2 #include <psdk/ntverp.h>
4 /* DDK/IFS/NDK Headers */
25 #define RAW(x) {0, #x, 0}
26 #define CONSTANT(name) {1, #name, name}
27 #define OFFSET(name, struct, member) {1, #name, FIELD_OFFSET(struct, member)}
28 #define RELOFFSET(name, struct, member, to) {1, #name, FIELD_OFFSET(struct, member) - FIELD_OFFSET(struct, to)}
29 #define SIZE(name, struct) {1, #name, sizeof(struct)}
30 #define HEADER(x) {2, "/* " x " */", 0}
35 /* PORTABLE CONSTANTS ********************************************************/
37 HEADER("Pointer size"),
38 SIZE(SizeofPointer
, PVOID
),
40 HEADER("Breakpoints"),
41 CONSTANT(BREAKPOINT_BREAK
),
42 CONSTANT(BREAKPOINT_PRINT
),
43 CONSTANT(BREAKPOINT_PROMPT
),
44 CONSTANT(BREAKPOINT_LOAD_SYMBOLS
),
45 CONSTANT(BREAKPOINT_UNLOAD_SYMBOLS
),
46 CONSTANT(BREAKPOINT_COMMAND_STRING
),
48 HEADER("Context Frame Flags"),
49 CONSTANT(CONTEXT_FULL
),
50 CONSTANT(CONTEXT_CONTROL
),
51 CONSTANT(CONTEXT_INTEGER
),
52 CONSTANT(CONTEXT_SEGMENTS
),
53 CONSTANT(CONTEXT_FLOATING_POINT
),
54 CONSTANT(CONTEXT_DEBUG_REGISTERS
),
56 HEADER("Exception flags"),
57 CONSTANT(EXCEPTION_NONCONTINUABLE
),
58 CONSTANT(EXCEPTION_UNWINDING
),
59 CONSTANT(EXCEPTION_EXIT_UNWIND
),
60 CONSTANT(EXCEPTION_STACK_INVALID
),
61 CONSTANT(EXCEPTION_NESTED_CALL
),
62 CONSTANT(EXCEPTION_TARGET_UNWIND
),
63 CONSTANT(EXCEPTION_COLLIDED_UNWIND
),
64 CONSTANT(EXCEPTION_UNWIND
),
65 CONSTANT(EXCEPTION_EXECUTE_HANDLER
),
66 CONSTANT(EXCEPTION_CONTINUE_SEARCH
),
67 CONSTANT(EXCEPTION_CONTINUE_EXECUTION
),
69 //CONSTANT(EXCEPTION_CHAIN_END),
70 //CONSTANT(FIXED_NTVDMSTATE_LINEAR),
73 HEADER("Exception types"),
74 CONSTANT(ExceptionContinueExecution
),
75 CONSTANT(ExceptionContinueSearch
),
76 CONSTANT(ExceptionNestedException
),
77 CONSTANT(ExceptionCollidedUnwind
),
80 CONSTANT(LOCK_QUEUE_WAIT
),
81 CONSTANT(LOCK_QUEUE_OWNER
),
82 CONSTANT(LockQueueDispatcherLock
),
84 HEADER("Performance Definitions"),
85 // CONSTANT(PERF_CONTEXTSWAP_OFFSET),
86 // CONSTANT(PERF_CONTEXTSWAP_FLAG),
87 // CONSTANT(PERF_INTERRUPT_OFFSET),
88 // CONSTANT(PERF_INTERRUPT_FLAG),
89 // CONSTANT(PERF_PROFILE_OFFSET),
90 // CONSTANT(PERF_PROFILE_FLAG),
91 // CONSTANT(PERF_SYSCALL_OFFSET),
92 // CONSTANT(PERF_SYSCALL_FLAG),
93 // CONSTANT(NTOS_YIELD_MACRO),
95 HEADER("Process states"),
96 CONSTANT(ProcessInMemory
),
97 CONSTANT(ProcessOutOfMemory
),
98 CONSTANT(ProcessInTransition
),
100 HEADER("Processor mode"),
101 CONSTANT(KernelMode
),
104 HEADER("Status codes"),
105 CONSTANT(STATUS_ACCESS_VIOLATION
),
106 CONSTANT(STATUS_ASSERTION_FAILURE
),
107 CONSTANT(STATUS_ARRAY_BOUNDS_EXCEEDED
),
108 CONSTANT(STATUS_BAD_COMPRESSION_BUFFER
),
109 CONSTANT(STATUS_BREAKPOINT
),
110 CONSTANT(STATUS_CALLBACK_POP_STACK
),
