAGS_USER_SANITIZE
),
53 HEADER("KDGT selectors"),
54 CONSTANT(KGDT_R3_DATA
),
55 CONSTANT(KGDT_R3_CODE
),
56 CONSTANT(KGDT_R0_CODE
),
57 CONSTANT(KGDT_R0_DATA
),
58 CONSTANT(KGDT_R0_PCR
),
59 //CONSTANT(KGDT_STACK16),
60 //CONSTANT(KGDT_CODE16),
62 CONSTANT(KGDT_R3_TEB
),
63 CONSTANT(KGDT_DF_TSS
),
64 CONSTANT(KGDT_NMI_TSS
),
67 CONSTANT(NPX_STATE_NOT_LOADED
),
68 CONSTANT(NPX_STATE_LOADED
),
69 //CONSTANT(NPX_MASK_LAZY),
72 HEADER("VDM constants"),
73 CONSTANT(VDM_INDEX_Invalid),
74 CONSTANT(VDM_INDEX_0F),
75 CONSTANT(VDM_INDEX_ESPrefix),
76 CONSTANT(VDM_INDEX_CSPrefix),
77 CONSTANT(VDM_INDEX_SSPrefix),
78 CONSTANT(VDM_INDEX_DSPrefix),
79 CONSTANT(VDM_INDEX_FSPrefix),
80 CONSTANT(VDM_INDEX_GSPrefix),
81 CONSTANT(VDM_INDEX_OPER32Prefix),
82 CONSTANT(VDM_INDEX_ADDR32Prefix),
83 CONSTANT(VDM_INDEX_INSB),
84 CONSTANT(VDM_INDEX_INSW),
85 CONSTANT(VDM_INDEX_OUTSB),
86 CONSTANT(VDM_INDEX_OUTSW),
87 CONSTANT(VDM_INDEX_PUSHF),
88 CONSTANT(VDM_INDEX_POPF),
89 CONSTANT(VDM_INDEX_INTnn),
90 CONSTANT(VDM_INDEX_INTO),
91 CONSTANT(VDM_INDEX_IRET),
92 CONSTANT(VDM_INDEX_NPX),
93 CONSTANT(VDM_INDEX_INBimm),
94 CONSTANT(VDM_INDEX_INWimm),
95 CONSTANT(VDM_INDEX_OUTBimm),
96 CONSTANT(VDM_INDEX_OUTWimm),
97 CONSTANT(VDM_INDEX_INB),
98 CONSTANT(VDM_INDEX_INW),
99 CONSTANT(VDM_INDEX_OUTB),
100 CONSTANT(VDM_INDEX_OUTW),
101 CONSTANT(VDM_INDEX_LOCKPrefix),
102 CONSTANT(VDM_INDEX_REPNEPrefix),
103 CONSTANT(VDM_INDEX_REPPrefix),
104 CONSTANT(VDM_INDEX_CLI),
105 CONSTANT(VDM_INDEX_STI),
106 CONSTANT(VDM_INDEX_HLT),
107 CONSTANT(MAX_VDM_INDEX),
109 CONSTANT(PF_XMMI_INSTRUCTIONS_AVAILABLE
),
110 CONSTANT(EFLAG_SELECT
),
111 //CONSTANT(IPI_FREEZE),
112 //CONSTANT(XSAVE_PRESENT),
115 OFFSET(CsContextFlags
, CONTEXT
, ContextFlags
),
116 OFFSET(CsDr0
, CONTEXT
, Dr0
),
117 OFFSET(CsDr1
, CONTEXT
, Dr1
),
118 OFFSET(CsDr2
, CONTEXT
, Dr2
),
119 OFFSET(CsDr3
, CONTEXT
, Dr3
),
120 OFFSET(CsDr6
, CONTEXT
, Dr6
),
121 OFFSET(CsDr7
, CONTEXT
, Dr7
),
122 OFFSET(CsFloatSave
, CONTEXT
, FloatSave
),
123 OFFSET(CsSegGs
, CONTEXT
, SegGs
),
124 OFFSET(CsSegFs
, CONTEXT
, SegFs
),
125 OFFSET(CsSegEs
