2 #include <psdk/ntverp.h>
4 /* DDK/IFS/NDK Headers */
25 #define RAW(x) {0, #x, 0}
26 #define CONSTANT(name) {1, #name, name}
27 #define OFFSET(name, struct, member) {1, #name, FIELD_OFFSET(struct, member)}
28 #define RELOFFSET(name, struct, member, to) {1, #name, FIELD_OFFSET(struct, member) - FIELD_OFFSET(struct, to)}
29 #define SIZE(name, struct) {1, #name, sizeof(struct)}
30 #define HEADER(x) {2, x, 0}
35 /* PORTABLE CONSTANTS ********************************************************/
37 HEADER("Pointer size"),
38 SIZE(SizeofPointer
, PVOID
),
40 HEADER("Breakpoints"),
41 CONSTANT(BREAKPOINT_BREAK
),
42 CONSTANT(BREAKPOINT_PRINT
),
43 CONSTANT(BREAKPOINT_PROMPT
),
44 CONSTANT(BREAKPOINT_LOAD_SYMBOLS
),
45 CONSTANT(BREAKPOINT_UNLOAD_SYMBOLS
),
46 CONSTANT(BREAKPOINT_COMMAND_STRING
),
48 HEADER("Context Frame Flags"),
49 CONSTANT(CONTEXT_FULL
),
50 CONSTANT(CONTEXT_CONTROL
),
51 CONSTANT(CONTEXT_INTEGER
),
52 CONSTANT(CONTEXT_SEGMENTS
),
53 CONSTANT(CONTEXT_FLOATING_POINT
),
54 CONSTANT(CONTEXT_DEBUG_REGISTERS
),
56 HEADER("Exception flags"),
57 CONSTANT(EXCEPTION_NONCONTINUABLE
),
58 CONSTANT(EXCEPTION_UNWINDING
),
59 CONSTANT(EXCEPTION_EXIT_UNWIND
),
60 CONSTANT(EXCEPTION_STACK_INVALID
),
61 CONSTANT(EXCEPTION_NESTED_CALL
),
62 CONSTANT(EXCEPTION_TARGET_UNWIND
),
63 CONSTANT(EXCEPTION_COLLIDED_UNWIND
),
64 CONSTANT(EXCEPTION_UNWIND
),
65 CONSTANT(EXCEPTION_EXECUTE_HANDLER
),
66 CONSTANT(EXCEPTION_CONTINUE_SEARCH
),
67 CONSTANT(EXCEPTION_CONTINUE_EXECUTION
),
69 //CONSTANT(EXCEPTION_CHAIN_END),
70 //CONSTANT(FIXED_NTVDMSTATE_LINEAR),
73 HEADER("Exception types"),
74 CONSTANT(ExceptionContinueExecution
),
75 CONSTANT(ExceptionContinueSearch
),
76 CONSTANT(ExceptionNestedException
),
77 CONSTANT(ExceptionCollidedUnwind
),
80 CONSTANT(LOCK_QUEUE_WAIT
),
81 CONSTANT(LOCK_QUEUE_OWNER
),
82 CONSTANT(LockQueueDispatcherLock
),
84 HEADER("Performance Definitions"),
85 // CONSTANT(PERF_CONTEXTSWAP_OFFSET),
86 // CONSTANT(PERF_CONTEXTSWAP_FLAG),
87 // CONSTANT(PERF_INTERRUPT_OFFSET),
88 // CONSTANT(PERF_INTERRUPT_FLAG),
89 // CONSTANT(PERF_PROFILE_OFFSET),
90 // CONSTANT(PERF_PROFILE_FLAG),
91 // CONSTANT(PERF_SYSCALL_OFFSET),
92 // CONSTANT(PERF_SYSCALL_FLAG),
93 // CONSTANT(PERF_SPINLOCK_OFFSET),
94 // CONSTANT(PERF_SPINLOCK_FLAG),
95 // CONSTANT(NTOS_YIELD_MACRO),
97 HEADER("Process states"),
98 CONSTANT(ProcessInMemory
),
99 CONSTANT(ProcessOutOfMemory
),
100 CONSTANT(ProcessInTransition
),
102 HEADER("Processor mode"),
103 CONSTANT(KernelMode
),
106 HEADER("Status codes"),
107 CONSTANT(STATUS_ACCESS_VIOLATION
),
108 CONSTANT(STATUS_ASSERTION_FAILURE
),
109 CONSTANT(STATUS_ARRAY_BOUNDS_EXCEEDED
),
110 CONSTANT(STATUS_BAD_COMPRESSION_BUFFER
),
111 CONSTANT(STATUS_BREAKPOINT
),
112 CONSTANT(STATUS_CALLBACK_POP_STACK
),
113 CONSTANT(STATUS_DATATYPE_MISALIGNMENT
),
114 CONSTANT(STATUS_FLOAT_DENORMAL_OPERAND
),
115 CONSTANT(STATUS_FLOAT_DIVIDE_BY_ZERO
),
116 CONSTANT(STATUS_FLOAT_INEXACT_RESULT
),
117 CONSTANT(STATUS_FLOAT_INVALID_OPERATION
),
118 CONSTANT(STATUS_FLOAT_OVERFLOW
),
119 CONSTANT(STATUS_FLOAT_STACK_CHECK
),
120 CONSTANT(STATUS_FLOAT_UNDERFLOW
),
121 CONSTANT(STATUS_FLOAT_MULTIPLE_FAULTS
),
122 CONSTANT(STATUS_FLOAT_MULTIPLE_TRAPS
),
123 CONSTANT(STATUS_GUARD_PAGE_VIOLATION
),
124 CONSTANT(STATUS_ILLEGAL_FLOAT_CONTEXT
),
125 CONSTANT(STATUS_ILLEGAL_INSTRUCTION
),
126 CONSTANT(STATUS_INSTRUCTION_MISALIGNMENT
),
127 CONSTANT(STATUS_INVALID_HANDLE
),
128 CONSTANT(STATUS_INVALID_LOCK_SEQUENCE
),
129 CONSTANT(STATUS_INVALID_OWNER
),
130 CONSTANT(STATUS_INVALID_PARAMETER
),
131 CONSTANT(STATUS_INVALID_PARAMETER_1
),
132 CONSTANT(STATUS_INVALID_SYSTEM_SERVICE
),
133 // CONSTANT(STATUS_INVALID_THREAD),
134 CONSTANT(STATUS_INTEGER_DIVIDE_BY_ZERO
),
135 CONSTANT(STATUS_INTEGER_OVERFLOW
),
136 CONSTANT(STATUS_IN_PAGE_ERROR
),
137 CONSTANT(STATUS_KERNEL_APC
),
138 CONSTANT(STATUS_LONGJUMP
),
139 CONSTANT(STATUS_NO_CALLBACK_ACTIVE
),
140 CONSTANT(STATUS_NO_EVENT_PAIR
),
141 CONSTANT(STATUS_PRIVILEGED_INSTRUCTION
),
142 CONSTANT(STATUS_SINGLE_STEP
),
143 CONSTANT(STATUS_STACK_BUFFER_OVERRUN
),
144 CONSTANT(STATUS_STACK_OVERFLOW
),
145 CONSTANT(STATUS_SUCCESS
),
146 CONSTANT(STATUS_THREAD_IS_TERMINATING
),
147 CONSTANT(STATUS_TIMEOUT
),
148 CONSTANT(STATUS_UNWIND
),
149 CONSTANT(STATUS_UNWIND_CONSOLIDATE
),
150 CONSTANT(STATUS_USER_APC
),
151 CONSTANT(STATUS_WAKE_SYSTEM_DEBUGGER
),
153 HEADER("TLS defines"),
154 CONSTANT(TLS_MINIMUM_AVAILABLE
),
155 CONSTANT(TLS_EXPANSION_SLOTS
),
157 HEADER("Thread states"),
158 CONSTANT(Initialized
),
162 CONSTANT(Terminated
),
165 HEADER("Wait type / reason"),
166 CONSTANT(WrExecutive
),
168 CONSTANT(WrDispatchInt
),
169 CONSTANT(WrQuantumEnd
),
170 CONSTANT(WrEventPair
),
174 HEADER("Interrupt object types"),
175 // CONSTANT(InLevelSensitive),
176 // CONSTANT(InLatched),
178 HEADER("Bug Check Codes"),
179 CONSTANT(APC_INDEX_MISMATCH
),
180 CONSTANT(INVALID_AFFINITY_SET
),
181 CONSTANT(INVALID_DATA_ACCESS_TRAP
),
182 CONSTANT(IRQL_NOT_GREATER_OR_EQUAL
),
183 CONSTANT(IRQL_NOT_LESS_OR_EQUAL
),
184 CONSTANT(NO_USER_MODE_CONTEXT
),
185 CONSTANT(SPIN_LOCK_ALREADY_OWNED
),
186 CONSTANT(SPIN_LOCK_NOT_OWNED
),
187 CONSTANT(THREAD_NOT_MUTEX_OWNER
),
188 CONSTANT(TRAP_CAUSE_UNKNOWN
),
189 CONSTANT(KMODE_EXCEPTION_NOT_HANDLED
),
190 CONSTANT(KERNEL_APC_PENDING_DURING_EXIT
),
191 CONSTANT(PANIC_STACK_SWITCH
),
192 CONSTANT(DATA_BUS_ERROR
),
193 CONSTANT(INSTRUCTION_BUS_ERROR
),
194 CONSTANT(SYSTEM_EXIT_OWNED_MUTEX
),
195 // CONSTANT(SYSTEM_UNWIND_PREVIOUS_USER),
196 // CONSTANT(SYSTEM_SERVICE_EXCEPTION),
197 // CONSTANT(INTERRUPT_UNWIND_ATTEMPTED),
198 // CONSTANT(INTERRUPT_EXCEPTION_NOT_HANDLED),
199 CONSTANT(PAGE_FAULT_WITH_INTERRUPTS_OFF
),
200 CONSTANT(IRQL_GT_ZERO_AT_SYSTEM_SERVICE
),
201 CONSTANT(DATA_COHERENCY_EXCEPTION
),
202 CONSTANT(INSTRUCTION_COHERENCY_EXCEPTION
),
203 CONSTANT(HAL1_INITIALIZATION_FAILED
),
204 CONSTANT(UNEXPECTED_KERNEL_MODE_TRAP
),
205 CONSTANT(NMI_HARDWARE_FAILURE
),
206 CONSTANT(SPIN_LOCK_INIT_FAILURE
),
207 CONSTANT(ATTEMPTED_SWITCH_FROM_DPC
),
208 // CONSTANT(MUTEX_ALREADY_OWNED),
209 // CONSTANT(HARDWARE_INTERRUPT_STORM),
210 // CONSTANT(RECURSIVE_MACHINE_CHECK),
211 // CONSTANT(RECURSIVE_NMI),
214 CONSTANT(PASSIVE_LEVEL
),
216 CONSTANT(DISPATCH_LEVEL
),
218 CONSTANT(CLOCK_LEVEL
),
220 CONSTANT(CLOCK1_LEVEL
),
221 CONSTANT(CLOCK2_LEVEL
),
224 CONSTANT(POWER_LEVEL
),
225 CONSTANT(PROFILE_LEVEL
),
226 CONSTANT(HIGH_LEVEL
),
228 {1, "SYNCH_LEVEL", DISPATCH_LEVEL
},
230 {1, "SYNCH_LEVEL", (IPI_LEVEL
- 2)},
233 HEADER("Stack sizes"),
234 CONSTANT(KERNEL_STACK_SIZE
),
235 CONSTANT(KERNEL_LARGE_STACK_SIZE
),
236 CONSTANT(KERNEL_LARGE_STACK_COMMIT
),
237 // CONSTANT(DOUBLE_FAULT_STACK_SIZE),
239 CONSTANT(KERNEL_MCA_EXCEPTION_STACK_SIZE
),
240 CONSTANT(NMI_STACK_SIZE
),
243 HEADER("Thread flags"),
244 // CONSTANT(THREAD_FLAGS_CYCLE_PROFILING),
245 // CONSTANT(THREAD_FLAGS_CYCLE_PROFILING_LOCK_BIT),
246 // CONSTANT(THREAD_FLAGS_CYCLE_PROFILING_LOCK),
247 // CONSTANT(THREAD_FLAGS_COUNTER_PROFILING),
248 // CONSTANT(THREAD_FLAGS_COUNTER_PROFILING_LOCK_BIT),
249 // CONSTANT(THREAD_FLAGS_COUNTER_PROFILING_LOCK),
250 // CONSTANT(THREAD_FLAGS_CPU_THROTTLED),
251 // CONSTANT(THREAD_FLAGS_CPU_THROTTLED_BIT),
252 // CONSTANT(THREAD_FLAGS_ACCOUNTING_ANY),
254 HEADER("Miscellaneous Definitions"),
255 // CONSTANT(BASE_PRIORITY_THRESHOLD),
256 // CONSTANT(EVENT_PAIR_INCREMENT),
257 CONSTANT(LOW_REALTIME_PRIORITY
),
258 CONSTANT(CLOCK_QUANTUM_DECREMENT
),
259 // CONSTANT(READY_SKIP_QUANTUM),
260 // CONSTANT(THREAD_QUANTUM),
261 CONSTANT(WAIT_QUANTUM_DECREMENT
),
262 // CONSTANT(ROUND_TRIP_DECREMENT_COUNT),
263 CONSTANT(MAXIMUM_PROCESSORS
),
264 CONSTANT(INITIAL_STALL_COUNT
),
265 CONSTANT(EXCEPTION_EXECUTE_FAULT
),
266 // CONSTANT(KCACHE_ERRATA_MONITOR_FLAGS),
267 // CONSTANT(KI_EXCEPTION_GP_FAULT),
268 // CONSTANT(KI_EXCEPTION_INVALID_OP),
269 // CONSTANT(KI_EXCEPTION_INTEGER_DIVIDE_BY_ZERO),