111 CONSTANT(STATUS_DATATYPE_MISALIGNMENT
),
112 CONSTANT(STATUS_FLOAT_DENORMAL_OPERAND
),
113 CONSTANT(STATUS_FLOAT_DIVIDE_BY_ZERO
),
114 CONSTANT(STATUS_FLOAT_INEXACT_RESULT
),
115 CONSTANT(STATUS_FLOAT_INVALID_OPERATION
),
116 CONSTANT(STATUS_FLOAT_OVERFLOW
),
117 CONSTANT(STATUS_FLOAT_STACK_CHECK
),
118 CONSTANT(STATUS_FLOAT_UNDERFLOW
),
119 CONSTANT(STATUS_FLOAT_MULTIPLE_FAULTS
),
120 CONSTANT(STATUS_FLOAT_MULTIPLE_TRAPS
),
121 CONSTANT(STATUS_GUARD_PAGE_VIOLATION
),
122 CONSTANT(STATUS_ILLEGAL_FLOAT_CONTEXT
),
123 CONSTANT(STATUS_ILLEGAL_INSTRUCTION
),
124 CONSTANT(STATUS_INSTRUCTION_MISALIGNMENT
),
125 CONSTANT(STATUS_INVALID_HANDLE
),
126 CONSTANT(STATUS_INVALID_LOCK_SEQUENCE
),
127 CONSTANT(STATUS_INVALID_OWNER
),
128 CONSTANT(STATUS_INVALID_PARAMETER
),
129 CONSTANT(STATUS_INVALID_PARAMETER_1
),
130 CONSTANT(STATUS_INVALID_SYSTEM_SERVICE
),
131 CONSTANT(STATUS_INTEGER_DIVIDE_BY_ZERO
),
132 CONSTANT(STATUS_INTEGER_OVERFLOW
),
133 CONSTANT(STATUS_IN_PAGE_ERROR
),
134 CONSTANT(STATUS_KERNEL_APC
),
135 CONSTANT(STATUS_LONGJUMP
),
136 CONSTANT(STATUS_NO_CALLBACK_ACTIVE
),
137 CONSTANT(STATUS_NO_EVENT_PAIR
),
138 CONSTANT(STATUS_PRIVILEGED_INSTRUCTION
),
139 CONSTANT(STATUS_SINGLE_STEP
),
140 CONSTANT(STATUS_STACK_BUFFER_OVERRUN
),
141 CONSTANT(STATUS_STACK_OVERFLOW
),
142 CONSTANT(STATUS_SUCCESS
),
143 CONSTANT(STATUS_THREAD_IS_TERMINATING
),
144 CONSTANT(STATUS_TIMEOUT
),
145 CONSTANT(STATUS_UNWIND
),
146 CONSTANT(STATUS_UNWIND_CONSOLIDATE
),
147 CONSTANT(STATUS_USER_APC
),
148 CONSTANT(STATUS_WAKE_SYSTEM_DEBUGGER
),
150 HEADER("TLS defines"),
151 CONSTANT(TLS_MINIMUM_AVAILABLE
),
152 CONSTANT(TLS_EXPANSION_SLOTS
),
154 HEADER("Thread states"),
155 CONSTANT(Initialized
),
159 CONSTANT(Terminated
),
162 HEADER("Wait type / reason"),
163 CONSTANT(WrExecutive
),
165 CONSTANT(WrDispatchInt
),
166 CONSTANT(WrQuantumEnd
),
167 CONSTANT(WrEventPair
),
171 HEADER("Interrupt object types"),
172 // CONSTANT(InLevelSensitive),
173 // CONSTANT(InLatched),
175 HEADER("Bug Check Codes"),
176 CONSTANT(APC_INDEX_MISMATCH
),
177 CONSTANT(INVALID_AFFINITY_SET
),
178 CONSTANT(INVALID_DATA_ACCESS_TRAP
),
179 CONSTANT(IRQL_NOT_GREATER_OR_EQUAL
),
180 CONSTANT(IRQL_NOT_LESS_OR_EQUAL
),
181 CONSTANT(NO_USER_MODE_CONTEXT
),
182 CONSTANT(SPIN_LOCK_ALREADY_OWNED
),
183 CONSTANT(SPIN_LOCK_NOT_OWNED
),
184 CONSTANT(THREAD_NOT_MUTEX_OWNER
),
185 CONSTANT(TRAP_CAUSE_UNKNOWN
),
186 CONSTANT(KMODE_EXCEPTION_NOT_HANDLED
),
187 CONSTANT(KERNEL_APC_PENDING_DURING_EXIT
),
188 CONSTANT(PANIC_STACK_SWITCH
),
189 CONSTANT(DATA_BUS_ERROR
),
190 CONSTANT(INSTRUCTION_BUS_ERROR
),
191 CONSTANT(SYSTEM_EXIT_OWNED_MUTEX
),
192 // CONSTANT(SYSTEM_UNWIND_PREVIOUS_USER),
193 // CONSTANT(SYSTEM_SERVICE_EXCEPTION),