, CONTEXT
, SegEs
),
126 OFFSET(CsSegDs
, CONTEXT
, SegDs
),
127 OFFSET(CsEdi
, CONTEXT
, Edi
),
128 OFFSET(CsEsi
, CONTEXT
, Esi
),
129 OFFSET(CsEbx
, CONTEXT
, Ebx
),
130 OFFSET(CsEdx
, CONTEXT
, Edx
),
131 OFFSET(CsEcx
, CONTEXT
, Ecx
),
132 OFFSET(CsEax
, CONTEXT
, Eax
),
133 OFFSET(CsEbp
, CONTEXT
, Ebp
),
134 OFFSET(CsEip
, CONTEXT
, Eip
),
135 OFFSET(CsSegCs
, CONTEXT
, SegCs
),
136 OFFSET(CsEflags
, CONTEXT
, EFlags
),
137 OFFSET(CsEsp
, CONTEXT
, Esp
),
138 OFFSET(CsSegSs
, CONTEXT
, SegSs
),
139 OFFSET(CsExtendedRegisters
, CONTEXT
, ExtendedRegisters
),
140 SIZE(ContextFrameLength
, CONTEXT
),
141 SIZE(CONTEXT_LENGTH
, CONTEXT
),
144 OFFSET(KgdtBaseLow
, KGDTENTRY
, BaseLow
),
145 OFFSET(KgdtBaseMid
, KGDTENTRY
, HighWord
.Bytes
.BaseMid
),
146 OFFSET(KgdtBaseHi
, KGDTENTRY
, HighWord
.Bytes
.BaseHi
),
147 OFFSET(KgdtLimitHi
, KGDTENTRY
, HighWord
.Bytes
.Flags2
),
148 OFFSET(KgdtLimitLow
, KGDTENTRY
, LimitLow
),
150 HEADER("KTRAP_FRAME"),
151 OFFSET(TsExceptionList
, KTRAP_FRAME
, ExceptionList
),
152 OFFSET(TsPreviousPreviousMode
, KTRAP_FRAME
, PreviousPreviousMode
),
153 OFFSET(TsSegGs
, KTRAP_FRAME
, SegGs
),
154 OFFSET(TsSegFs
, KTRAP_FRAME
, SegFs
),
155 OFFSET(TsSegEs
, KTRAP_FRAME
, SegEs
),
156 OFFSET(TsSegDs
, KTRAP_FRAME
, SegDs
),
157 OFFSET(TsEdi
, KTRAP_FRAME
, Edi
),
158 OFFSET(TsEsi
, KTRAP_FRAME
, Esi
),
159 OFFSET(TsEbp
, KTRAP_FRAME
, Ebp
),
160 OFFSET(TsEbx
, KTRAP_FRAME
, Ebx
),
161 OFFSET(TsEdx
, KTRAP_FRAME
, Edx
),
162 OFFSET(TsEcx
, KTRAP_FRAME
, Ecx
),
163 OFFSET(TsEax
, KTRAP_FRAME
, Eax
),
164 OFFSET(TsErrCode
, KTRAP_FRAME
, ErrCode
),
165 OFFSET(TsEip
, KTRAP_FRAME
, Eip
),
166 OFFSET(TsSegCs
, KTRAP_FRAME
, SegCs
),
167 OFFSET(TsEflags
, KTRAP_FRAME
, EFlags
),
168 OFFSET(TsHardwareEsp
, KTRAP_FRAME
, HardwareEsp
),
169 OFFSET(TsHardwareSegSs
, KTRAP_FRAME
, HardwareSegSs
),
170 OFFSET(TsTempSegCs
, KTRAP_FRAME
, TempSegCs
),
171 //OFFSET(TsLogging, KTRAP_FRAME, Logging),
172 OFFSET(TsTempEsp
, KTRAP_FRAME
, TempEsp
),
173 OFFSET(TsDbgEbp
, KTRAP_FRAME
, DbgEbp
),
174 OFFSET(TsDbgEip
, KTRAP_FRAME
, DbgEip
),