270 CONSTANT(KI_EXCEPTION_ACCESS_VIOLATION
),
271 // CONSTANT(TARGET_FREEZE),
272 // CONSTANT(BlackHole),
276 CONSTANT(DBG_STATUS_CONTROL_C
),
277 CONSTANT(USER_SHARED_DATA
),
278 // CONSTANT(MM_SHARED_USER_DATA_VA),
280 // CONSTANT(KERNEL_STACK_CONTROL_LARGE_STACK),
281 // CONSTANT(KI_DPC_ALL_FLAGS),
282 // CONSTANT(DISPATCH_LENGTH),
283 CONSTANT(MAXIMUM_IDTVECTOR
),
284 // CONSTANT(MAXIMUM_PRIMARY_VECTOR),
285 CONSTANT(PRIMARY_VECTOR_BASE
),
288 // CONSTANT(KTHREAD_AUTO_ALIGNMENT_BIT),
289 // CONSTANT(KTHREAD_GUI_THREAD_MASK),
290 // CONSTANT(KI_SLIST_FAULT_COUNT_MAXIMUM),
291 CONSTANT(NUMBER_SERVICE_TABLES
),
292 CONSTANT(SERVICE_NUMBER_MASK
),
293 CONSTANT(SERVICE_TABLE_SHIFT
),
294 CONSTANT(SERVICE_TABLE_MASK
),
295 CONSTANT(SERVICE_TABLE_TEST
),
297 /* ARCHITECTURE SPECIFIC CONTSTANTS ******************************************/
299 #if defined(_M_AMD64) || defined(_M_IX86)
324 CONSTANT(CR4_XMMEXCPT
),
326 // CONSTANT(CR4_PGE_V),
327 // CONSTANT(CR4_XSAVE),
328 #elif defined(_M_AMD64)
329 CONSTANT(CR4_CHANNELS
),
332 HEADER("KeFeatureBits flags"),
335 CONSTANT(KF_GLOBAL_PAGE
),
336 CONSTANT(KF_LARGE_PAGE
),
337 CONSTANT(KF_CMPXCHG8B
),
338 CONSTANT(KF_FAST_SYSCALL
),
340 CONSTANT(KF_V86_VIS
),
341 // CONSTANT(KF_XSTATE),
344 HEADER("Machine type definitions"),
345 CONSTANT(MACHINE_TYPE_ISA
),
346 CONSTANT(MACHINE_TYPE_EISA
),
347 CONSTANT(MACHINE_TYPE_MCA
),
355 CONSTANT(EFLAGS_INTERRUPT_MASK
),
356 CONSTANT(EFLAGS_V86_MASK
),
357 CONSTANT(EFLAGS_ALIGN_CHECK
),
358 CONSTANT(EFLAGS_VIF
),
359 CONSTANT(EFLAGS_VIP
),
360 CONSTANT(EFLAGS_USER_SANITIZE
),
362 HEADER("KDGT selectors"),
363 CONSTANT(KGDT_R3_DATA
),
364 CONSTANT(KGDT_R3_CODE
),
365 CONSTANT(KGDT_R0_CODE
),
366 CONSTANT(KGDT_R0_DATA
),
367 CONSTANT(KGDT_R0_PCR
),
368 // CONSTANT(KGDT_STACK16),
369 // CONSTANT(KGDT_CODE16),
371 CONSTANT(KGDT_R3_TEB
),
372 CONSTANT(KGDT_DF_TSS
),
373 CONSTANT(KGDT_NMI_TSS
),
376 CONSTANT(NPX_STATE_NOT_LOADED
),
377 CONSTANT(NPX_STATE_LOADED
),
378 // CONSTANT(NPX_MASK_LAZY),
381 HEADER("VDM constants"),
382 CONSTANT(VDM_INDEX_Invalid),
383 CONSTANT(VDM_INDEX_0F),
384 CONSTANT(VDM_INDEX_ESPrefix),
385 CONSTANT(VDM_INDEX_CSPrefix),
386 CONSTANT(VDM_INDEX_SSPrefix),
387 CONSTANT(VDM_INDEX_DSPrefix),
388 CONSTANT(VDM_INDEX_FSPrefix),
389 CONSTANT(VDM_INDEX_GSPrefix),
390 CONSTANT(VDM_INDEX_OPER32Prefix),
391 CONSTANT(VDM_INDEX_ADDR32Prefix),
392 CONSTANT(VDM_INDEX_INSB),
393 CONSTANT(VDM_INDEX_INSW),
394 CONSTANT(VDM_INDEX_OUTSB),
395 CONSTANT(VDM_INDEX_OUTSW),
396 CONSTANT(VDM_INDEX_PUSHF),
397 CONSTANT(VDM_INDEX_POPF),
398 CONSTANT(VDM_INDEX_INTnn),
399 CONSTANT(VDM_INDEX_INTO),
400 CONSTANT(VDM_INDEX_IRET),
401 CONSTANT(VDM_INDEX_NPX),
402 CONSTANT(VDM_INDEX_INBimm),
403 CONSTANT(VDM_INDEX_INWimm),
404 CONSTANT(VDM_INDEX_OUTBimm),
405 CONSTANT(VDM_INDEX_OUTWimm),
406 CONSTANT(VDM_INDEX_INB),
407 CONSTANT(VDM_INDEX_INW),
408 CONSTANT(VDM_INDEX_OUTB),
409 CONSTANT(VDM_INDEX_OUTW),
410 CONSTANT(VDM_INDEX_LOCKPrefix),
411 CONSTANT(VDM_INDEX_REPNEPrefix),
412 CONSTANT(VDM_INDEX_REPPrefix),
413 CONSTANT(VDM_INDEX_CLI),
414 CONSTANT(VDM_INDEX_STI),
415 CONSTANT(VDM_INDEX_HLT),
416 CONSTANT(MAX_VDM_INDEX),
418 CONSTANT(PF_XMMI_INSTRUCTIONS_AVAILABLE
),
419 CONSTANT(EFLAG_SELECT
),
420 // CONSTANT(IPI_FREEZE),
421 // CONSTANT(XSAVE_PRESENT),
423 #elif defined(_M_AMD64)
426 CONSTANT(EFLAGS_TF_MASK
),
427 CONSTANT(EFLAGS_TF_SHIFT
),
428 CONSTANT(EFLAGS_IF_MASK
),
429 CONSTANT(EFLAGS_IF_SHIFT
),
430 CONSTANT(EFLAGS_ID_MASK
),
432 HEADER("Hypervisor Enlightenment Definitions"),
433 CONSTANT(HV_MMU_USE_HYPERCALL_FOR_ADDRESS_SWITCH
),
434 CONSTANT(HV_MMU_USE_HYPERCALL_FOR_LOCAL_FLUSH
),
435 CONSTANT(HV_MMU_USE_HYPERCALL_FOR_REMOTE_FLUSH
),
436 CONSTANT(HV_X64_MSR_APIC_EOI
),
437 CONSTANT(HV_APIC_ENLIGHTENED
),
438 CONSTANT(HV_KE_USE_HYPERCALL_FOR_LONG_SPIN_WAIT
),
439 CONSTANT(HV_VIRTUAL_APIC_NO_EOI_REQUIRED_V
),
440 CONSTANT(HvApicFlags
),
442 HEADER("KDGT selectors"),
443 CONSTANT(KGDT64_NULL
),
444 CONSTANT(KGDT64_R0_CODE
),
445 CONSTANT(KGDT64_R0_DATA
),
446 CONSTANT(KGDT64_R3_CMCODE
),
447 CONSTANT(KGDT64_R3_DATA
),
448 CONSTANT(KGDT64_R3_CODE
),
449 CONSTANT(KGDT64_SYS_TSS
),
450 CONSTANT(KGDT64_R3_CMTEB
),
452 HEADER("Machine Specific Register Numbers"),
457 CONSTANT(MSR_SYSCALL_MASK
),
458 CONSTANT(MSR_FS_BASE
),
459 CONSTANT(MSR_GS_BASE
),
460 CONSTANT(MSR_GS_SWAP
),
461 CONSTANT(MSR_MCG_STATUS
),
462 CONSTANT(MSR_AMD_ACCESS
),
464 HEADER("Flags for MSR_EFER"),
470 CONSTANT(MSR_DEGUG_CTL
),
471 CONSTANT(MSR_LAST_BRANCH_FROM
),
472 CONSTANT(MSR_LAST_BRANCH_TO
),
473 CONSTANT(MSR_LAST_EXCEPTION_FROM
),
474 CONSTANT(MSR_LAST_EXCEPTION_TO
),
476 HEADER("Flags for MSR_DEGUG_CTL"),
477 CONSTANT(MSR_DEBUG_CTL_LBR
),
478 CONSTANT(MSR_DEBUG_CRL_BTF
),
483 HEADER("Fatal exception codes"),
484 CONSTANT(EXCEPTION_DIVIDED_BY_ZERO
),
485 CONSTANT(EXCEPTION_DEBUG
),
486 CONSTANT(EXCEPTION_NMI
),
487 CONSTANT(EXCEPTION_INT3
),
488 CONSTANT(EXCEPTION_BOUND_CHECK
),
489 CONSTANT(EXCEPTION_INVALID_OPCODE
),
490 CONSTANT(EXCEPTION_NPX_NOT_AVAILABLE
),
491 CONSTANT(EXCEPTION_DOUBLE_FAULT
),
492 CONSTANT(EXCEPTION_NPX_OVERRUN
),
493 CONSTANT(EXCEPTION_INVALID_TSS
),
494 CONSTANT(EXCEPTION_SEGMENT_NOT_PRESENT
),
495 CONSTANT(EXCEPTION_STACK_FAULT
),
496 CONSTANT(EXCEPTION_GP_FAULT
),
497 CONSTANT(EXCEPTION_RESERVED_TRAP
),
498 CONSTANT(EXCEPTION_NPX_ERROR
),
499 CONSTANT(EXCEPTION_ALIGNMENT_CHECK
),
503 /* STRUCTURE OFFSETS *********************************************************/
505 HEADER("KAFFINITY_EX"),
506 // OFFSET(AfBitmap, KAFFINITY_EX, Bitmap),
508 HEADER("Aligned Affinity"),
509 // OFFSET(AfsCpuSet, ???, CpuSet),
512 OFFSET(ApType
, KAPC
, Type
),
513 OFFSET(ApSize
, KAPC
, Size
),
514 OFFSET(ApThread
, KAPC
, Thread
),
515 OFFSET(ApApcListEntry
, KAPC
, ApcListEntry
),
516 OFFSET(ApKernelRoutine
, KAPC
, KernelRoutine
),
517 OFFSET(ApRundownRoutine
, KAPC
, RundownRoutine
),
518 OFFSET(ApNormalRoutine
, KAPC
, NormalRoutine
),
519 OFFSET(ApNormalContext
, KAPC
, NormalContext
),
520 OFFSET(ApSystemArgument1
, KAPC
, SystemArgument1
),
521 OFFSET(ApSystemArgument2
, KAPC
, SystemArgument2
),
522 OFFSET(ApApcStateIndex
, KAPC
, ApcStateIndex
),
523 OFFSET(ApApcMode
, KAPC
, ApcMode
),
524 OFFSET(ApInserted
, KAPC
, Inserted
),
525 SIZE(ApcObjectLength
, KAPC
),
527 HEADER("KAPC_STATE"),
528 OFFSET(AsApcListHead
, KAPC_STATE
, ApcListHead
),
529 OFFSET(AsProcess
, KAPC_STATE
, Process
),
530 OFFSET(AsKernelApcInProgress
, KAPC_STATE
, KernelApcInProgress
),
531 OFFSET(AsKernelApcPending
, KAPC_STATE
, KernelApcPending
),
532 OFFSET(AsUserApcPending
, KAPC_STATE
, UserApcPending
),
535 OFFSET(CidUniqueProcess
, CLIENT_ID
, UniqueProcess
),
536 OFFSET(CidUniqueThread
, CLIENT_ID
, UniqueThread
),
538 HEADER("RTL_CRITICAL_SECTION"),
539 OFFSET(CsDebugInfo
, RTL_CRITICAL_SECTION
, DebugInfo
),
540 OFFSET(CsLockCount
, RTL_CRITICAL_SECTION
, LockCount
),
541 OFFSET(CsRecursionCount
, RTL_CRITICAL_SECTION
, RecursionCount
),
542 OFFSET(CsOwningThread
, RTL_CRITICAL_SECTION
, OwningThread
),
543 OFFSET(CsLockSemaphore
, RTL_CRITICAL_SECTION
, LockSemaphore
),
544 OFFSET(CsSpinCount
, RTL_CRITICAL_SECTION
, SpinCount
),
546 HEADER("RTL_CRITICAL_SECTION_DEBUG"),
547 OFFSET(CsType
, RTL_CRITICAL_SECTION_DEBUG
, Type
),
548 OFFSET(CsCreatorBackTraceIndex
, RTL_CRITICAL_SECTION_DEBUG
, CreatorBackTraceIndex
),
549 OFFSET(CsCriticalSection
, RTL_CRITICAL_SECTION_DEBUG
, CriticalSection
),
550 OFFSET(CsProcessLocksList
, RTL_CRITICAL_SECTION_DEBUG
, ProcessLocksList
),
551 OFFSET(CsEntryCount
, RTL_CRITICAL_SECTION_DEBUG
, EntryCount
),
552 OFFSET(CsContentionCount
, RTL_CRITICAL_SECTION_DEBUG
, ContentionCount
),
554 HEADER("KDEVICE_QUEUE_ENTRY"),
555 OFFSET(DeDeviceListEntry
, KDEVICE_QUEUE_ENTRY
, DeviceListEntry
),
556 OFFSET(DeSortKey
, KDEVICE_QUEUE_ENTRY
, SortKey
),
557 OFFSET(DeInserted
, KDEVICE_QUEUE_ENTRY