194 // CONSTANT(INTERRUPT_UNWIND_ATTEMPTED),
195 // CONSTANT(INTERRUPT_EXCEPTION_NOT_HANDLED),
196 CONSTANT(PAGE_FAULT_WITH_INTERRUPTS_OFF
),
197 CONSTANT(IRQL_GT_ZERO_AT_SYSTEM_SERVICE
),
198 CONSTANT(DATA_COHERENCY_EXCEPTION
),
199 CONSTANT(INSTRUCTION_COHERENCY_EXCEPTION
),
200 CONSTANT(HAL1_INITIALIZATION_FAILED
),
201 CONSTANT(UNEXPECTED_KERNEL_MODE_TRAP
),
202 CONSTANT(NMI_HARDWARE_FAILURE
),
203 CONSTANT(SPIN_LOCK_INIT_FAILURE
),
204 CONSTANT(ATTEMPTED_SWITCH_FROM_DPC
),
205 // CONSTANT(MUTEX_ALREADY_OWNED),
206 // CONSTANT(HARDWARE_INTERRUPT_STORM),
207 // CONSTANT(RECURSIVE_MACHINE_CHECK),
208 // CONSTANT(RECURSIVE_NMI),
211 CONSTANT(PASSIVE_LEVEL
),
213 CONSTANT(DISPATCH_LEVEL
),
215 CONSTANT(CLOCK_LEVEL
),
217 CONSTANT(CLOCK1_LEVEL
),
218 CONSTANT(CLOCK2_LEVEL
),
221 CONSTANT(POWER_LEVEL
),
222 CONSTANT(PROFILE_LEVEL
),
223 CONSTANT(HIGH_LEVEL
),
225 {1, "SYNCH_LEVEL", DISPATCH_LEVEL
},
227 {1, "SYNCH_LEVEL", (IPI_LEVEL
- 2)},
230 HEADER("Miscellaneous Definitions"),
231 // CONSTANT(BASE_PRIORITY_THRESHOLD),
232 // CONSTANT(EVENT_PAIR_INCREMENT),
233 CONSTANT(LOW_REALTIME_PRIORITY
),
234 CONSTANT(CLOCK_QUANTUM_DECREMENT
),
235 // CONSTANT(READY_SKIP_QUANTUM),
236 // CONSTANT(THREAD_QUANTUM),
237 CONSTANT(WAIT_QUANTUM_DECREMENT
),
238 // CONSTANT(ROUND_TRIP_DECREMENT_COUNT),
239 CONSTANT(MAXIMUM_PROCESSORS
),
240 CONSTANT(INITIAL_STALL_COUNT
),
241 CONSTANT(EXCEPTION_EXECUTE_FAULT
),
242 // CONSTANT(KCACHE_ERRATA_MONITOR_FLAGS),
243 // CONSTANT(KI_EXCEPTION_GP_FAULT),
244 // CONSTANT(KI_EXCEPTION_INVALID_OP),
245 // CONSTANT(KI_EXCEPTION_INTEGER_DIVIDE_BY_ZERO),
246 CONSTANT(KI_EXCEPTION_ACCESS_VIOLATION
),
247 // CONSTANT(TARGET_FREEZE),
248 // CONSTANT(BlackHole),
252 CONSTANT(DBG_STATUS_CONTROL_C
),
253 CONSTANT(USER_SHARED_DATA
),
254 // CONSTANT(MM_SHARED_USER_DATA_VA),
256 // CONSTANT(KERNEL_STACK_CONTROL_LARGE_STACK),
258 /* ARCHITECTURE SPECIFIC CONTSTANTS ******************************************/
260 #if defined(_M_AMD64) || defined(_M_IX86)
285 CONSTANT(CR4_XMMEXCPT
),
287 CONSTANT(CR4_CHANNELS
),
290 HEADER("KeFeatureBits flags"),
293 CONSTANT(KF_GLOBAL_PAGE
),
294 CONSTANT(KF_LARGE_PAGE
),
295 CONSTANT(KF_CMPXCHG8B
),
296 CONSTANT(KF_FAST_SYSCALL
),
298 HEADER("Machine type definitions"),
299 CONSTANT(MACHINE_TYPE_ISA
),
300 CONSTANT(MACHINE_TYPE_EISA
),
301 CONSTANT(MACHINE_TYPE_MCA
),
307 HEADER("KDGT selectors"),
308 CONSTANT(KGDT_R3_DATA
),
309 CONSTANT(KGDT_R3_CODE
),
310 CONSTANT(KGDT_R0_CODE
),
311 CONSTANT(KGDT_R0_DATA
),
312 CONSTANT(KGDT_R0_PCR
),
313 // CONSTANT(KGDT_STACK16),
314 // CONSTANT(KGDT_CODE16),
316 CONSTANT(KGDT_R3_TEB
),
317 CONSTANT(KGDT_DF_TSS
),
318 CONSTANT(KGDT_NMI_TSS
),
321 #elif defined(_M_AMD64)