175 OFFSET(TsDbgArgMark
, KTRAP_FRAME
, DbgArgMark
),
176 OFFSET(TsDbgArgPointer
, KTRAP_FRAME
, DbgArgPointer
),
177 OFFSET(TsDr0
, KTRAP_FRAME
, Dr0
),
178 OFFSET(TsDr1
, KTRAP_FRAME
, Dr1
),
179 OFFSET(TsDr2
, KTRAP_FRAME
, Dr2
),
180 OFFSET(TsDr3
, KTRAP_FRAME
, Dr3
),
181 OFFSET(TsDr6
, KTRAP_FRAME
, Dr6
),
182 OFFSET(TsDr7
, KTRAP_FRAME
, Dr7
),
183 OFFSET(TsV86Es
, KTRAP_FRAME
, V86Es
),
184 OFFSET(TsV86Ds
, KTRAP_FRAME
, V86Ds
),
185 OFFSET(TsV86Fs
, KTRAP_FRAME
, V86Fs
),
186 OFFSET(TsV86Gs
, KTRAP_FRAME
, V86Gs
),
187 SIZE(KTRAP_FRAME_LENGTH
, KTRAP_FRAME
),
188 CONSTANT(KTRAP_FRAME_ALIGN
),
189 CONSTANT(FRAME_EDITED
),
192 OFFSET(TssEsp0
, KTSS
, Esp0
),
193 OFFSET(TssCR3
, KTSS
, CR3
),
194 OFFSET(TssEip
, KTSS
, Eip
),
195 OFFSET(TssEFlags
, KTSS
, EFlags
),
196 OFFSET(TssEax
, KTSS
, Eax
),
197 OFFSET(TssEbx
, KTSS
, Ebx
),
198 OFFSET(TssEcx
, KTSS
, Ecx
),
199 OFFSET(TssEdx
, KTSS
, Edx
),
200 OFFSET(TssEsp
, KTSS
, Esp
),
201 OFFSET(TssEbp
, KTSS
, Ebp
),
202 OFFSET(TssEsi
, KTSS
, Esi
),
203 OFFSET(TssEdi
, KTSS
, Edi
),
204 OFFSET(TssEs
, KTSS
, Es
),
205 OFFSET(TssCs
, KTSS
, Cs
),
206 OFFSET(TssSs
, KTSS
, Ss
),
207 OFFSET(TssDs
, KTSS
, Ds
),
208 OFFSET(TssFs
, KTSS
, Fs
),
209 OFFSET(TssGs
, KTSS
, Gs
),
210 OFFSET(TssLDT
, KTSS
, LDT
),
211 OFFSET(TssIoMapBase
, KTSS
, IoMapBase
),
212 OFFSET(TssIoMaps
, KTSS
, IoMaps
),
213 SIZE(TssLength
, KTSS
),
215 // ReactOS stuff here
217 OFFSET(KPCR_EXCEPTION_LIST
, KPCR
, NtTib
.ExceptionList
),
220 OFFSET(KPCR_PERF_GLOBAL_GROUP_MASK
, KIPCR
, PerfGlobalGroupMask
),
221 OFFSET(KPCR_CONTEXT_SWITCHES
, KPCR
, ContextSwitches
),
222 // KPCR_SET_MEMBER_COPY
223 OFFSET(KPCR_TEB
, KIPCR
, Used_Self
),
224 OFFSET(KPCR_SELF
, KIPCR
, Self
),
225 OFFSET(KPCR_PRCB
, KPCR
, Prcb
),
230 //KPCR_KD_VERSION_BLOCK
231 OFFSET(KPCR_IDT
, KIPCR
, IDT
),
232 OFFSET(KPCR_GDT
, KIPCR
, GDT
),
233 OFFSET(KPCR_TSS
, KPCR
, TSS
),
234 OFFSET(KPCR_STALL_SCALE_FACTOR
, KPCR
, StallScaleFactor
),
238 OFFSET(KPCR_PRCB_DATA
, KIPCR
, PrcbData
),
239 OFFSET(KPCR_CURRENT_THREAD
, KIPCR
, PrcbData
.CurrentThread
),
240 OFFSET(KPCR_PRCB_NEXT_THREAD