, Inserted
),
558 SIZE(DeviceQueueEntryLength
, KDEVICE_QUEUE_ENTRY
),
561 OFFSET(DpType
, KDPC
, Type
),
562 OFFSET(DpImportance
, KDPC
, Importance
),
563 OFFSET(DpNumber
, KDPC
, Number
),
564 OFFSET(DpDpcListEntry
, KDPC
, DpcListEntry
),
565 OFFSET(DpDeferredRoutine
, KDPC
, DeferredRoutine
),
566 OFFSET(DpDeferredContext
, KDPC
, DeferredContext
),
567 OFFSET(DpSystemArgument1
, KDPC
, SystemArgument1
),
568 OFFSET(DpSystemArgument2
, KDPC
, SystemArgument2
),
569 OFFSET(DpDpcData
, KDPC
, DpcData
),
570 SIZE(DpcObjectLength
, KDPC
),
572 HEADER("KDEVICE_QUEUE"),
573 OFFSET(DvType
, KDEVICE_QUEUE
, Type
),
574 OFFSET(DvSize
, KDEVICE_QUEUE
, Size
),
575 OFFSET(DvDeviceListHead
, KDEVICE_QUEUE
, DeviceListHead
),
576 OFFSET(DvSpinLock
, KDEVICE_QUEUE
, Lock
),
577 OFFSET(DvBusy
, KDEVICE_QUEUE
, Busy
),
578 SIZE(DeviceQueueObjectLength
, KDEVICE_QUEUE
),
580 HEADER("EXCEPTION_RECORD"),
581 OFFSET(ErExceptionCode
, EXCEPTION_RECORD
, ExceptionCode
),
582 OFFSET(ErExceptionFlags
, EXCEPTION_RECORD
, ExceptionFlags
),
583 OFFSET(ErExceptionRecord
, EXCEPTION_RECORD
, ExceptionRecord
),
584 OFFSET(ErExceptionAddress
, EXCEPTION_RECORD
, ExceptionAddress
),
585 OFFSET(ErNumberParameters
, EXCEPTION_RECORD
, NumberParameters
),
586 OFFSET(ErExceptionInformation
, EXCEPTION_RECORD
, ExceptionInformation
),
587 SIZE(ExceptionRecordLength
, EXCEPTION_RECORD
),
588 SIZE(EXCEPTION_RECORD_LENGTH
, EXCEPTION_RECORD
),
591 OFFSET(EpDebugPort
, EPROCESS
, DebugPort
),
592 OFFSET(EpVdmObjects
, EPROCESS
, VdmObjects
),
593 SIZE(ExecutiveProcessObjectLength
, EPROCESS
),
596 OFFSET(EvType
, KEVENT
, Header
.Type
),
597 OFFSET(EvSize
, KEVENT
, Header
.Size
),
598 OFFSET(EvSignalState
, KEVENT
, Header
.SignalState
),
599 OFFSET(EvWaitListHead
, KEVENT
, Header
.WaitListHead
),
600 SIZE(EventObjectLength
, KEVENT
),
602 HEADER("FAST_MUTEX"),
603 OFFSET(FmCount
, FAST_MUTEX
, Count
),
604 OFFSET(FmOwner
, FAST_MUTEX
, Owner
),
605 OFFSET(FmContention
, FAST_MUTEX
, Contention
),
606 OFFSET(FmGate
, FAST_MUTEX
, Gate
),
607 OFFSET(FmOldIrql
, FAST_MUTEX
, OldIrql
),
609 HEADER("KINTERRUPT"),
610 OFFSET(InType
, KINTERRUPT
, Type
),
611 OFFSET(InSize
, KINTERRUPT
, Size
),
612 OFFSET(InInterruptListEntry
, KINTERRUPT
, InterruptListEntry
),
613 OFFSET(InServiceRoutine
, KINTERRUPT
, ServiceRoutine
),
614 OFFSET(InServiceContext
, KINTERRUPT
, ServiceContext
),
615 OFFSET(InSpinLock
, KINTERRUPT
, SpinLock
),
616 OFFSET(InTickCount
, KINTERRUPT
, TickCount
),
617 OFFSET(InActualLock
, KINTERRUPT
, ActualLock
),
618 OFFSET(InDispatchAddress
, KINTERRUPT
, DispatchAddress
),
619 OFFSET(InVector
, KINTERRUPT
, Vector
),
620 OFFSET(InIrql
, KINTERRUPT
, Irql
),
621 OFFSET(InSynchronizeIrql
, KINTERRUPT
, SynchronizeIrql
),
622 OFFSET(InFloatingSave
, KINTERRUPT
, FloatingSave
),
623 OFFSET(InConnected
, KINTERRUPT
, Connected
),
624 OFFSET(InNumber
, KINTERRUPT
, Number
),
625 OFFSET(InShareVector
, KINTERRUPT
, ShareVector
),
626 OFFSET(InMode
, KINTERRUPT
, Mode
),
627 OFFSET(InServiceCount
, KINTERRUPT
, ServiceCount
),
628 OFFSET(InDispatchCount
, KINTERRUPT
, DispatchCount
),
629 // OFFSET(InTrapFrame, KINTERRUPT, TrapFrame),
630 OFFSET(InDispatchCode
, KINTERRUPT
, DispatchCode
),
631 SIZE(InterruptObjectLength
, KINTERRUPT
),
633 HEADER("IO_STATUS_BLOCK"),
634 OFFSET(IoStatus
, IO_STATUS_BLOCK
, Status
),
635 OFFSET(IoPointer
, IO_STATUS_BLOCK
, Pointer
),
636 OFFSET(IoInformation
, IO_STATUS_BLOCK
, Information
),
639 // Kernel Stack Control Structure Offset (relative to initial stack pointer) Definitions
640 // RELOFFSET(KcPreviousBase, KERNEL_STACK_CONTROL, PreviousBase, ???),
641 // RELOFFSET(KcPreviousLimit, KERNEL_STACK_CONTROL, PreviousBase, ???),
642 // RELOFFSET(KcPreviousKernel, KERNEL_STACK_CONTROL, PreviousBase, ???),
643 // RELOFFSET(KcPreviousInitial, KERNEL_STACK_CONTROL, PreviousBase, ???),
645 HEADER("KERNEL_STACK_CONTROL"),
646 // OFFSET(KcPreviousBase, KERNEL_STACK_CONTROL, PreviousBase),
647 // OFFSET(KcPreviousLimit, KERNEL_STACK_CONTROL, PreviousLimit),
648 // OFFSET(KcPreviousKernel, KERNEL_STACK_CONTROL, PreviousKernel),
649 // OFFSET(KcPreviousInitial, KERNEL_STACK_CONTROL, PreviousInitial),
650 // SIZE(KERNEL_STACK_CONTROL_LENGTH, KERNEL_STACK_CONTROL),
654 // OFFSET(KnRight, KNODE, Right),
655 // OFFSET(KnLeft, KNODE, Left),
656 OFFSET(KnPfnDereferenceSListHead
, KNODE
, PfnDereferenceSListHead
),
657 OFFSET(KnProcessorMask
, KNODE
, ProcessorMask
),
658 OFFSET(KnColor
, KNODE
, Color
),
659 OFFSET(KnSeed
, KNODE
, Seed
),
660 OFFSET(KnNodeNumber
, KNODE
, NodeNumber
),
661 OFFSET(KnFlags
, KNODE
, Flags
),
662 OFFSET(knMmShiftedColor
, KNODE
, MmShiftedColor
),
663 OFFSET(KnFreeCount
, KNODE
, FreeCount
),
664 OFFSET(KnPfnDeferredList
, KNODE
, PfnDeferredList
),
665 SIZE(KNODE_SIZE
, KNODE
),
667 HEADER("KSPIN_LOCK_QUEUE"),
668 OFFSET(LqNext
, KSPIN_LOCK_QUEUE
, Next
),
669 OFFSET(LqLock
, KSPIN_LOCK_QUEUE
, Lock
),
671 HEADER("KLOCK_QUEUE_HANDLE"),
672 OFFSET(LqhNext
, KLOCK_QUEUE_HANDLE
, LockQueue
.Next
),
673 OFFSET(LqhLock
, KLOCK_QUEUE_HANDLE
, LockQueue
.Lock
),
674 OFFSET(LqhOldIrql
, KLOCK_QUEUE_HANDLE
, OldIrql
),
675 SIZE(LOCK_QUEUE_HEADER_SIZE
, KLOCK_QUEUE_HANDLE
),
677 HEADER("LARGE_INTEGER"),
678 OFFSET(LiLowPart
, LARGE_INTEGER
, LowPart
),
679 OFFSET(LiHighPart
, LARGE_INTEGER
, HighPart
),
681 HEADER("LOADER_PARAMETER_BLOCK (rel. to LoadOrderListHead)"),
682 RELOFFSET(LpbLoadOrderListHead
, LOADER_PARAMETER_BLOCK
, LoadOrderListHead
, LoadOrderListHead
),
683 RELOFFSET(LpbMemoryDescriptorListHead
, LOADER_PARAMETER_BLOCK
, MemoryDescriptorListHead
, LoadOrderListHead
),
684 RELOFFSET(LpbKernelStack
, LOADER_PARAMETER_BLOCK
, KernelStack
, LoadOrderListHead
),
685 RELOFFSET(LpbPrcb
, LOADER_PARAMETER_BLOCK
, Prcb
, LoadOrderListHead
),
686 RELOFFSET(LpbProcess
, LOADER_PARAMETER_BLOCK
, Process
, LoadOrderListHead
),
687 RELOFFSET(LpbThread
, LOADER_PARAMETER_BLOCK
, Thread
, LoadOrderListHead
),
688 RELOFFSET(LpbI386
, LOADER_PARAMETER_BLOCK
, u
.I386
, LoadOrderListHead
),
689 RELOFFSET(LpbRegistryLength
, LOADER_PARAMETER_BLOCK
, RegistryLength
, LoadOrderListHead
),
690 RELOFFSET(LpbRegistryBase
, LOADER_PARAMETER_BLOCK
, RegistryBase
, LoadOrderListHead
),
691 RELOFFSET(LpbConfigurationRoot
, LOADER_PARAMETER_BLOCK
, ConfigurationRoot
, LoadOrderListHead
),
692 RELOFFSET(LpbArcBootDeviceName
, LOADER_PARAMETER_BLOCK
, ArcBootDeviceName
, LoadOrderListHead
),
693 RELOFFSET(LpbArcHalDeviceName
, LOADER_PARAMETER_BLOCK
, ArcHalDeviceName
, LoadOrderListHead
),
694 RELOFFSET(LpbLoadOptions
, LOADER_PARAMETER_BLOCK
, LoadOptions
, LoadOrderListHead
),
695 RELOFFSET(LpbExtension
, LOADER_PARAMETER_BLOCK
, Extension
, LoadOrderListHead
),
698 HEADER("LIST_ENTRY"),
699 OFFSET(LsFlink
, LIST_ENTRY
, Flink
),
700 OFFSET(LsBlink
, LIST_ENTRY
, Blink
),
703 OFFSET(PeKernelCallbackTable
, PEB
, KernelCallbackTable
),
704 SIZE(ProcessEnvironmentBlockLength
, PEB
),
707 OFFSET(PfType
, KPROFILE
, Type
),
708 OFFSET(PfSize
, KPROFILE
, Size
),
709 OFFSET(PfProfileListEntry
, KPROFILE
, ProfileListEntry
),
710 OFFSET(PfProcess
, KPROFILE
, Process
),
711 OFFSET(PfRangeBase
, KPROFILE
, RangeBase
),
712 OFFSET(PfRangeLimit
, KPROFILE
, RangeLimit
),
713 OFFSET(PfBucketShift
, KPROFILE
, BucketShift
),
714 OFFSET(PfBuffer
, KPROFILE
, Buffer
),
715 OFFSET(PfSegment
, KPROFILE
, Segment
),
716 OFFSET(PfAffinity
, KPROFILE
, Affinity
),
717 OFFSET(PfSource
, KPROFILE
, Source
),
718 OFFSET(PfStarted
, KPROFILE
, Started
),
719 SIZE(ProfileObjectLength
, KPROFILE
),
721 HEADER("PORT_MESSAGE"),
722 OFFSET(PmLength
, PORT_MESSAGE
, u1
.Length
),
723 OFFSET(PmZeroInit
, PORT_MESSAGE
, u2
.ZeroInit
),
724 OFFSET(PmClientId
, PORT_MESSAGE
, ClientId
),
725 OFFSET(PmProcess
, PORT_MESSAGE
, ClientId
.UniqueProcess
),
726 OFFSET(PmThread
, PORT_MESSAGE
, ClientId
.UniqueThread