323 HEADER("Hypervisor Enlightenment Definitions"),
324 CONSTANT(HV_MMU_USE_HYPERCALL_FOR_ADDRESS_SWITCH
),
325 CONSTANT(HV_MMU_USE_HYPERCALL_FOR_LOCAL_FLUSH
),
326 CONSTANT(HV_MMU_USE_HYPERCALL_FOR_REMOTE_FLUSH
),
327 CONSTANT(HV_X64_MSR_APIC_EOI
),
328 CONSTANT(HV_APIC_ENLIGHTENED
),
329 CONSTANT(HV_KE_USE_HYPERCALL_FOR_LONG_SPIN_WAIT
),
330 CONSTANT(HV_VIRTUAL_APIC_NO_EOI_REQUIRED_V
),
331 CONSTANT(HvApicFlags
),
333 HEADER("KDGT selectors"),
334 CONSTANT(KGDT64_NULL
),
335 CONSTANT(KGDT64_R0_CODE
),
336 CONSTANT(KGDT64_R0_DATA
),
337 CONSTANT(KGDT64_R3_CMCODE
),
338 CONSTANT(KGDT64_R3_DATA
),
339 CONSTANT(KGDT64_R3_CODE
),
340 CONSTANT(KGDT64_SYS_TSS
),
341 CONSTANT(KGDT64_R3_CMTEB
),
343 HEADER("Machine Specific Register Numbers"),
348 CONSTANT(MSR_SYSCALL_MASK
),
349 CONSTANT(MSR_FS_BASE
),
350 CONSTANT(MSR_GS_BASE
),
351 CONSTANT(MSR_GS_SWAP
),
352 CONSTANT(MSR_MCG_STATUS
),
353 CONSTANT(MSR_AMD_ACCESS
),
355 HEADER("Flags for MSR_EFER"),
361 CONSTANT(MSR_DEGUG_CTL
),
362 CONSTANT(MSR_LAST_BRANCH_FROM
),
363 CONSTANT(MSR_LAST_BRANCH_TO
),
364 CONSTANT(MSR_LAST_EXCEPTION_FROM
),
365 CONSTANT(MSR_LAST_EXCEPTION_TO
),
367 HEADER("Flags for MSR_DEGUG_CTL"),
368 CONSTANT(MSR_DEBUG_CTL_LBR
),
369 CONSTANT(MSR_DEBUG_CRL_BTF
),
371 HEADER("Stack sizes"),
372 CONSTANT(KERNEL_STACK_SIZE
),
373 CONSTANT(KERNEL_LARGE_STACK_SIZE
),
374 CONSTANT(KERNEL_LARGE_STACK_COMMIT
),
375 CONSTANT(DOUBLE_FAULT_STACK_SIZE
),
377 CONSTANT(KERNEL_MCA_EXCEPTION_STACK_SIZE
),
378 CONSTANT(NMI_STACK_SIZE
),
384 HEADER("Fatal exception codes"),
385 CONSTANT(EXCEPTION_DIVIDED_BY_ZERO
),
386 CONSTANT(EXCEPTION_DEBUG
),
387 CONSTANT(EXCEPTION_NMI
),
388 CONSTANT(EXCEPTION_INT3
),
389 CONSTANT(EXCEPTION_BOUND_CHECK
),
390 CONSTANT(EXCEPTION_INVALID_OPCODE
),
391 CONSTANT(EXCEPTION_NPX_NOT_AVAILABLE
),
392 CONSTANT(EXCEPTION_DOUBLE_FAULT
),
393 CONSTANT(EXCEPTION_NPX_OVERRUN
),
394 CONSTANT(EXCEPTION_INVALID_TSS
),
395 CONSTANT(EXCEPTION_SEGMENT_NOT_PRESENT
),
396 CONSTANT(EXCEPTION_STACK_FAULT
),
397 CONSTANT(EXCEPTION_GP_FAULT
),
398 CONSTANT(EXCEPTION_RESERVED_TRAP
),
399 CONSTANT(EXCEPTION_NPX_ERROR
),
400 CONSTANT(EXCEPTION_ALIGNMENT_CHECK
),
404 /* STRUCTURE OFFSETS *********************************************************/
407 OFFSET(CidUniqueProcess
, CLIENT_ID
, UniqueProcess
),
408 OFFSET(CidUniqueThread
, CLIENT_ID
, UniqueThread
),
411 OFFSET(ApType
, KAPC
, Type
),
412 OFFSET(ApSize
, KAPC
, Size
),
413 OFFSET(ApThread
, KAPC
, Thread
),
414 OFFSET(ApApcListEntry
, KAPC
, ApcListEntry
),
415 OFFSET(ApKernelRoutine
, KAPC
, KernelRoutine
),
416 OFFSET(ApRundownRoutine
, KAPC
, RundownRoutine
),
417 OFFSET(ApNormalRoutine
, KAPC
, NormalRoutine
),
418 OFFSET(ApNormalContext
, KAPC