, KIPCR
, PrcbData
.NextThread
),
241 //KPCR_PRCB_IDLE_THREAD
242 //KPCR_PROCESSOR_NUMBER
243 //KPCR_PRCB_SET_MEMBER
245 //KPCR_PRCB_PRCB_LOCK
249 //KPCR_PRCB_INTERRUPT_COUNT 0x644
250 //KPCR_PRCB_KERNEL_TIME 0x648
251 //KPCR_PRCB_USER_TIME 0x64C
252 //KPCR_PRCB_DPC_TIME 0x650
253 //KPCR_PRCB_DEBUG_DPC_TIME 0x654
254 //KPCR_PRCB_INTERRUPT_TIME 0x658
255 //KPCR_PRCB_ADJUST_DPC_THRESHOLD 0x65C
256 //KPCR_PRCB_SKIP_TICK 0x664
257 //KPCR_SYSTEM_CALLS 0x6B8
258 OFFSET(KPCR_PRCB_DPC_QUEUE_DEPTH
, KIPCR
, PrcbData
.DpcData
[0].DpcQueueDepth
),
259 //KPCR_PRCB_DPC_COUNT 0xA50
260 OFFSET(KPCR_PRCB_DPC_STACK
, KIPCR
, PrcbData
.DpcStack
),
261 OFFSET(KPCR_PRCB_MAXIMUM_DPC_QUEUE_DEPTH
, KIPCR
, PrcbData
.MaximumDpcQueueDepth
),
262 //KPCR_PRCB_MAXIMUM_DPC_QUEUE_DEPTH 0xA6C
263 //KPCR_PRCB_DPC_REQUEST_RATE 0xA70
264 //KPCR_PRCB_DPC_INTERRUPT_REQUESTED 0xA78
265 OFFSET(KPCR_PRCB_DPC_ROUTINE_ACTIVE
, KIPCR
, PrcbData
.DpcRoutineActive
),
266 //KPCR_PRCB_DPC_LAST_COUNT 0xA80
267 OFFSET(KPCR_PRCB_TIMER_REQUEST
, KIPCR
, PrcbData
.TimerRequest
),
268 OFFSET(KPCR_PRCB_QUANTUM_END
, KIPCR
, PrcbData
.QuantumEnd
),
269 //KPCR_PRCB_IDLE_SCHEDULE 0xAA3
270 OFFSET(KPCR_PRCB_DEFERRED_READY_LIST_HEAD
, KIPCR
, PrcbData
.DeferredReadyListHead
),
271 OFFSET(KPCR_PRCB_POWER_STATE_IDLE_FUNCTION
, KIPCR
, PrcbData
.PowerState
.IdleFunction
),
273 HEADER("KTRAP_FRAME"),
274 OFFSET(KTRAP_FRAME_DEBUGEBP
, KTRAP_FRAME
, DbgEbp
),
275 OFFSET(KTRAP_FRAME_DEBUGEIP
, KTRAP_FRAME
, DbgEip
),
276 //OFFSET(KTRAP_FRAME_DEBUGARGMARK 0x8
277 //OFFSET(KTRAP_FRAME_DEBUGPOINTER 0xC
278 //OFFSET(KTRAP_FRAME_TEMPCS 0x10
279 OFFSET(KTRAP_FRAME_TEMPESP
, KTRAP_FRAME
, TempEsp
),
280 OFFSET(KTRAP_FRAME_DR0
, KTRAP_FRAME
, Dr0
),
281 OFFSET(KTRAP_FRAME_DR1
, KTRAP_FRAME
, Dr1
),
282 OFFSET(KTRAP_FRAME_DR2
, KTRAP_FRAME
, Dr2
),
283 OFFSET(KTRAP_FRAME_DR3
, KTRAP_FRAME
, Dr3
),
284 OFFSET(KTRAP_FRAME_DR6
, KTRAP_FRAME
, Dr6
),
285 OFFSET(KTRAP_FRAME_DR7
, KTRAP_FRAME
, Dr7
),
286 OFFSET(KTRAP_FRAME_GS
, KTRAP_FRAME
, SegGs
),
287 //OFFSET(KTRAP_FRAME_RESERVED1 0x32
288 OFFSET(KTRAP_FRAME_ES
, KTRAP_FRAME