),
727 OFFSET(PmMessageId
, PORT_MESSAGE
, MessageId
),
728 OFFSET(PmClientViewSize
, PORT_MESSAGE
, ClientViewSize
),
729 SIZE(PortMessageLength
, PORT_MESSAGE
),
732 OFFSET(PrType
, KPROCESS
, Header
.Type
),
733 OFFSET(PrSize
, KPROCESS
, Header
.Size
),
734 OFFSET(PrSignalState
, KPROCESS
, Header
.SignalState
),
735 OFFSET(PrProfileListHead
, KPROCESS
, ProfileListHead
),
736 OFFSET(PrDirectoryTableBase
, KPROCESS
, DirectoryTableBase
),
738 OFFSET(PrLdtDescriptor
, KPROCESS
, LdtDescriptor
),
740 OFFSET(PrIopmOffset
, KPROCESS
, IopmOffset
),
742 OFFSET(PrInt21Descriptor
, KPROCESS
, Int21Descriptor
),
743 OFFSET(PrVdmTrapcHandler
, KPROCESS
, VdmTrapcHandler
),
744 // OFFSET(PrVdmObjects, KPROCESS, VdmObjects),
745 OFFSET(PrFlags
, KPROCESS
, Flags
),
747 // OFFSET(PrInstrumentationCallback, KPROCESS, InstrumentationCallback),
748 OFFSET(PrActiveProcessors
, KPROCESS
, ActiveProcessors
),
749 OFFSET(PrKernelTime
, KPROCESS
, KernelTime
),
750 OFFSET(PrUserTime
, KPROCESS
, UserTime
),
751 OFFSET(PrReadyListHead
, KPROCESS
, ReadyListHead
),
752 OFFSET(PrSwapListEntry
, KPROCESS
, SwapListEntry
),
753 OFFSET(PrThreadListHead
, KPROCESS
, ThreadListHead
),
754 OFFSET(PrProcessLock
, KPROCESS
, ProcessLock
),
755 OFFSET(PrAffinity
, KPROCESS
, Affinity
),
756 OFFSET(PrProcessFlags
, KPROCESS
, ProcessFlags
),
757 OFFSET(PrBasePriority
, KPROCESS
, BasePriority
),
758 OFFSET(PrQuantumReset
, KPROCESS
, QuantumReset
),
759 OFFSET(PrState
, KPROCESS
, State
),
760 OFFSET(PrStackCount
, KPROCESS
, StackCount
),
761 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
762 OFFSET(PrCycleTime
, KPROCESS
, CycleTime
),
764 SIZE(KernelProcessObjectLength
, KPROCESS
),
767 OFFSET(QuType
, KQUEUE
, Header
.Type
),
768 OFFSET(QuSize
, KQUEUE
, Header
.Size
),
769 OFFSET(QuSignalState
, KQUEUE
, Header
.SignalState
),
770 OFFSET(QuEntryListHead
, KQUEUE
, EntryListHead
),
771 OFFSET(QuCurrentCount
, KQUEUE
, CurrentCount
),
772 OFFSET(QuMaximumCount
, KQUEUE
, MaximumCount
),
773 OFFSET(QuThreadListHead
, KQUEUE
, ThreadListHead
),
774 SIZE(QueueObjectLength
, KQUEUE
),
777 OFFSET(StrLength
, STRING
, Length
),
778 OFFSET(StrMaximumLength
, STRING
, MaximumLength
),
779 OFFSET(StrBuffer
, STRING
, Buffer
),
782 OFFSET(TeCmTeb
, TEB
, Tib
),
784 OFFSET(TeExceptionList
, TEB
, Tib
.ExceptionList
),
786 OFFSET(TeStackBase
, TEB
, Tib
.StackBase
),
787 OFFSET(TeStackLimit
, TEB
, Tib
.StackLimit
),
788 OFFSET(TeFiberData
, TEB
, Tib
.FiberData
),
789 OFFSET(TeSelf
, TEB
, Tib
.Self
),
790 OFFSET(TeEnvironmentPointer
, TEB
, EnvironmentPointer
),
791 OFFSET(TeClientId
, TEB
, ClientId
),
792 OFFSET(TeActiveRpcHandle
, TEB
, ActiveRpcHandle
),
793 OFFSET(TeThreadLocalStoragePointer
, TEB
, ThreadLocalStoragePointer
),
794 OFFSET(TeCountOfOwnedCriticalSections
, TEB
, CountOfOwnedCriticalSections
),
795 OFFSET(TePeb
, TEB
, ProcessEnvironmentBlock
),
796 OFFSET(TeCsrClientThread
, TEB
, CsrClientThread
),
797 OFFSET(TeWOW32Reserved
, TEB
, WOW32Reserved
),
798 // OFFSET(TeSoftFpcr, TEB, SoftFpcr),
799 OFFSET(TeExceptionCode
, TEB
, ExceptionCode
),
800 OFFSET(TeActivationContextStackPointer
, TEB
, ActivationContextStackPointer
),
801 OFFSET(TeGdiClientPID
, TEB
, GdiClientPID
),
802 OFFSET(TeGdiClientTID
, TEB
, GdiClientTID
),
803 OFFSET(TeGdiThreadLocalInfo
, TEB
, GdiThreadLocalInfo
),
804 OFFSET(TeglDispatchTable
, TEB
, glDispatchTable
),
805 OFFSET(TeglReserved1
, TEB
, glReserved1
),
806 OFFSET(TeglReserved2
, TEB
, glReserved2
),
807 OFFSET(TeglSectionInfo
, TEB
, glSectionInfo
),
808 OFFSET(TeglSection
, TEB
, glSection
),
809 OFFSET(TeglTable
, TEB
, glTable
),
810 OFFSET(TeglCurrentRC
, TEB
, glCurrentRC
),
811 OFFSET(TeglContext
, TEB
, glContext
),
812 OFFSET(TeDeallocationStack
, TEB
, DeallocationStack
),
813 OFFSET(TeTlsSlots
, TEB
, TlsSlots
),
814 OFFSET(TeTlsExpansionSlots
, TEB
, TlsExpansionSlots
),
815 OFFSET(TeLastErrorValue
, TEB
, LastErrorValue
),
816 OFFSET(TeVdm
, TEB
, Vdm
),
817 OFFSET(TeInstrumentation
, TEB
, Instrumentation
),
818 OFFSET(TeGdiBatchCount
, TEB
, GdiBatchCount
),
819 OFFSET(TeGuaranteedStackBytes
, TEB
, GuaranteedStackBytes
),
820 OFFSET(TeFlsData
, TEB
, FlsData
),
821 // OFFSET(TeProcessRundown, TEB, ProcessRundown),
822 SIZE(ThreadEnvironmentBlockLength
, TEB
),
824 HEADER("TIME_FIELDS"),
825 OFFSET(TfSecond
, TIME_FIELDS
, Second
),
826 OFFSET(TfMinute
, TIME_FIELDS
, Minute
),
827 OFFSET(TfHour
, TIME_FIELDS
, Hour
),
828 OFFSET(TfWeekday
, TIME_FIELDS
, Weekday
),
829 OFFSET(TfDay
, TIME_FIELDS
, Day
),
830 OFFSET(TfMonth
, TIME_FIELDS
, Month
),
831 OFFSET(TfYear
, TIME_FIELDS
, Year
),
832 OFFSET(TfMilliseconds
, TIME_FIELDS
, Milliseconds
),
835 OFFSET(ThType
, KTHREAD
, DispatcherHeader
.Type
),
836 // OFFSET(ThNpxIrql, KTHREAD, NpxIrql),
837 OFFSET(ThSize
, KTHREAD
, DispatcherHeader
.Size
),
838 OFFSET(ThLock
, KTHREAD
, DispatcherHeader
.Lock
),
839 OFFSET(ThDebugActive
, KTHREAD
, DispatcherHeader
.DebugActive
),
840 // OFFSET(ThThreadControlFlags, KTHREAD, DispatcherHeader.ThreadControlFlags),
841 OFFSET(ThSignalState
, KTHREAD
, DispatcherHeader
.SignalState
),
842 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
843 OFFSET(ThCycleTime
, KTHREAD
, CycleTime
),
844 OFFSET(ThHighCycleTime
, KTHREAD
, HighCycleTime
),
846 OFFSET(ThInitialStack
, KTHREAD
, InitialStack
),
847 OFFSET(ThStackLimit
, KTHREAD
, StackLimit
),
848 OFFSET(ThKernelStack
, KTHREAD
, KernelStack
),
849 OFFSET(ThThreadLock
, KTHREAD
, ThreadLock
),
850 // OFFSET(ThRunning, KTHREAD, Running),
851 OFFSET(ThAlerted
, KTHREAD
, Alerted
),
852 // OFFSET(ThMiscFlags, KTHREAD, MiscFlags),
853 OFFSET(ThApcState
, KTHREAD
, ApcState
),
854 OFFSET(ThPriority
, KTHREAD
, Priority
),
855 OFFSET(ThSwapBusy
, KTHREAD
, SwapBusy
),
856 OFFSET(ThNextProcessor
, KTHREAD
, NextProcessor
),
857 OFFSET(ThDeferredProcessor
, KTHREAD
, DeferredProcessor
),
858 OFFSET(ThApcQueueLock
, KTHREAD
, ApcQueueLock
),
859 OFFSET(ThContextSwitches
, KTHREAD
, ContextSwitches
),
860 OFFSET(ThState
, KTHREAD
, State
),
861 OFFSET(ThNpxState
, KTHREAD
, NpxState
),
862 OFFSET(ThWaitIrql
, KTHREAD
, WaitIrql
),
863 OFFSET(ThWaitMode
, KTHREAD
, WaitMode
),
864 OFFSET(ThWaitStatus
, KTHREAD
, WaitStatus
),
865 OFFSET(ThWaitBlockList
, KTHREAD
, WaitBlockList
),
866 OFFSET(ThGateObject
, KTHREAD
, GateObject
),
867 OFFSET(ThWaitListEntry
, KTHREAD
, WaitListEntry
),
868 OFFSET(ThSwapListEntry
, KTHREAD
, SwapListEntry
),
869 OFFSET(ThQueue
, KTHREAD
, Queue
),
870 OFFSET(ThWaitTime
, KTHREAD
, WaitTime
),
871 OFFSET(ThCombinedApcDisable
, KTHREAD
, CombinedApcDisable
),
872 OFFSET(ThKernelApcDisable
, KTHREAD
, KernelApcDisable
),
873 OFFSET(ThSpecialApcDisable
, KTHREAD
, SpecialApcDisable
),
874 OFFSET(ThTeb
, KTHREAD
, Teb
),
875 OFFSET(ThTimer
, KTHREAD
, Timer
),
876 OFFSET(ThThreadFlags
, KTHREAD
, ThreadFlags
),
877 OFFSET(ThServiceTable
, KTHREAD
, ServiceTable
),
878 OFFSET(ThWaitBlock
, KTHREAD
, WaitBlock
),
879 OFFSET(ThResourceIndex
, KTHREAD
, ResourceIndex
),
880 OFFSET(ThQueueListEntry
, KTHREAD
, QueueListEntry
),
881 OFFSET(ThTrapFrame
, KTHREAD
, TrapFrame
),
882 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
883 OFFSET(ThFirstArgument
, KTHREAD
, FirstArgument
),
885 OFFSET(ThCallbackStack
, KTHREAD
, CallbackStack
),
886 // OFFSET(ThCallbackDepth, KTHREAD, CallbackDepth),
887 OFFSET(ThApcStateIndex
, KTHREAD
, ApcStateIndex
),
888 OFFSET(ThIdealProcessor
, KTHREAD
, IdealProcessor
),
889 OFFSET(ThBasePriority
, KTHREAD
, BasePriority
),
890 OFFSET(ThPriorityDecrement
, KTHREAD
, PriorityDecrement
),
891 OFFSET(ThAdjustReason
, KTHREAD
, AdjustReason
),
892 OFFSET(ThAdjustIncrement
, KTHREAD
, AdjustIncrement
),
893 OFFSET(ThPreviousMode
, KTHREAD
, PreviousMode
),
894 OFFSET(ThSaturation
, KTHREAD
, Saturation
),
895 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