, NormalContext
),
419 OFFSET(ApSystemArgument1
, KAPC
, SystemArgument1
),
420 OFFSET(ApSystemArgument2
, KAPC
, SystemArgument2
),
421 OFFSET(ApApcStateIndex
, KAPC
, ApcStateIndex
),
422 OFFSET(ApApcMode
, KAPC
, ApcMode
),
423 OFFSET(ApInserted
, KAPC
, Inserted
),
424 SIZE(ApcObjectLength
, KAPC
),
426 HEADER("KAPC_STATE"),
427 OFFSET(AsApcListHead
, KAPC_STATE
, ApcListHead
),
428 OFFSET(AsProcess
, KAPC_STATE
, Process
),
429 OFFSET(AsKernelApcInProgress
, KAPC_STATE
, KernelApcInProgress
),
430 OFFSET(AsKernelApcPending
, KAPC_STATE
, KernelApcPending
),
431 OFFSET(AsUserApcPending
, KAPC_STATE
, UserApcPending
),
433 HEADER("RTL_CRITICAL_SECTION"),
434 OFFSET(CsDebugInfo
, RTL_CRITICAL_SECTION
, DebugInfo
),
435 OFFSET(CsLockCount
, RTL_CRITICAL_SECTION
, LockCount
),
436 OFFSET(CsRecursionCount
, RTL_CRITICAL_SECTION
, RecursionCount
),
437 OFFSET(CsOwningThread
, RTL_CRITICAL_SECTION
, OwningThread
),
438 OFFSET(CsLockSemaphore
, RTL_CRITICAL_SECTION
, LockSemaphore
),
439 OFFSET(CsSpinCount
, RTL_CRITICAL_SECTION
, SpinCount
),
441 HEADER("RTL_CRITICAL_SECTION_DEBUG"),
442 OFFSET(CsType
, RTL_CRITICAL_SECTION_DEBUG
, Type
),
443 OFFSET(CsCreatorBackTraceIndex
, RTL_CRITICAL_SECTION_DEBUG
, CreatorBackTraceIndex
),
444 OFFSET(CsCriticalSection
, RTL_CRITICAL_SECTION_DEBUG
, CriticalSection
),
445 OFFSET(CsProcessLocksList
, RTL_CRITICAL_SECTION_DEBUG
, ProcessLocksList
),
446 OFFSET(CsEntryCount
, RTL_CRITICAL_SECTION_DEBUG
, EntryCount
),
447 OFFSET(CsContentionCount
, RTL_CRITICAL_SECTION_DEBUG
, ContentionCount
),
449 HEADER("KDEVICE_QUEUE_ENTRY"),
450 OFFSET(DeDeviceListEntry
, KDEVICE_QUEUE_ENTRY
, DeviceListEntry
),
451 OFFSET(DeSortKey
, KDEVICE_QUEUE_ENTRY
, SortKey
),
452 OFFSET(DeInserted
, KDEVICE_QUEUE_ENTRY
, Inserted
),
453 SIZE(DeviceQueueEntryLength
, KDEVICE_QUEUE_ENTRY
),
456 OFFSET(DpType
, KDPC
, Type
),
457 OFFSET(DpImportance
, KDPC
, Importance
),
458 OFFSET(DpNumber
, KDPC
, Number
),
459 OFFSET(DpDpcListEntry
, KDPC
, DpcListEntry
),
460 OFFSET(DpDeferredRoutine
, KDPC
, DeferredRoutine
),
461 OFFSET(DpDeferredContext
, KDPC
, DeferredContext
),
462 OFFSET(DpSystemArgument1
, KDPC
, SystemArgument1
),
463 OFFSET(DpSystemArgument2
, KDPC
, SystemArgument2
),
464 OFFSET(DpDpcData
, KDPC
, DpcData
),
465 SIZE(DpcObjectLength
, KDPC
),
467 HEADER("KDEVICE_QUEUE"),
468 OFFSET(DvType
, KDEVICE_QUEUE
, Type
),
469 OFFSET(DvSize
, KDEVICE_QUEUE
, Size
),
470 OFFSET(DvDeviceListHead
, KDEVICE_QUEUE
, DeviceListHead
),
471 OFFSET(DvSpinLock
, KDEVICE_QUEUE
, Lock
),
472 OFFSET(DvBusy
, KDEVICE_QUEUE
, Busy
),
473 SIZE(DeviceQueueObjectLength
, KDEVICE_QUEUE
),
475 HEADER("EXCEPTION_RECORD"),
476 OFFSET(ErExceptionCode
, EXCEPTION_RECORD