, SegEs
),
289 //OFFSET(KTRAP_FRAME_RESERVED2 0x36
290 OFFSET(KTRAP_FRAME_DS
, KTRAP_FRAME
, SegDs
),
291 //OFFSET(KTRAP_FRAME_RESERVED3 0x3A
292 OFFSET(KTRAP_FRAME_EDX
, KTRAP_FRAME
, Edx
),
293 OFFSET(KTRAP_FRAME_ECX
, KTRAP_FRAME
, Ecx
),
294 OFFSET(KTRAP_FRAME_EAX
, KTRAP_FRAME
, Eax
),
295 OFFSET(KTRAP_FRAME_PREVIOUS_MODE
, KTRAP_FRAME
, PreviousPreviousMode
),
296 OFFSET(KTRAP_FRAME_EXCEPTION_LIST
, KTRAP_FRAME
, ExceptionList
),
297 OFFSET(KTRAP_FRAME_FS
, KTRAP_FRAME
, SegFs
),
298 //OFFSET(KTRAP_FRAME_RESERVED4 0x52
299 OFFSET(KTRAP_FRAME_EDI
, KTRAP_FRAME
, Edi
),
300 OFFSET(KTRAP_FRAME_ESI
, KTRAP_FRAME
, Esi
),
301 OFFSET(KTRAP_FRAME_EBX
, KTRAP_FRAME
, Ebx
),
302 OFFSET(KTRAP_FRAME_EBP
, KTRAP_FRAME
, Ebp
),
303 OFFSET(KTRAP_FRAME_ERROR_CODE
, KTRAP_FRAME
, ErrCode
),
304 OFFSET(KTRAP_FRAME_EIP
, KTRAP_FRAME
, Eip
),
305 //OFFSET(KTRAP_FRAME_CS 0x6C
306 OFFSET(KTRAP_FRAME_EFLAGS
, KTRAP_FRAME
, EFlags
),
307 OFFSET(KTRAP_FRAME_ESP
, KTRAP_FRAME
, HardwareEsp
),
308 OFFSET(KTRAP_FRAME_SS
, KTRAP_FRAME
, HardwareSegSs
),
309 //OFFSET(KTRAP_FRAME_RESERVED5 0x7A
310 OFFSET(KTRAP_FRAME_V86_ES
, KTRAP_FRAME
, V86Es
),
311 //OFFSET(KTRAP_FRAME_RESERVED6 0x7E
312 OFFSET(KTRAP_FRAME_V86_DS
, KTRAP_FRAME
, V86Ds
),
313 //OFFSET(KTRAP_FRAME_RESERVED7 0x82
314 OFFSET(KTRAP_FRAME_V86_FS
, KTRAP_FRAME
, V86Fs
),
315 //OFFSET(KTRAP_FRAME_RESERVED8 0x86
316 OFFSET(KTRAP_FRAME_V86_GS
, KTRAP_FRAME
, V86Gs
),
317 //OFFSET(KTRAP_FRAME_RESERVED9 0x8A
318 //OFFSET(KTRAP_FRAME_SIZE 0x8C
319 //OFFSET(KTRAP_FRAME_LENGTH 0x8C
320 //OFFSET(KTRAP_FRAME_ALIGN 0x04
321 SIZE(KTRAP_FRAME_SIZE
, KTRAP_FRAME
),
322 CONSTANT(FRAME_EDITED
),
327 OFFSET(CONTEXT_FLAGS
, CONTEXT
, ContextFlags
),
328 //OFFSET(CONTEXT_DR6 0x14
329 //OFFSET(CONTEXT_FLOAT_SAVE 0x1C
330 OFFSET(CONTEXT_SEGGS
, CONTEXT
, SegGs
),
331 OFFSET(CONTEXT_SEGFS
, CONTEXT
, SegFs
),
332 OFFSET(CONTEXT_SEGES
, CONTEXT
, SegEs
),
333 OFFSET(CONTEXT_SEGDS
, CONTEXT
, SegDs
),
334 OFFSET(CONTEXT_EDI
, CONTEXT
, Edi
),
335 OFFSET(CONTEXT_ESI
, CONTEXT
, Esi
),
336 OFFSET(CONTEXT_EBX
, CONTEXT
, Ebx
),
337 OFFSET(CONTEXT_EDX