896 OFFSET(ThSystemCallNumber
, KTHREAD
, SystemCallNumber
),
898 OFFSET(ThFreezeCount
, KTHREAD
, FreezeCount
),
899 OFFSET(ThUserAffinity
, KTHREAD
, UserAffinity
),
900 OFFSET(ThProcess
, KTHREAD
, Process
),
901 OFFSET(ThAffinity
, KTHREAD
, Affinity
),
902 OFFSET(ThUserIdealProcessor
, KTHREAD
, UserIdealProcessor
),
903 OFFSET(ThApcStatePointer
, KTHREAD
, ApcStatePointer
),
904 OFFSET(ThSavedApcState
, KTHREAD
, SavedApcState
),
905 OFFSET(ThWaitReason
, KTHREAD
, WaitReason
),
906 OFFSET(ThSuspendCount
, KTHREAD
, SuspendCount
),
907 // OFFSET(ThCodePatchInProgress, KTHREAD, CodePatchInProgress),
908 OFFSET(ThWin32Thread
, KTHREAD
, Win32Thread
),
909 OFFSET(ThStackBase
, KTHREAD
, StackBase
),
910 OFFSET(ThSuspendApc
, KTHREAD
, SuspendApc
),
911 OFFSET(ThPowerState
, KTHREAD
, PowerState
),
912 OFFSET(ThKernelTime
, KTHREAD
, KernelTime
),
913 OFFSET(ThLegoData
, KTHREAD
, LegoData
),
914 OFFSET(ThLargeStack
, KTHREAD
, LargeStack
),
915 OFFSET(ThUserTime
, KTHREAD
, UserTime
),
916 OFFSET(ThSuspendSemaphore
, KTHREAD
, SuspendSemaphore
),
917 OFFSET(ThSListFaultCount
, KTHREAD
, SListFaultCount
),
918 OFFSET(ThThreadListEntry
, KTHREAD
, ThreadListEntry
),
919 OFFSET(ThMutantListHead
, KTHREAD
, MutantListHead
),
920 OFFSET(ThSListFaultAddress
, KTHREAD
, SListFaultAddress
),
921 SIZE(KernelThreadObjectLength
, KTHREAD
),
922 SIZE(ExecutiveThreadObjectLength
, ETHREAD
),
925 OFFSET(TiType
, KTIMER
, Header
.Type
),
926 OFFSET(TiSize
, KTIMER
, Header
.Size
),
927 OFFSET(TiInserted
, KTIMER
, Header
.Inserted
),
928 OFFSET(TiSignalState
, KTIMER
, Header
.SignalState
),
929 OFFSET(TiDueTime
, KTIMER
, DueTime
),
930 OFFSET(TiTimerListEntry
, KTIMER
, TimerListEntry
),
931 OFFSET(TiDpc
, KTIMER
, Dpc
),
932 OFFSET(TiPeriod
, KTIMER
, Period
),
933 SIZE(TimerObjectLength
, KTIMER
),
936 // OFFSET(TmLowTime, TIME, LowTime),
937 // OFFSET(TmHighTime, TIME, HighTime),
940 HEADER("SYSTEM_CONTEXT_SWITCH_INFORMATION (relative to FindAny)"),
941 RELOFFSET(TwFindAny
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, FindAny
, FindAny
),
942 RELOFFSET(TwFindIdeal
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, FindIdeal
, FindAny
),
943 RELOFFSET(TwFindLast
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, FindLast
, FindAny
),
944 RELOFFSET(TwIdleAny
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, IdleAny
, FindAny
),
945 RELOFFSET(TwIdleCurrent
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, IdleCurrent
, FindAny
),
946 RELOFFSET(TwIdleIdeal
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, IdleIdeal
, FindAny
),
947 RELOFFSET(TwIdleLast
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, IdleLast
, FindAny
),
948 RELOFFSET(TwPreemptAny
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, PreemptAny
, FindAny
),
949 RELOFFSET(TwPreemptCurrent
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, PreemptCurrent
, FindAny
),
950 RELOFFSET(TwPreemptLast
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, PreemptLast
, FindAny
),
951 RELOFFSET(TwSwitchToIdle
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, SwitchToIdle
, FindAny
),
954 HEADER("KUSER_SHARED_DATA"),
955 OFFSET(UsTickCountMultiplier
, KUSER_SHARED_DATA
, TickCountMultiplier
),
956 OFFSET(UsInterruptTime
, KUSER_SHARED_DATA
, InterruptTime
),
957 OFFSET(UsSystemTime
, KUSER_SHARED_DATA
, SystemTime
),
958 OFFSET(UsTimeZoneBias
, KUSER_SHARED_DATA
, TimeZoneBias
),
959 OFFSET(UsImageNumberLow
, KUSER_SHARED_DATA
, ImageNumberLow
),
960 OFFSET(UsImageNumberHigh
, KUSER_SHARED_DATA
, ImageNumberHigh
),
961 OFFSET(UsNtSystemRoot
, KUSER_SHARED_DATA
, NtSystemRoot
),
962 OFFSET(UsMaxStackTraceDepth
, KUSER_SHARED_DATA
, MaxStackTraceDepth
),
963 OFFSET(UsCryptoExponent
, KUSER_SHARED_DATA
, CryptoExponent
),
964 OFFSET(UsTimeZoneId
, KUSER_SHARED_DATA
, TimeZoneId
),
965 OFFSET(UsLargePageMinimum
, KUSER_SHARED_DATA
, LargePageMinimum
),
966 OFFSET(UsReserved2
, KUSER_SHARED_DATA
, Reserved2
),
967 OFFSET(UsNtProductType
, KUSER_SHARED_DATA
, NtProductType
),
968 OFFSET(UsProductTypeIsValid
, KUSER_SHARED_DATA
, ProductTypeIsValid
),
969 OFFSET(UsNtMajorVersion
, KUSER_SHARED_DATA
, NtMajorVersion
),
970 OFFSET(UsNtMinorVersion
, KUSER_SHARED_DATA
, NtMinorVersion
),
971 OFFSET(UsProcessorFeatures
, KUSER_SHARED_DATA
, ProcessorFeatures
),
972 OFFSET(UsReserved1
, KUSER_SHARED_DATA
, Reserved1
),
973 OFFSET(UsReserved3
, KUSER_SHARED_DATA
, Reserved3
),
974 OFFSET(UsTimeSlip
, KUSER_SHARED_DATA
, TimeSlip
),
975 OFFSET(UsAlternativeArchitecture
, KUSER_SHARED_DATA
, AlternativeArchitecture
),
976 OFFSET(UsSystemExpirationDate
, KUSER_SHARED_DATA
, SystemExpirationDate
),
977 OFFSET(UsSuiteMask
, KUSER_SHARED_DATA
, SuiteMask
),
978 OFFSET(UsKdDebuggerEnabled
, KUSER_SHARED_DATA
, KdDebuggerEnabled
),
979 OFFSET(UsActiveConsoleId
, KUSER_SHARED_DATA
, ActiveConsoleId
),
980 OFFSET(UsDismountCount
, KUSER_SHARED_DATA
, DismountCount
),
981 OFFSET(UsComPlusPackage
, KUSER_SHARED_DATA
, ComPlusPackage
),
982 OFFSET(UsLastSystemRITEventTickCount
, KUSER_SHARED_DATA
, LastSystemRITEventTickCount
),
983 OFFSET(UsNumberOfPhysicalPages
, KUSER_SHARED_DATA
, NumberOfPhysicalPages
),
984 OFFSET(UsSafeBootMode
, KUSER_SHARED_DATA
, SafeBootMode
),
985 // OFFSET(UsTscQpcData, KUSER_SHARED_DATA, TscQpcData),
986 OFFSET(UsTestRetInstruction
, KUSER_SHARED_DATA
, TestRetInstruction
),
987 OFFSET(UsSystemCall
, KUSER_SHARED_DATA
, SystemCall
),
988 OFFSET(UsSystemCallReturn
, KUSER_SHARED_DATA
, SystemCallReturn
),
989 OFFSET(UsSystemCallPad
, KUSER_SHARED_DATA
, SystemCallPad
),
990 OFFSET(UsTickCount
, KUSER_SHARED_DATA
, TickCount
),
991 OFFSET(UsTickCountQuad
, KUSER_SHARED_DATA
, TickCountQuad
),
992 OFFSET(UsWow64SharedInformation
, KUSER_SHARED_DATA
, Wow64SharedInformation
),
994 HEADER("KWAIT_BLOCK"),
995 OFFSET(WbWaitListEntry
, KWAIT_BLOCK
, WaitListEntry
),
996 OFFSET(WbThread
, KWAIT_BLOCK
, Thread
),
997 OFFSET(WbObject
, KWAIT_BLOCK
, Object
),
998 OFFSET(WbNextWaitBlock
, KWAIT_BLOCK
, NextWaitBlock
),
999 OFFSET(WbWaitKey
, KWAIT_BLOCK
, WaitKey
),
1000 OFFSET(WbWaitType
, KWAIT_BLOCK
, WaitType
),
1002 #if defined(_M_IX86)
1005 OFFSET(CsContextFlags
, CONTEXT
, ContextFlags
),
1006 OFFSET(CsDr0
, CONTEXT
, Dr0
),
1007 OFFSET(CsDr1
, CONTEXT
, Dr1
),
1008 OFFSET(CsDr2
, CONTEXT
, Dr2
),
1009 OFFSET(CsDr3
, CONTEXT
, Dr3
),
1010 OFFSET(CsDr6
, CONTEXT
, Dr6
),
1011 OFFSET(CsDr7
, CONTEXT
, Dr7
),
1012 OFFSET(CsFloatSave
, CONTEXT
, FloatSave
),
1013 OFFSET(CsSegGs
, CONTEXT
, SegGs
),
1014 OFFSET(CsSegFs
, CONTEXT
, SegFs
),
1015 OFFSET(CsSegEs
, CONTEXT
, SegEs
),
1016 OFFSET(CsSegDs
, CONTEXT
, SegDs
),
1017 OFFSET(CsEdi
, CONTEXT
, Edi
),
1018 OFFSET(CsEsi
, CONTEXT
, Esi
),
1019 OFFSET(CsEbx
, CONTEXT
, Ebx
),
1020 OFFSET(CsEdx
, CONTEXT
, Edx
),
1021 OFFSET(CsEcx
, CONTEXT
, Ecx
),
1022 OFFSET(CsEax
, CONTEXT
, Eax
),
1023 OFFSET(CsEbp
, CONTEXT
, Ebp
),
1024 OFFSET(CsEip
, CONTEXT
, Eip
),
1025 OFFSET(CsSegCs
, CONTEXT
, SegCs
),
1026 OFFSET(CsEflags
, CONTEXT
, EFlags
),
1027 OFFSET(CsEsp
, CONTEXT
, Esp
),
1028 OFFSET(CsSegSs
, CONTEXT
, SegSs
),
1029 OFFSET(CsExtendedRegisters
, CONTEXT
, ExtendedRegisters
),
1030 SIZE(ContextFrameLength
, CONTEXT
),
1031 SIZE(CONTEXT_LENGTH
, CONTEXT
),
1033 HEADER("KGDTENTRY"),
1034 OFFSET(KgdtBaseLow
, KGDTENTRY
, BaseLow
),
1035 OFFSET(KgdtBaseMid
, KGDTENTRY
, HighWord
.Bytes
.BaseMid
),
1036 OFFSET(KgdtBaseHi
, KGDTENTRY
, HighWord
.Bytes
.BaseHi
),
1037 OFFSET(KgdtLimitHi
, KGDTENTRY
, HighWord
.Bytes
.Flags2
),
1038 OFFSET(KgdtLimitLow
, KGDTENTRY
, LimitLow
),
1040 HEADER("KTRAP_FRAME"),
1041 OFFSET(TsExceptionList
, KTRAP_FRAME
, ExceptionList
),
1042 OFFSET(TsPreviousPreviousMode
, KTRAP_FRAME
, PreviousPreviousMode
),
1043 OFFSET(TsSegGs
, KTRAP_FRAME
, SegGs
),
1044 OFFSET(TsSegFs
, KTRAP_FRAME
, SegFs
),
1045 OFFSET(TsSegEs
, KTRAP_FRAME
, SegEs
),