, ExceptionCode
),
477 OFFSET(ErExceptionFlags
, EXCEPTION_RECORD
, ExceptionFlags
),
478 OFFSET(ErExceptionRecord
, EXCEPTION_RECORD
, ExceptionRecord
),
479 OFFSET(ErExceptionAddress
, EXCEPTION_RECORD
, ExceptionAddress
),
480 OFFSET(ErNumberParameters
, EXCEPTION_RECORD
, NumberParameters
),
481 OFFSET(ErExceptionInformation
, EXCEPTION_RECORD
, ExceptionInformation
),
482 SIZE(ExceptionRecordLength
, EXCEPTION_RECORD
),
483 SIZE(EXCEPTION_RECORD_LENGTH
, EXCEPTION_RECORD
),
486 OFFSET(EpDebugPort
, EPROCESS
, DebugPort
),
487 OFFSET(EpVdmObjects
, EPROCESS
, VdmObjects
),
488 SIZE(ExecutiveProcessObjectLength
, EPROCESS
),
491 OFFSET(EvType
, KEVENT
, Header
.Type
),
492 OFFSET(EvSize
, KEVENT
, Header
.Size
),
493 OFFSET(EvSignalState
, KEVENT
, Header
.SignalState
),
494 OFFSET(EvWaitListHead
, KEVENT
, Header
.WaitListHead
),
495 SIZE(EventObjectLength
, KEVENT
),
497 HEADER("FAST_MUTEX"),
498 OFFSET(FmCount
, FAST_MUTEX
, Count
),
499 OFFSET(FmOwner
, FAST_MUTEX
, Owner
),
500 OFFSET(FmContention
, FAST_MUTEX
, Contention
),
501 OFFSET(FmGate
, FAST_MUTEX
, Gate
),
502 OFFSET(FmOldIrql
, FAST_MUTEX
, OldIrql
),
504 HEADER("KINTERRUPT"),
505 OFFSET(InType
, KINTERRUPT
, Type
),
506 OFFSET(InSize
, KINTERRUPT
, Size
),
507 OFFSET(InInterruptListEntry
, KINTERRUPT
, InterruptListEntry
),
508 OFFSET(InServiceRoutine
, KINTERRUPT
, ServiceRoutine
),
509 OFFSET(InServiceContext
, KINTERRUPT
, ServiceContext
),
510 OFFSET(InSpinLock
, KINTERRUPT
, SpinLock
),
511 OFFSET(InTickCount
, KINTERRUPT
, TickCount
),
512 OFFSET(InActualLock
, KINTERRUPT
, ActualLock
),
513 OFFSET(InDispatchAddress
, KINTERRUPT
, DispatchAddress
),
514 OFFSET(InVector
, KINTERRUPT
, Vector
),
515 OFFSET(InIrql
, KINTERRUPT
, Irql
),
516 OFFSET(InSynchronizeIrql
, KINTERRUPT
, SynchronizeIrql
),
517 OFFSET(InFloatingSave
, KINTERRUPT
, FloatingSave
),
518 OFFSET(InConnected
, KINTERRUPT
, Connected
),
519 OFFSET(InNumber
, KINTERRUPT
, Number
),
520 OFFSET(InShareVector
, KINTERRUPT
, ShareVector
),
521 OFFSET(InMode
, KINTERRUPT
, Mode
),
522 OFFSET(InServiceCount
, KINTERRUPT
, ServiceCount
),
523 OFFSET(InDispatchCount
, KINTERRUPT
, DispatchCount
),
524 // OFFSET(InTrapFrame, KINTERRUPT, TrapFrame),
525 OFFSET(InDispatchCode
, KINTERRUPT
, DispatchCode
),
526 SIZE(InterruptObjectLength
, KINTERRUPT
),
528 HEADER("IO_STATUS_BLOCK"),
529 OFFSET(IoStatus
, IO_STATUS_BLOCK
, Status
),
530 OFFSET(IoPointer
, IO_STATUS_BLOCK
, Pointer
),
531 OFFSET(IoInformation
, IO_STATUS_BLOCK
, Information
),
533 HEADER("KERNEL_STACK_CONTROL"),
534 // OFFSET(KcPreviousBase, KERNEL_STACK_CONTROL, PreviousBase),
535 // OFFSET(KcPreviousLimit, KERNEL_STACK_CONTROL, PreviousLimit),