, CONTEXT
, Edx
),
338 OFFSET(CONTEXT_ECX
, CONTEXT
, Ecx
),
339 OFFSET(CONTEXT_EAX
, CONTEXT
, Eax
),
340 OFFSET(CONTEXT_EBP
, CONTEXT
, Ebp
),
341 OFFSET(CONTEXT_EIP
, CONTEXT
, Eip
),
342 OFFSET(CONTEXT_SEGCS
, CONTEXT
, SegCs
),
343 OFFSET(CONTEXT_EFLAGS
, CONTEXT
, EFlags
),
344 OFFSET(CONTEXT_ESP
, CONTEXT
, Esp
),
345 OFFSET(CONTEXT_SEGSS
, CONTEXT
, SegSs
),
346 //OFFSET(CONTEXT_FLOAT_SAVE_CONTROL_WORD CONTEXT_FLOAT_SAVE + FP_CONTROL_WORD
347 //OFFSET(CONTEXT_FLOAT_SAVE_STATUS_WORD CONTEXT_FLOAT_SAVE + FP_STATUS_WORD
348 //OFFSET(CONTEXT_FLOAT_SAVE_TAG_WORD CONTEXT_FLOAT_SAVE + FP_TAG_WORD
349 //OFFSET(CONTEXT_FRAME_LENGTH 0x2D0
350 SIZE(CONTEXT_FRAME_LENGTH
, CONTEXT
),
353 OFFSET(FIBER_PARAMETER
, FIBER
, Parameter
),
354 OFFSET(FIBER_EXCEPTION_LIST
, FIBER
, ExceptionList
),
355 OFFSET(FIBER_STACK_BASE
, FIBER
, StackBase
),
356 OFFSET(FIBER_STACK_LIMIT
, FIBER
, StackLimit
),
357 OFFSET(FIBER_DEALLOCATION_STACK
, FIBER
, DeallocationStack
),
358 OFFSET(FIBER_CONTEXT
, FIBER
, Context
),
359 OFFSET(FIBER_CONTEXT_FLAGS
, FIBER
, Context
.ContextFlags
),
360 OFFSET(FIBER_CONTEXT_EAX
, FIBER
, Context
.Eax
),
361 OFFSET(FIBER_CONTEXT_EBX
, FIBER
, Context
.Ebx
),
362 OFFSET(FIBER_CONTEXT_ECX
, FIBER
, Context
.Ecx
),
363 OFFSET(FIBER_CONTEXT_EDX
, FIBER
, Context
.Edx
),
364 OFFSET(FIBER_CONTEXT_ESI
, FIBER
, Context
.Esi
),
365 OFFSET(FIBER_CONTEXT_EDI
, FIBER
, Context
.Edi
),
366 OFFSET(FIBER_CONTEXT_EBP
, FIBER
, Context
.Ebp
),
367 OFFSET(FIBER_CONTEXT_EIP
, FIBER
, Context
.Eip
),
368 OFFSET(FIBER_CONTEXT_ESP
, FIBER
, Context
.Esp
),
369 OFFSET(FIBER_CONTEXT_DR6
, FIBER
, Context
.Dr6
),
370 OFFSET(FIBER_CONTEXT_FLOAT_SAVE_CONTROL_WORD
, FIBER
, Context
.FloatSave
.ControlWord
),
371 OFFSET(FIBER_CONTEXT_FLOAT_SAVE_STATUS_WORD
, FIBER
, Context
.FloatSave
.StatusWord
),
372 OFFSET(FIBER_CONTEXT_FLOAT_SAVE_TAG_WORD
, FIBER
, Context
.FloatSave
.TagWord
),
373 OFFSET(FIBER_GUARANTEED_STACK_BYTES
, FIBER
, GuaranteedStackBytes
),
374 OFFSET(FIBER_FLS_DATA
, FIBER
, FlsData
),
375 OFFSET(FIBER_ACTIVATION_CONTEXT_STACK
, FIBER
, ActivationContextStack