1046 OFFSET(TsSegDs
, KTRAP_FRAME
, SegDs
),
1047 OFFSET(TsEdi
, KTRAP_FRAME
, Edi
),
1048 OFFSET(TsEsi
, KTRAP_FRAME
, Esi
),
1049 OFFSET(TsEbp
, KTRAP_FRAME
, Ebp
),
1050 OFFSET(TsEbx
, KTRAP_FRAME
, Ebx
),
1051 OFFSET(TsEdx
, KTRAP_FRAME
, Edx
),
1052 OFFSET(TsEcx
, KTRAP_FRAME
, Ecx
),
1053 OFFSET(TsEax
, KTRAP_FRAME
, Eax
),
1054 OFFSET(TsErrCode
, KTRAP_FRAME
, ErrCode
),
1055 OFFSET(TsEip
, KTRAP_FRAME
, Eip
),
1056 OFFSET(TsSegCs
, KTRAP_FRAME
, SegCs
),
1057 OFFSET(TsEflags
, KTRAP_FRAME
, EFlags
),
1058 OFFSET(TsHardwareEsp
, KTRAP_FRAME
, HardwareEsp
),
1059 OFFSET(TsHardwareSegSs
, KTRAP_FRAME
, HardwareSegSs
),
1060 OFFSET(TsTempSegCs
, KTRAP_FRAME
, TempSegCs
),
1061 // OFFSET(TsLogging, KTRAP_FRAME, Logging),
1062 OFFSET(TsTempEsp
, KTRAP_FRAME
, TempEsp
),
1063 OFFSET(TsDbgEbp
, KTRAP_FRAME
, DbgEbp
),
1064 OFFSET(TsDbgEip
, KTRAP_FRAME
, DbgEip
),
1065 OFFSET(TsDbgArgMark
, KTRAP_FRAME
, DbgArgMark
),
1066 OFFSET(TsDbgArgPointer
, KTRAP_FRAME
, DbgArgPointer
),
1067 OFFSET(TsDr0
, KTRAP_FRAME
, Dr0
),
1068 OFFSET(TsDr1
, KTRAP_FRAME
, Dr1
),
1069 OFFSET(TsDr2
, KTRAP_FRAME
, Dr2
),
1070 OFFSET(TsDr3
, KTRAP_FRAME
, Dr3
),
1071 OFFSET(TsDr6
, KTRAP_FRAME
, Dr6
),
1072 OFFSET(TsDr7
, KTRAP_FRAME
, Dr7
),
1073 OFFSET(TsV86Es
, KTRAP_FRAME
, V86Es
),
1074 OFFSET(TsV86Ds
, KTRAP_FRAME
, V86Ds
),
1075 OFFSET(TsV86Fs
, KTRAP_FRAME
, V86Fs
),
1076 OFFSET(TsV86Gs
, KTRAP_FRAME
, V86Gs
),
1077 SIZE(KTRAP_FRAME_LENGTH
, KTRAP_FRAME
),
1078 CONSTANT(KTRAP_FRAME_ALIGN
),
1079 CONSTANT(FRAME_EDITED
),
1082 OFFSET(TssEsp0
, KTSS
, Esp0
),
1083 OFFSET(TssCR3
, KTSS
, CR3
),
1084 OFFSET(TssEip
, KTSS
, Eip
),
1085 OFFSET(TssEFlags
, KTSS
, EFlags
),
1086 OFFSET(TssEax
, KTSS
, Eax
),
1087 OFFSET(TssEbx
, KTSS
, Ebx
),
1088 OFFSET(TssEcx
, KTSS
, Ecx
),
1089 OFFSET(TssEdx
, KTSS
, Edx
),
1090 OFFSET(TssEsp
, KTSS
, Esp
),
1091 OFFSET(TssEbp
, KTSS
, Ebp
),
1092 OFFSET(TssEsi
, KTSS
, Esi
),
1093 OFFSET(TssEdi
, KTSS
, Edi
),
1094 OFFSET(TssEs
, KTSS
, Es
),
1095 OFFSET(TssCs
, KTSS
, Cs
),
1096 OFFSET(TssSs
, KTSS
, Ss
),
1097 OFFSET(TssDs
, KTSS
, Ds
),
1098 OFFSET(TssFs
, KTSS
, Fs
),
1099 OFFSET(TssGs
, KTSS
, Gs
),
1100 OFFSET(TssLDT
, KTSS
, LDT
),
1101 OFFSET(TssIoMapBase
, KTSS
, IoMapBase
),
1102 OFFSET(TssIoMaps
, KTSS
, IoMaps
),
1103 SIZE(TssLength
, KTSS
),
1105 #elif defined(_M_AMD64)
1107 HEADER("Argument Home Address"),
1108 OFFSET(P1Home
, CONTEXT
, P1Home
),
1109 OFFSET(P2Home
, CONTEXT
, P1Home
),
1110 OFFSET(P3Home
, CONTEXT
, P1Home
),
1111 OFFSET(P4Home
, CONTEXT
, P1Home
),
1114 OFFSET(CxP1Home
, CONTEXT
, P1Home
),
1115 OFFSET(CxP2Home
, CONTEXT
, P2Home
),
1116 OFFSET(CxP3Home
, CONTEXT
, P3Home
),
1117 OFFSET(CxP4Home
, CONTEXT
, P4Home
),
1118 OFFSET(CxP5Home
, CONTEXT
, P5Home
),
1119 OFFSET(CxP6Home
, CONTEXT
, P6Home
),
1120 OFFSET(CxContextFlags
, CONTEXT
, ContextFlags
),
1121 OFFSET(CxMxCsr
, CONTEXT
, MxCsr
),
1122 OFFSET(CxSegCs
, CONTEXT
, SegCs
),
1123 OFFSET(CxSegDs
, CONTEXT
, SegDs
),
1124 OFFSET(CxSegEs
, CONTEXT
, SegEs
),
1125 OFFSET(CxSegFs
, CONTEXT
, SegFs
),
1126 OFFSET(CxSegGs
, CONTEXT
, SegGs
),
1127 OFFSET(CxSegSs
, CONTEXT
, SegSs
),
1128 OFFSET(CxEFlags
, CONTEXT
, EFlags
),
1129 OFFSET(CxDr0
, CONTEXT
, Dr0
),
1130 OFFSET(CxDr1
, CONTEXT
, Dr1
),
1131 OFFSET(CxDr2
, CONTEXT
, Dr2
),
1132 OFFSET(CxDr3
, CONTEXT
, Dr3
),
1133 OFFSET(CxDr6
, CONTEXT
, Dr6
),
1134 OFFSET(CxDr7
, CONTEXT
, Dr7
),
1135 OFFSET(CxRax
, CONTEXT
, Rax
),
1136 OFFSET(CxRcx
, CONTEXT
, Rcx
),
1137 OFFSET(CxRdx
, CONTEXT
, Rdx
),
1138 OFFSET(CxRbx
, CONTEXT
, Rbx
),
1139 OFFSET(CxRsp
, CONTEXT
, Rsp
),
1140 OFFSET(CxRbp
, CONTEXT
, Rbp
),
1141 OFFSET(CxRsi
, CONTEXT
, Rsi
),
1142 OFFSET(CxRdi
, CONTEXT
, Rdi
),
1143 OFFSET(CxR8
, CONTEXT
, R8
),
1144 OFFSET(CxR9
, CONTEXT
, R9
),
1145 OFFSET(CxR10
, CONTEXT
, R10
),
1146 OFFSET(CxR11
, CONTEXT
, R11
),
1147 OFFSET(CxR12
, CONTEXT
, R12
),
1148 OFFSET(CxR13
, CONTEXT
, R13
),
1149 OFFSET(CxR14
, CONTEXT
, R14
),
1150 OFFSET(CxR15
, CONTEXT
, R15
),
1151 OFFSET(CxRip
, CONTEXT
, Rip
),
1152 OFFSET(CxFltSave
, CONTEXT
, FltSave
),
1153 OFFSET(CxXmm0
, CONTEXT
, Xmm0
),
1154 OFFSET(CxXmm1
, CONTEXT
, Xmm1
),
1155 OFFSET(CxXmm2
, CONTEXT
, Xmm2
),
1156 OFFSET(CxXmm3
, CONTEXT
, Xmm3
),
1157 OFFSET(CxXmm4
, CONTEXT
, Xmm4
),
1158 OFFSET(CxXmm5
, CONTEXT
, Xmm5
),
1159 OFFSET(CxXmm6
, CONTEXT
, Xmm6
),
1160 OFFSET(CxXmm7
, CONTEXT
, Xmm7
),
1161 OFFSET(CxXmm8
, CONTEXT
, Xmm8
),
1162 OFFSET(CxXmm9
, CONTEXT
, Xmm9
),
1163 OFFSET(CxXmm10
, CONTEXT
, Xmm10
),
1164 OFFSET(CxXmm11
, CONTEXT
, Xmm11
),
1165 OFFSET(CxXmm12
, CONTEXT
, Xmm12
),
1166 OFFSET(CxXmm13
, CONTEXT
, Xmm13
),
1167 OFFSET(CxXmm14
, CONTEXT
, Xmm14
),
1168 OFFSET(CxXmm15
, CONTEXT
, Xmm15
),
1169 OFFSET(CxDebugControl
, CONTEXT
, DebugControl
),
1170 OFFSET(CxLastBranchToRip
, CONTEXT
, LastBranchToRip
),
1171 OFFSET(CxLastBranchFromRip
, CONTEXT
, LastBranchFromRip
),
1172 OFFSET(CxLastExceptionToRip
, CONTEXT
, LastExceptionToRip
),
1173 OFFSET(CxLastExceptionFromRip
, CONTEXT
, LastExceptionFromRip
),
1174 OFFSET(CxVectorControl
, CONTEXT
, VectorControl
),
1175 OFFSET(CxVectorRegister
, CONTEXT
, VectorRegister
),
1176 SIZE(CONTEXT_FRAME_LENGTH
, CONTEXT
),
1178 HEADER("DISPATCHER_CONTEXT"),
1179 OFFSET(DcControlPc
, TYPE
, ControlPc
),
1180 OFFSET(DcImageBase
, TYPE
, ImageBase
),
1181 OFFSET(DcFunctionEntry
, TYPE
, FunctionEntry
),
1182 OFFSET(DcEstablisherFrame
, TYPE
, EstablisherFrame
),
1183 OFFSET(DcTargetIp
, TYPE
, TargetIp
),
1184 OFFSET(DcContextRecord
, TYPE
, ContextRecord
),
1185 OFFSET(DcLanguageHandler
, TYPE
, LanguageHandler
),
1186 OFFSET(DcHandlerData
, TYPE
, HandlerData
),
1187 OFFSET(DcHistoryTable
, TYPE
, HistoryTable
),
1188 OFFSET(DcScopeIndex
, TYPE
, ScopeIndex
),
1190 HEADER("KEXCEPTION_FRAME"),
1191 OFFSET(ExP1Home
, KEXCEPTION_FRAME
, P1Home
),
1192 OFFSET(ExP2Home
, KEXCEPTION_FRAME
, P2Home
),
1193 OFFSET(ExP3Home
, KEXCEPTION_FRAME
, P3Home
),
1194 OFFSET(ExP4Home
, KEXCEPTION_FRAME
, P4Home
),
1195 OFFSET(ExP5
, KEXCEPTION_FRAME
, P5
),
1196 OFFSET(ExXmm6
, KEXCEPTION_FRAME
, Xmm6
),
1197 OFFSET(ExXmm7
, KEXCEPTION_FRAME
, Xmm7
),
1198 OFFSET(ExXmm8
, KEXCEPTION_FRAME
, Xmm8
),
1199 OFFSET(ExXmm9
, KEXCEPTION_FRAME
, Xmm9
),
1200 OFFSET(ExXmm10
, KEXCEPTION_FRAME
, Xmm10
),
1201 OFFSET(ExXmm11
, KEXCEPTION_FRAME
, Xmm11
),
1202 OFFSET(ExXmm12
, KEXCEPTION_FRAME
, Xmm12
),
1203 OFFSET(ExXmm13
, KEXCEPTION_FRAME
, Xmm13
),
1204 OFFSET(ExXmm14
, KEXCEPTION_FRAME
, Xmm14
),
1205 OFFSET(ExXmm15
, KEXCEPTION_FRAME
, Xmm15
),
1206 OFFSET(ExMxCsr
, KEXCEPTION_FRAME
, MxCsr
),
1207 OFFSET(ExRbp
, KEXCEPTION_FRAME
, Rbp
),
1208 OFFSET(ExRbx
, KEXCEPTION_FRAME
, Rbx
),
1209 OFFSET(ExRdi
, KEXCEPTION_FRAME
, Rdi
),
1210 OFFSET(ExRsi
, KEXCEPTION_FRAME
, Rsi
),
1211 OFFSET(ExR12
, KEXCEPTION_FRAME
, R12
),
1212 OFFSET(ExR13
, KEXCEPTION_FRAME
, R13
),
1213 OFFSET(ExR14
, KEXCEPTION_FRAME
, R14
),
1214 OFFSET(ExR15
, KEXCEPTION_FRAME
, R15
),
1215 OFFSET(ExReturn
, KEXCEPTION_FRAME
, Return
),
1216 OFFSET(CuInitialStack
, KEXCEPTION_FRAME
, InitialStack
),
1217 OFFSET(CuTrapFrame
, KEXCEPTION_FRAME
, TrapFrame
),
1218 OFFSET(CuCallbackStack
, KEXCEPTION_FRAME
, CallbackStack
),
1219 OFFSET(CuOutputBuffer
, KEXCEPTION_FRAME
, OutputBuffer
),
1220 OFFSET(CuOutputLength
, KEXCEPTION_FRAME
, OutputLength
),
1221 SIZE(KEXCEPTION_FRAME_LENGTH
, KEXCEPTION_FRAME
),
1223 HEADER("JUMP_BUFFER"),
1224 OFFSET(JbFrame
, JUMP_BUFFER
, Frame
),
1225 OFFSET(JbRbx
, JUMP_BUFFER
, Rbx
),
1226 OFFSET(JbRsp
, JUMP_BUFFER
, Rsp
),
1227 OFFSET(JbRbp
, JUMP_BUFFER
, Rbp
),
1228 OFFSET(JbRsi
, JUMP_BUFFER
, Rsi
),
1229 OFFSET(JbRdi
, JUMP_BUFFER
, Rdi
),
1230 OFFSET(JbR12
, JUMP_BUFFER
, R12
),
1231 OFFSET(JbR13
, JUMP_BUFFER
, R13
),
1232 OFFSET(JbR14
, JUMP_BUFFER
, R14
),
1233 OFFSET(JbR15
, JUMP_BUFFER
, R15
),
1234 OFFSET(JbRip
, JUMP_BUFFER
, Rip
),