536 // OFFSET(KcPreviousKernel, KERNEL_STACK_CONTROL, PreviousKernel),
537 // OFFSET(KcPreviousInitial, KERNEL_STACK_CONTROL, PreviousInitial),
538 // SIZE(KERNEL_STACK_CONTROL_LENGTH, KERNEL_STACK_CONTROL),
541 // OFFSET(KnRight, KNODE, Right),
542 // OFFSET(KnLeft, KNODE, Left),
543 OFFSET(KnPfnDereferenceSListHead
, KNODE
, PfnDereferenceSListHead
),
544 OFFSET(KnProcessorMask
, KNODE
, ProcessorMask
),
545 OFFSET(KnColor
, KNODE
, Color
),
546 OFFSET(KnSeed
, KNODE
, Seed
),
547 OFFSET(KnNodeNumber
, KNODE
, NodeNumber
),
548 OFFSET(KnFlags
, KNODE
, Flags
),
549 OFFSET(knMmShiftedColor
, KNODE
, MmShiftedColor
),
550 OFFSET(KnFreeCount
, KNODE
, FreeCount
),
551 OFFSET(KnPfnDeferredList
, KNODE
, PfnDeferredList
),
552 SIZE(KNODE_SIZE
, KNODE
),
554 HEADER("KSPIN_LOCK_QUEUE"),
555 OFFSET(LqNext
, KSPIN_LOCK_QUEUE
, Next
),
556 OFFSET(LqLock
, KSPIN_LOCK_QUEUE
, Lock
),
558 HEADER("KLOCK_QUEUE_HANDLE"),
559 OFFSET(LqhNext
, KLOCK_QUEUE_HANDLE
, LockQueue
.Next
),
560 OFFSET(LqhLock
, KLOCK_QUEUE_HANDLE
, LockQueue
.Lock
),
561 OFFSET(LqhOldIrql
, KLOCK_QUEUE_HANDLE
, OldIrql
),
562 SIZE(LOCK_QUEUE_HEADER_SIZE
, KLOCK_QUEUE_HANDLE
),
564 HEADER("LARGE_INTEGER"),
565 OFFSET(LiLowPart
, LARGE_INTEGER
, LowPart
),
566 OFFSET(LiHighPart
, LARGE_INTEGER
, HighPart
),
568 HEADER("LOADER_PARAMETER_BLOCK (rel. to LoadOrderListHead)"),
569 RELOFFSET(LpbLoadOrderListHead
, LOADER_PARAMETER_BLOCK
, LoadOrderListHead
, LoadOrderListHead
),
570 RELOFFSET(LpbMemoryDescriptorListHead
, LOADER_PARAMETER_BLOCK
, MemoryDescriptorListHead
, LoadOrderListHead
),
571 RELOFFSET(LpbKernelStack
, LOADER_PARAMETER_BLOCK
, KernelStack
, LoadOrderListHead
),
572 RELOFFSET(LpbPrcb
, LOADER_PARAMETER_BLOCK
, Prcb
, LoadOrderListHead
),
573 RELOFFSET(LpbProcess
, LOADER_PARAMETER_BLOCK
, Process
, LoadOrderListHead
),
574 RELOFFSET(LpbThread
, LOADER_PARAMETER_BLOCK
, Thread
, LoadOrderListHead
),
575 RELOFFSET(LpbI386
, LOADER_PARAMETER_BLOCK
, u
.I386
, LoadOrderListHead
),
576 RELOFFSET(LpbRegistryLength
, LOADER_PARAMETER_BLOCK
, RegistryLength
, LoadOrderListHead
),
577 RELOFFSET(LpbRegistryBase
, LOADER_PARAMETER_BLOCK
, RegistryBase
, LoadOrderListHead
),
578 RELOFFSET(LpbConfigurationRoot
, LOADER_PARAMETER_BLOCK
, ConfigurationRoot
, LoadOrderListHead
),
579 RELOFFSET(LpbArcBootDeviceName
, LOADER_PARAMETER_BLOCK
, ArcBootDeviceName
, LoadOrderListHead
),
580 RELOFFSET(LpbArcHalDeviceName
, LOADER_PARAMETER_BLOCK
, ArcHalDeviceName
, LoadOrderListHead
),
581 RELOFFSET(LpbLoadOptions
, LOADER_PARAMETER_BLOCK
, LoadOptions
, LoadOrderListHead
),
583 HEADER("LIST_ENTRY"),
584 OFFSET(LsFlink
, LIST_ENTRY
, Flink
),
585 OFFSET(LsBlink
, LIST_ENTRY
, Blink
),
588 OFFSET(PeKernelCallbackTable
, PEB