),
378 OFFSET(KTSS_IOMAPBASE
, KTSS
, IoMapBase
),
379 OFFSET(KTSS_ESP0
, KTSS
, Esp0
),
381 HEADER("EXCEPTION_RECORD"),
382 OFFSET(EXCEPTION_RECORD_EXCEPTION_CODE
, EXCEPTION_RECORD
, ExceptionCode
),
383 OFFSET(EXCEPTION_RECORD_EXCEPTION_FLAGS
, EXCEPTION_RECORD
, ExceptionFlags
),
384 OFFSET(EXCEPTION_RECORD_EXCEPTION_RECORD
, EXCEPTION_RECORD
, ExceptionRecord
),
385 OFFSET(EXCEPTION_RECORD_EXCEPTION_ADDRESS
, EXCEPTION_RECORD
, ExceptionAddress
),
386 OFFSET(EXCEPTION_RECORD_NUMBER_PARAMETERS
, EXCEPTION_RECORD
, NumberParameters
),
387 OFFSET(EXCEPTION_RECORD_EXCEPTION_ADDRESS
, EXCEPTION_RECORD
, ExceptionAddress
),
388 SIZE(SIZEOF_EXCEPTION_RECORD
, EXCEPTION_RECORD
),
389 CONSTANT(EXCEPTION_RECORD_LENGTH
),
391 //#define EXCEPTION_RECORD_LENGTH 0x50
394 OFFSET(KTHREAD_DEBUG_ACTIVE
, KTHREAD
, Header
.DebugActive
),
395 OFFSET(KTHREAD_INITIAL_STACK
, KTHREAD
, InitialStack
),
396 OFFSET(KTHREAD_STACK_LIMIT
, KTHREAD
, StackLimit
),
397 OFFSET(KTHREAD_TEB
, KTHREAD
, Teb
),
398 OFFSET(KTHREAD_KERNEL_STACK
, KTHREAD
, KernelStack
),
399 //OFFSET(KTHREAD_ALERTED 0x5E
400 OFFSET(KTHREAD_APCSTATE_PROCESS
, KTHREAD
, ApcState
.Process
),
401 //OFFSET(KTHREAD_PENDING_USER_APC 0x28 + 0x16
402 OFFSET(KTHREAD_PENDING_KERNEL_APC
, KTHREAD
, ApcState
.KernelApcPending
),
403 OFFSET(KTHREAD_CONTEXT_SWITCHES
, KTHREAD
, ContextSwitches
),
404 OFFSET(KTHREAD_STATE_
, KTHREAD
, State
),
405 OFFSET(KTHREAD_NPX_STATE
, KTHREAD
, NpxState
),
406 OFFSET(KTHREAD_WAIT_IRQL
, KTHREAD
, WaitIrql
),
407 //OFFSET(KTHREAD_NEXT_PROCESSOR 0x40
408 OFFSET(KTHREAD_WAIT_REASON
, KTHREAD
, WaitReason
),
409 //OFFSET(KTHREAD_PRIORITY 0x5B
410 //OFFSET(KTHREAD_SWAP_BUSY 0x5D
411 //OFFSET(KTHREAD_SERVICE_TABLE 0x118
412 //OFFSET(KTHREAD_PREVIOUS_MODE 0xD7
413 OFFSET(KTHREAD_COMBINED_APC_DISABLE
, KTHREAD
, CombinedApcDisable
),
414 OFFSET(KTHREAD_SPECIAL_APC_DISABLE
, KTHREAD
, SpecialApcDisable
),
415 OFFSET(KTHREAD_LARGE_STACK
, KTHREAD
, LargeStack
),
416 OFFSET(KTHREAD_TRAP_FRAME
, KTHREAD
, TrapFrame
),
417 OFFSET(KTHREAD_CALLBACK_STACK
, KTHREAD
, CallbackStack
),