1235 OFFSET(JbMxCsr
, JUMP_BUFFER
, MxCsr
),
1236 OFFSET(JbFpCsr
, JUMP_BUFFER
, FpCsr
),
1237 OFFSET(JbXmm6
, JUMP_BUFFER
, Xmm6
),
1238 OFFSET(JbXmm7
, JUMP_BUFFER
, Xmm7
),
1239 OFFSET(JbXmm8
, JUMP_BUFFER
, Xmm8
),
1240 OFFSET(JbXmm9
, JUMP_BUFFER
, Xmm9
),
1241 OFFSET(JbXmm10
, JUMP_BUFFER
, Xmm10
),
1242 OFFSET(JbXmm11
, JUMP_BUFFER
, Xmm11
),
1243 OFFSET(JbXmm12
, JUMP_BUFFER
, Xmm12
),
1244 OFFSET(JbXmm13
, JUMP_BUFFER
, Xmm13
),
1245 OFFSET(JbXmm14
, JUMP_BUFFER
, Xmm14
),
1246 OFFSET(JbXmm15
, JUMP_BUFFER
, Xmm15
),
1249 OFFSET(KgdtBaseLow
, KGDT64
, BaseLow
),
1250 OFFSET(KgdtBaseMiddle
, KGDT64
, BaseMiddle
),
1251 OFFSET(KgdtBaseHigh
, KGDT64
, BaseHigh
),
1252 OFFSET(KgdtBaseUpper
, KGDT64
, BaseUpper
),
1253 OFFSET(KgdtLimitHigh
, KGDT64
, LimitHigh
),
1254 OFFSET(KgdtLimitLow
, KGDT64
, LimitLow
),
1255 CONSTANT(KGDT_LIMIT_ENCODE_MASK
),
1258 OFFSET(PbMxCsr
, KPRCB
, MxCsr
),
1259 OFFSET(PbNumber
, KPRCB
, Number
),
1260 OFFSET(PbInterruptRequest
, KPRCB
, InterruptRequest
),
1261 OFFSET(PbIdleHalt
, KPRCB
, IdleHalt
),
1262 OFFSET(PbCurrentThread
, KPRCB
, CurrentThread
),
1263 OFFSET(PbNextThread
, KPRCB
, NextThread
),
1264 OFFSET(PbIdleThread
, KPRCB
, IdleThread
),
1265 OFFSET(PbNestingLevel
, KPRCB
, NestingLevel
),
1266 OFFSET(PbRspBase
, KPRCB
, RspBase
),
1267 OFFSET(PbPrcbLock
, KPRCB
, PrcbLock
),
1268 OFFSET(PbSetMember
, KPRCB
, SetMember
),
1269 OFFSET(PbProcessorState
, KPRCB
, ProcessorState
),
1270 OFFSET(PbCpuType
, KPRCB
, CpuType
),
1271 OFFSET(PbCpuID
, KPRCB
, CpuID
),
1272 OFFSET(PbCpuStep
, KPRCB
, CpuStep
),
1273 OFFSET(PbHalReserved
, KPRCB
, HalReserved
),
1274 OFFSET(PbMinorVersion
, KPRCB
, MinorVersion
),
1275 OFFSET(PbMajorVersion
, KPRCB
, MajorVersion
),
1276 OFFSET(PbBuildType
, KPRCB
, BuildType
),
1277 OFFSET(PbCpuVendor
, KPRCB
, CpuVendor
),
1278 OFFSET(PbCoresPerPhysicalProcessor
, KPRCB
, CoresPerPhysicalProcessor
),
1279 OFFSET(PbLogicalProcessorsPerCore
, KPRCB
, LogicalProcessorsPerCore
),
1280 OFFSET(PbApicMask
, KPRCB
, ApicMask
),
1281 OFFSET(PbCFlushSize
, KPRCB
, CFlushSize
),
1282 OFFSET(PbAcpiReserved
, KPRCB
, AcpiReserved
),
1283 OFFSET(PbInitialApicId
, KPRCB
, InitialApicId
),
1284 OFFSET(PbStride
, KPRCB
, Stride
),
1285 OFFSET(PbLockQueue
, KPRCB
, LockQueue
),
1286 OFFSET(PbPPLookasideList
, KPRCB
, PPLookasideList
),
1287 OFFSET(PbPPNPagedLookasideList
, KPRCB
, PPNPagedLookasideList
),
1288 OFFSET(PbPPPagedLookasideList
, KPRCB
, PPPagedLookasideList
),
1289 OFFSET(PbPacketBarrier
, KPRCB
, PacketBarrier
),
1290 OFFSET(PbDeferredReadyListHead
, KPRCB
, DeferredReadyListHead
),
1291 OFFSET(PbLookasideIrpFloat
, KPRCB
, LookasideIrpFloat
),
1292 OFFSET(PbSystemCalls
, KPRCB
, SystemCalls
),
1293 OFFSET(PbReadOperationCount
, KPRCB
, ReadOperationCount
),
1294 OFFSET(PbWriteOperationCount
, KPRCB
, WriteOperationCount
),
1295 OFFSET(PbOtherOperationCount
, KPRCB
, OtherOperationCount
),
1296 OFFSET(PbReadTransferCount
, KPRCB
, ReadTransferCount
),
1297 OFFSET(PbWriteTransferCount
, KPRCB
, WriteTransferCount
),
1298 OFFSET(PbOtherTransferCount
, KPRCB
, OtherTransferCount
),
1299 OFFSET(PbContextSwitches
, KPRCB
, ContextSwitches
),
1300 OFFSET(PbTargetSet
, KPRCB
, TargetSet
),
1301 OFFSET(PbIpiFrozen
, KPRCB
, IpiFrozen
),
1302 OFFSET(PbRequestMailbox
, KPRCB
, RequestMailbox
),
1303 OFFSET(PbSenderSummary
, KPRCB
, SenderSummary
),
1304 OFFSET(PbDpcListHead
, KPRCB
, DpcListHead
),
1305 OFFSET(PbDpcLock
, KPRCB
, DpcLock
),
1306 OFFSET(PbDpcQueueDepth
, KPRCB
, DpcQueueDepth
),
1307 OFFSET(PbDpcCount
, KPRCB
, DpcCount
),
1308 OFFSET(PbDpcStack
, KPRCB
, DpcStack
),
1309 OFFSET(PbMaximumDpcQueueDepth
, KPRCB
, MaximumDpcQueueDepth
),
1310 OFFSET(PbDpcRequestRate
, KPRCB
, DpcRequestRate
),
1311 OFFSET(PbMinimumDpcRate
, KPRCB
, MinimumDpcRate
),
1312 OFFSET(PbDpcInterruptRequested
, KPRCB
, DpcInterruptRequested
),
1313 OFFSET(PbDpcThreadRequested
, KPRCB
, DpcThreadRequested
),
1314 OFFSET(PbDpcRoutineActive
, KPRCB
, DpcRoutineActive
),
1315 OFFSET(PbDpcThreadActive
, KPRCB
, DpcThreadActive
),
1316 OFFSET(PbTimerHand
, KPRCB
, TimerHand
),
1317 OFFSET(PbTimerRequest
, KPRCB
, TimerRequest
),
1318 OFFSET(PbTickOffset
, KPRCB
, TickOffset
),
1319 OFFSET(PbMasterOffset
, KPRCB
, MasterOffset
),
1320 OFFSET(PbDpcLastCount
, KPRCB
, DpcLastCount
),
1321 OFFSET(PbQuantumEnd
, KPRCB
, QuantumEnd
),
1322 OFFSET(PbDpcSetEventRequest
, KPRCB
, DpcSetEventRequest
),
1323 OFFSET(PbIdleSchedule
, KPRCB
, IdleSchedule
),
1324 OFFSET(PbReadySummary
, KPRCB
, ReadySummary
),
1325 OFFSET(PbDispatcherReadyListHead
, KPRCB
, DispatcherReadyListHead
),
1326 OFFSET(PbInterruptCount
, KPRCB
, InterruptCount
),
1327 OFFSET(PbKernelTime
, KPRCB
, KernelTime
),
1328 OFFSET(PbUserTime
, KPRCB
, UserTime
),
1329 OFFSET(PbDpcTime
, KPRCB
, DpcTime
),
1330 OFFSET(PbInterruptTime
, KPRCB
, InterruptTime
),
1331 OFFSET(PbAdjustDpcThreshold
, KPRCB
, AdjustDpcThreshold
),
1332 OFFSET(PbSkipTick
, KPRCB
, SkipTick
),
1333 OFFSET(PbPollSlot
, KPRCB
, PollSlot
),
1334 OFFSET(PbParentNode
, KPRCB
, ParentNode
),
1335 OFFSET(PbMultiThreadProcessorSet
, KPRCB
, MultiThreadProcessorSet
),
1336 OFFSET(PbMultiThreadSetMaster
, KPRCB
, MultiThreadSetMaster
),
1337 OFFSET(PbStartCycles
, KPRCB
, StartCycles
),
1338 OFFSET(PbPageColor
, KPRCB
, PageColor
),
1339 OFFSET(PbNodeColor
, KPRCB
, NodeColor
),
1340 OFFSET(PbNodeShiftedColor
, KPRCB
,NodeShiftedColor
),
1341 OFFSET(PbSecondaryColorMask
, KPRCB
, SecondaryColorMask
),
1342 OFFSET(PbSleeping
, KPRCB
, Sleeping
),
1343 OFFSET(PbCycleTime
, KPRCB
, CycleTime
),
1344 OFFSET(PbFastReadNoWait
, KPRCB
, FastReadNoWait
),
1345 OFFSET(PbFastReadWait
, KPRCB
, FastReadWait
),
1346 OFFSET(PbFastReadNotPossible
, KPRCB
, FastReadNotPossible
),
1347 OFFSET(PbCopyReadNoWait
, KPRCB
, CopyReadNoWait
),
1348 OFFSET(PbCopyReadWait
, KPRCB
, CopyReadWait
),
1349 OFFSET(PbCopyReadNoWaitMiss
, KPRCB
, CopyReadNoWaitMiss
),
1350 OFFSET(PbAlignmentFixupCount
, KPRCB
, AlignmentFixupCount
),
1351 OFFSET(PbExceptionDispatchCount
, KPRCB
, ExceptionDispatchCount
),
1352 OFFSET(PbVendorString
, KPRCB
, VendorString
),
1353 OFFSET(PbPowerState
, KPRCB
, PowerState
),
1354 SIZE(ProcessorBlockLength
, KPRCB
),
1357 OFFSET(PcGdt
, KPCR
, Gdt
),
1358 OFFSET(PcTss
, KPCR
, Tss
),
1359 OFFSET(PcUserRsp
, KPCR
, UserRsp
),
1360 OFFSET(PcSelf
, KPCR
, Self
),
1361 OFFSET(PcCurrentPrcb
, KPCR
, CurrentPrcb
),
1362 OFFSET(PcLockArray
, KPCR
, LockArray
),
1363 OFFSET(PcTeb
, KPCR
, Teb
),
1364 OFFSET(PcIdt
, KPCR
, Idt
),
1365 OFFSET(PcIrql
, KPCR
, Irql
),
1366 OFFSET(PcStallScaleFactor
, KPCR
, StallScaleFactor
),
1367 OFFSET(PcHalReserved
, KPCR
, HalReserved
),
1368 OFFSET(PcPrcb
, KPCR
, Prcb
),
1369 OFFSET(PcMxCsr
, KPCR
, MxCsr
),
1370 OFFSET(PcNumber
, KPCR
, Number
),
1371 OFFSET(PcInterruptRequest
, KPCR
, InterruptRequest
),
1372 OFFSET(PcIdleHalt
, KPCR
, IdleHalt
),
1373 OFFSET(PcCurrentThread
, KPCR
, CurrentThread
),
1374 OFFSET(PcNextThread
, KPCR
, NextThread
),
1375 OFFSET(PcIdleThread
, KPCR
, IdleThread
),
1376 OFFSET(PcIpiFrozen
, KPCR
, IpiFrozen
),
1377 OFFSET(PcNestingLevel
, KPCR
, NestingLevel
),
1378 OFFSET(PcRspBase
, KPCR
, RspBase
),
1379 OFFSET(PcPrcbLock
, KPCR
, PrcbLock
),
1380 OFFSET(PcSetMember
, KPCR
, SetMember
),
1381 OFFSET(PcCr0
, KPCR
, Cr0
),
1382 OFFSET(PcCr2
, KPCR
, Cr2
),
1383 OFFSET(PcCr3
, KPCR
, Cr3
),
1384 OFFSET(PcCr4
, KPCR
, Cr4
),
1385 OFFSET(PcKernelDr0
, KPCR
, KernelDr0
),
1386 OFFSET(PcKernelDr1
, KPCR
, KernelDr1
),
1387 OFFSET(PcKernelDr2
, KPCR
, KernelDr2
),
1388 OFFSET(PcKernelDr3
, KPCR
, KernelDr3
),
1389 OFFSET(PcKernelDr7
, KPCR
, KernelDr7
),
1390 OFFSET(PcGdtrLimit
, KPCR
, GdtrLimit
),
1391 OFFSET(PcGdtrBase
, KPCR
, GdtrBase
),
1392 OFFSET(PcIdtrLimit
, KPCR
, IdtrLimit
),
1393 OFFSET(PcIdtrBase
, KPCR
, IdtrBase
),
1394 OFFSET(PcTr
, KPCR
, Tr
),
1395 OFFSET(PcLdtr
, KPCR