418 OFFSET(KTHREAD_APC_STATE_INDEX
, KTHREAD
, ApcStateIndex
),
419 OFFSET(KTHREAD_STACK_BASE
, KTHREAD
, StackBase
),
420 //OFFSET(KTHREAD_QUANTUM 0x15D
421 //OFFSET(KTHREAD_KERNEL_TIME 0x160
422 //OFFSET(KTHREAD_USER_TIME 0x18C
425 OFFSET(KPROCESS_DIRECTORY_TABLE_BASE
, KPROCESS
, DirectoryTableBase
),
426 OFFSET(KPROCESS_LDT_DESCRIPTOR0
, KPROCESS
, LdtDescriptor
),
427 OFFSET(KPROCESS_LDT_DESCRIPTOR1
, KPROCESS
, LdtDescriptor
.HighWord
),
428 OFFSET(KPROCESS_INT21_DESCRIPTOR0
, KPROCESS
, Int21Descriptor
),
429 OFFSET(KPROCESS_INT21_DESCRIPTOR1
, KPROCESS
, Int21Descriptor
.Access
),
430 OFFSET(KPROCESS_IOPM_OFFSET
, KPROCESS
, IopmOffset
),
431 //OFFSET(KPROCESS_ACTIVE_PROCESSORS 0x34
432 //OFFSET(EPROCESS_VDM_OBJECTS 0x144
435 OFFSET(TEB_EXCEPTION_LIST
, TEB
, NtTib
.ExceptionList
),
436 OFFSET(TEB_STACK_LIMIT
, TEB
, NtTib
.StackLimit
),
437 OFFSET(TEB_STACK_BASE
, TEB
, NtTib
.StackBase
),
438 OFFSET(TEB_SELF
, TEB
, NtTib
.Self
),
439 OFFSET(TEB_FIBER_DATA
, TEB
, NtTib
.FiberData
),
440 OFFSET(TEB_PEB
, TEB
, ProcessEnvironmentBlock
),
441 OFFSET(TEB_EXCEPTION_CODE
, TEB
, ExceptionCode
),
442 OFFSET(PEB_KERNEL_CALLBACK_TABLE
, PEB
, KernelCallbackTable
),
443 OFFSET(TEB_FLS_DATA
, TEB
, FlsData
),
444 OFFSET(TEB_ACTIVATION_CONTEXT_STACK_POINTER
, TEB
, ActivationContextStackPointer
),
445 OFFSET(TEB_GUARANTEED_STACK_BYTES
, TEB
, GuaranteedStackBytes
),
446 OFFSET(TEB_DEALLOCATION_STACK
, TEB
, DeallocationStack
),
449 CONSTANT(NPX_FRAME_LENGTH
),
450 CONSTANT(FN_CR0_NPX_STATE
),
451 CONSTANT(DR7_RESERVED_MASK
),
452 CONSTANT(FP_CONTROL_WORD
),
453 CONSTANT(FP_STATUS_WORD
),
454 CONSTANT(FP_TAG_WORD
),
455 CONSTANT(FP_DATA_SELECTOR
),
456 CONSTANT(CBSTACK_RESULT
),
457 CONSTANT(CBSTACK_RESULT_LENGTH
),
458 CONSTANT(CBSTACK_TRAP_FRAME
),
459 CONSTANT(CBSTACK_CALLBACK_STACK
),
460 SIZE(SIZEOF_FX_SAVE_AREA
, FX_SAVE_AREA
),
461 CONSTANT(KUSER_SHARED_SYSCALL
),
462 CONSTANT(EXCEPTION_EXECUTE_HANDLER
),
463 CONSTANT(STATUS_CALLBACK_POP_STACK
),
464 CONSTANT(CONTEXT_ALIGNED_SIZE
),
465 CONSTANT(PROCESSOR_FEATURE_FXSR
),
466 CONSTANT(KUSER_SHARED_SYSCALL_RET
),