, Ldtr
),
1396 OFFSET(PcDebugControl
, KPCR
, DebugControl
),
1397 OFFSET(PcLastBranchToRip
, KPCR
, LastBranchToRip
),
1398 OFFSET(PcLastBranchFromRip
, KPCR
, LastBranchFromRip
),
1399 OFFSET(PcLastExceptionToRip
, KPCR
, LastExceptionToRip
),
1400 OFFSET(PcLastExceptionFromRip
, KPCR
, LastExceptionFromRip
),
1401 OFFSET(PcCr8
, KPCR
, Cr8
),
1402 OFFSET(PcCpuType
, KPCR
, CpuType
),
1403 OFFSET(PcCpuID
, KPCR
, CpuID
),
1404 OFFSET(PcCpuStep
, KPCR
, CpuStep
),
1405 OFFSET(PcCpuVendor
, KPCR
, CpuVendor
),
1406 OFFSET(PcVirtualApicAssist
, KPCR
, VirtualApicAssist
),
1407 OFFSET(PcCFlushSize
, KPCR
, CFlushSize
),
1408 OFFSET(PcDeferredReadyListHead
, KPCR
, DeferredReadyListHead
),
1409 OFFSET(PcSystemCalls
, KPCR
, SystemCalls
),
1410 OFFSET(PcDpcRoutineActive
, KPCR
, DpcRoutineActive
),
1411 OFFSET(PcInterruptCount
, KPCR
, InterruptCount
),
1412 OFFSET(PcDebuggerSavedIRQL
, KPCR
, DebuggerSavedIRQL
),
1413 OFFSET(PcTickOffset
, KPCR
, TickOffset
),
1414 OFFSET(PcMasterOffset
, KPCR
, MasterOffset
),
1415 OFFSET(PcSkipTick
, KPCR
, SkipTick
),
1416 OFFSET(PcStartCycles
, KPCR
, StartCycles
),
1417 SIZE(ProcessorControlRegisterLength
, KPCR
),
1419 HEADER("KPROCESSOR_STATE"),
1420 OFFSET(PsSpecialRegisters
, KPROCESSOR_STATE
, SpecialRegisters
),
1421 OFFSET(PsCr0
, KPROCESSOR_STATE
, Cr0
),
1422 OFFSET(PsCr2
, KPROCESSOR_STATE
, Cr2
),
1423 OFFSET(PsCr3
, KPROCESSOR_STATE
, Cr3
),
1424 OFFSET(PsCr4
, KPROCESSOR_STATE
, Cr4
),
1425 OFFSET(PsKernelDr0
, KPROCESSOR_STATE
, KernelDr0
),
1426 OFFSET(PsKernelDr1
, KPROCESSOR_STATE
, KernelDr1
),
1427 OFFSET(PsKernelDr2
, KPROCESSOR_STATE
, KernelDr2
),
1428 OFFSET(PsKernelDr3
, KPROCESSOR_STATE
, KernelDr3
),
1429 OFFSET(PsKernelDr6
, KPROCESSOR_STATE
, KernelDr6
),
1430 OFFSET(PsKernelDr7
, KPROCESSOR_STATE
, KernelDr7
),
1431 OFFSET(PsGdtr
, KPROCESSOR_STATE
, Gdtr
),
1432 OFFSET(PsIdtr
, KPROCESSOR_STATE
, Idtr
),
1433 OFFSET(PsTr
, KPROCESSOR_STATE
, Tr
),
1434 OFFSET(PsLdtr
, KPROCESSOR_STATE
, Ldtr
),
1435 OFFSET(PsMxCsr
, KPROCESSOR_STATE
, MxCsr
),
1436 OFFSET(PsContextFrame
, KPROCESSOR_STATE
, ContextFrame
),
1437 OFFSET(PsDebugControl
, KPROCESSOR_STATE
, DebugControl
),
1438 OFFSET(PsLastBranchToRip
, KPROCESSOR_STATE
, LastBranchToRip
),
1439 OFFSET(PsLastBranchFromRip
, KPROCESSOR_STATE
, LastBranchFromRip
),
1440 OFFSET(PsLastExceptionToRip
, KPROCESSOR_STATE
, LastExceptionToRip
),
1441 OFFSET(PsLastExceptionFromRip
, KPROCESSOR_STATE
, LastExceptionFromRip
),
1442 OFFSET(PsCr8
, KPROCESSOR_STATE
, Cr8
),
1443 SIZE(ProcessorStateLength
, KPROCESSOR_STATE
),
1445 HEADER("KSTART_FRAME"),
1446 OFFSET(SfP1Home
, KSTART_FRAME
, P1Home
),
1447 OFFSET(SfP2Home
, KSTART_FRAME
, P2Home
),
1448 OFFSET(SfP3Home
, KSTART_FRAME
, P3Home
),
1449 OFFSET(SfP4Home
, KSTART_FRAME
, P4Home
),
1450 OFFSET(SfReturn
, KSTART_FRAME
, Return
),
1451 SIZE(KSTART_FRAME_LENGTH
, KSTART_FRAME
),
1453 HEADER("KSPECIAL_REGISTERS"),
1454 OFFSET(SrKernelDr0
, KSPECIAL_REGISTERS
, KernelDr0
),
1455 OFFSET(SrKernelDr1
, KSPECIAL_REGISTERS
, KernelDr1
),
1456 OFFSET(SrKernelDr2
, KSPECIAL_REGISTERS
, KernelDr2
),
1457 OFFSET(SrKernelDr3
, KSPECIAL_REGISTERS
, KernelDr3
),
1458 OFFSET(SrKernelDr6
, KSPECIAL_REGISTERS
, KernelDr6
),
1459 OFFSET(SrKernelDr7
, KSPECIAL_REGISTERS
, KernelDr7
),
1460 OFFSET(SrGdtr
, KSPECIAL_REGISTERS
, Gdtr
),
1461 OFFSET(SrIdtr
, KSPECIAL_REGISTERS
, Idtr
),
1462 OFFSET(SrTr
, KSPECIAL_REGISTERS
, Tr
),
1463 OFFSET(SrMxCsr
, KSPECIAL_REGISTERS
, MxCsr
),
1464 OFFSET(SrMsrGsBase
, KSPECIAL_REGISTERS
, MsrGsBase
),
1465 OFFSET(SrMsrGsSwap
, KSPECIAL_REGISTERS
, MsrGsSwap
),
1466 OFFSET(SrMsrStar
, KSPECIAL_REGISTERS
, MsrStar
),
1467 OFFSET(SrMsrLStar
, KSPECIAL_REGISTERS
, MsrLStar
),
1468 OFFSET(SrMsrCStar
, KSPECIAL_REGISTERS
, MsrCStar
),
1469 OFFSET(SrMsrSyscallMask
, KSPECIAL_REGISTERS
, MsrSyscallMask
),
1471 HEADER("KSYSTEM_TIME"),
1472 OFFSET(StLowTime
, KSYSTEM_TIME
, LowTime
),
1473 OFFSET(StHigh1Time
, KSYSTEM_TIME
, High1Time
),
1474 OFFSET(StHigh2Time
, KSYSTEM_TIME
, High2Time
),
1476 HEADER("KSWITCH_FRAME"),
1477 OFFSET(SwP5Home
, KSWITCH_FRAME
, P5Home
),
1478 OFFSET(SwApcBypass
, KSWITCH_FRAME
, ApcBypass
),
1479 OFFSET(SwRbp
, KSWITCH_FRAME
, Rbp
),
1480 OFFSET(SwReturn
, KSWITCH_FRAME
, Return
),
1481 SIZE(SwitchFrameLength
, KSWITCH_FRAME
),
1482 SIZE(KSWITCH_FRAME_LENGTH
, KSWITCH_FRAME
),
1484 HEADER("KTRAP_FRAME"),
1485 OFFSET(TrP1Home
, KTRAP_FRAME
, P1Home
),
1486 OFFSET(TrP2Home
, KTRAP_FRAME
, P2Home
),
1487 OFFSET(TrP3Home
, KTRAP_FRAME
, P3Home
),
1488 OFFSET(TrP4Home
, KTRAP_FRAME
, P4Home
),
1489 OFFSET(TrP5
, KTRAP_FRAME
, P5
),
1490 OFFSET(TrPreviousMode
, KTRAP_FRAME
, PreviousMode
),
1491 OFFSET(TrPreviousIrql
, KTRAP_FRAME
, PreviousIrql
),
1492 OFFSET(TrFaultIndicator
, KTRAP_FRAME
, FaultIndicator
),
1493 OFFSET(TrExceptionActive
, KTRAP_FRAME
, ExceptionActive
),
1494 OFFSET(TrMxCsr
, KTRAP_FRAME
, MxCsr
),
1495 OFFSET(TrRax
, KTRAP_FRAME
, Rax
),
1496 OFFSET(TrRcx
, KTRAP_FRAME
, Rcx
),
1497 OFFSET(TrRdx
, KTRAP_FRAME
, Rdx
),
1498 OFFSET(TrR8
, KTRAP_FRAME
, R8
),
1499 OFFSET(TrR9
, KTRAP_FRAME
, R9
),
1500 OFFSET(TrR10
, KTRAP_FRAME
, R10
),
1501 OFFSET(TrR11
, KTRAP_FRAME
, R11
),
1502 OFFSET(TrGsBase
, KTRAP_FRAME
, GsBase
),
1503 OFFSET(TrGsSwap
, KTRAP_FRAME
,GsSwap
),
1504 OFFSET(TrXmm0
, KTRAP_FRAME
, Xmm0
),
1505 OFFSET(TrXmm1
, KTRAP_FRAME
, Xmm1
),
1506 OFFSET(TrXmm2
, KTRAP_FRAME
, Xmm2
),
1507 OFFSET(TrXmm3
, KTRAP_FRAME
, Xmm3
),
1508 OFFSET(TrXmm4
, KTRAP_FRAME
, Xmm4
),
1509 OFFSET(TrXmm5
, KTRAP_FRAME
, Xmm5
),
1510 OFFSET(TrFaultAddress
, KTRAP_FRAME
, FaultAddress
),
1511 OFFSET(TrTimeStampCKCL
, KTRAP_FRAME
, TimeStampCKCL
),
1512 OFFSET(TrDr0
, KTRAP_FRAME
, Dr0
),
1513 OFFSET(TrDr1
, KTRAP_FRAME
, Dr1
),
1514 OFFSET(TrDr2
, KTRAP_FRAME
, Dr2
),
1515 OFFSET(TrDr3
, KTRAP_FRAME
, Dr3
),
1516 OFFSET(TrDr6
, KTRAP_FRAME
, Dr6
),
1517 OFFSET(TrDr7
, KTRAP_FRAME
, Dr7
),
1518 OFFSET(TrDebugControl
, KTRAP_FRAME
, DebugControl
),
1519 OFFSET(TrLastBranchToRip
, KTRAP_FRAME
, LastBranchToRip
),
1520 OFFSET(TrLastBranchFromRip
, KTRAP_FRAME
, LastBranchFromRip
),
1521 OFFSET(TrLastExceptionToRip
, KTRAP_FRAME
, LastExceptionToRip
),
1522 OFFSET(TrLastExceptionFromRip
, KTRAP_FRAME
, LastExceptionFromRip
),
1523 OFFSET(TrLastBranchControl
, KTRAP_FRAME
, LastBranchControl
),
1524 OFFSET(TrLastBranchMSR
, KTRAP_FRAME
, LastBranchMSR
),
1525 OFFSET(TrSegDs
, KTRAP_FRAME
, SegDs
),
1526 OFFSET(TrSegEs
, KTRAP_FRAME
, SegEs
),
1527 OFFSET(TrSegFs
, KTRAP_FRAME
, SegFs
),
1528 OFFSET(TrSegGs
, KTRAP_FRAME
, SegGs
),
1529 OFFSET(TrTrapFrame
, KTRAP_FRAME
, TrapFrame
),
1530 OFFSET(TrRbx
, KTRAP_FRAME
, Rbx
),
1531 OFFSET(TrRdi
, KTRAP_FRAME
, Rdi
),
1532 OFFSET(TrRsi
, KTRAP_FRAME
, Rsi
),
1533 OFFSET(TrRbp
, KTRAP_FRAME
, Rbp
),
1534 OFFSET(TrErrorCode
, KTRAP_FRAME
, ErrorCode
),
1535 OFFSET(TrTimeStampKlog
, KTRAP_FRAME
, TimeStampKlog
),
1536 OFFSET(TrRip
, KTRAP_FRAME
, Rip
),
1537 OFFSET(TrSegCs
, KTRAP_FRAME
, SegCs
),
1538 OFFSET(TrLogging
, KTRAP_FRAME
, Logging
),
1539 OFFSET(TrEFlags
, KTRAP_FRAME
, EFlags
),
1540 OFFSET(TrRsp
, KTRAP_FRAME
, Rsp
),
1541 OFFSET(TrSegSs
, KTRAP_FRAME
, SegSs
),
1542 OFFSET(TrCodePatchCycle
, KTRAP_FRAME
, CodePatchCycle
),
1543 SIZE(KTRAP_FRAME_LENGTH
, KTRAP_FRAME
),
1545 HEADER("KTIMER_TABLE"),
1546 OFFSET(TtEntry
, KTIMER_TABLE
, TimerEntries
),
1547 OFFSET(TtTime
, KTIMER_TABLE
, Time
),
1548 SIZE(TIMER_ENTRY_SIZE
, KTIMER_ENTRY
),
1549 SIZE(TIMER_TABLE_SIZE
, KTIMER_TABLE
),
1550 SIZE(KTIMER_TABLE_SIZE
, KTIMER_TABLE
),
1553 OFFSET(TssRsp0
, TYPE
, Rsp0
),
1554 OFFSET(TssRsp1
, TYPE
, Rsp1
),
1555 OFFSET(TssRsp2
, TYPE
, Rsp2
),
1556 OFFSET(TssPanicStack
, TYPE
, PanicStack
),
1557 OFFSET(TssMcaStack
, TYPE
, McaStack
),
1558 OFFSET(TssNmiStack
, TYPE
, NmiStack
),
1559 OFFSET(TssIoMapBase
, TYPE
, IoMapBase
),
1560 SIZE(TssLength
, TYPE
),