, KernelCallbackTable
),
589 SIZE(ProcessEnvironmentBlockLength
, PEB
),
592 OFFSET(PfType
, KPROFILE
, Type
),
593 OFFSET(PfSize
, KPROFILE
, Size
),
594 OFFSET(PfProfileListEntry
, KPROFILE
, ProfileListEntry
),
595 OFFSET(PfProcess
, KPROFILE
, Process
),
596 OFFSET(PfRangeBase
, KPROFILE
, RangeBase
),
597 OFFSET(PfRangeLimit
, KPROFILE
, RangeLimit
),
598 OFFSET(PfBucketShift
, KPROFILE
, BucketShift
),
599 OFFSET(PfBuffer
, KPROFILE
, Buffer
),
600 OFFSET(PfSegment
, KPROFILE
, Segment
),
601 OFFSET(PfAffinity
, KPROFILE
, Affinity
),
602 OFFSET(PfSource
, KPROFILE
, Source
),
603 OFFSET(PfStarted
, KPROFILE
, Started
),
604 SIZE(ProfileObjectLength
, KPROFILE
),
606 HEADER("PORT_MESSAGE"),
607 OFFSET(PmLength
, PORT_MESSAGE
, u1
.Length
),
608 OFFSET(PmZeroInit
, PORT_MESSAGE
, u2
.ZeroInit
),
609 OFFSET(PmClientId
, PORT_MESSAGE
, ClientId
),
610 OFFSET(PmProcess
, PORT_MESSAGE
, ClientId
.UniqueProcess
),
611 OFFSET(PmThread
, PORT_MESSAGE
, ClientId
.UniqueThread
),
612 OFFSET(PmMessageId
, PORT_MESSAGE
, MessageId
),
613 OFFSET(PmClientViewSize
, PORT_MESSAGE
, ClientViewSize
),
614 SIZE(PortMessageLength
, PORT_MESSAGE
),
617 OFFSET(PrType
, KPROCESS
, Header
.Type
),
618 OFFSET(PrSize
, KPROCESS
, Header
.Size
),
619 OFFSET(PrSignalState
, KPROCESS
, Header
.SignalState
),
620 OFFSET(PrProfileListHead
, KPROCESS
, ProfileListHead
),
621 OFFSET(PrDirectoryTableBase
, KPROCESS
, DirectoryTableBase
),
622 OFFSET(PrIopmOffset
, KPROCESS
, IopmOffset
),
623 // OFFSET(PrInstrumentationCallback, KPROCESS, InstrumentationCallback),
624 OFFSET(PrActiveProcessors
, KPROCESS
, ActiveProcessors
),
625 OFFSET(PrKernelTime
, KPROCESS
, KernelTime
),
626 OFFSET(PrUserTime
, KPROCESS
, UserTime
),
627 OFFSET(PrReadyListHead
, KPROCESS
, ReadyListHead
),
628 OFFSET(PrSwapListEntry
, KPROCESS
, SwapListEntry
),
629 OFFSET(PrThreadListHead
, KPROCESS
, ThreadListHead
),
630 OFFSET(PrProcessLock
, KPROCESS
, ProcessLock
),
631 OFFSET(PrAffinity
, KPROCESS
, Affinity
),
632 OFFSET(PrProcessFlags
, KPROCESS
, ProcessFlags
),
633 OFFSET(PrBasePriority
, KPROCESS
, BasePriority
),
634 OFFSET(PrQuantumReset
, KPROCESS
, QuantumReset
),
635 OFFSET(PrState
, KPROCESS
, State
),
636 OFFSET(PrStackCount
, KPROCESS
, StackCount
),
637 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
638 OFFSET(PrCycleTime
, KPROCESS
, CycleTime
),
640 SIZE(KernelProcessObjectLength
, KPROCESS
),
643 OFFSET(QuType
, KQUEUE
, Header
.Type
),
644 OFFSET(QuSize
, KQUEUE
, Header
.Size
),
645 OFFSET(QuSignalState
, KQUEUE
, Header
.SignalState
),
646 OFFSET(QuEntryListHead
, KQUEUE
, EntryListHead
),
647 OFFSET(QuCurrentCount
, KQUEUE
, CurrentCount
),
648 OFFSET(QuMaximumCount
, KQUEUE
, MaximumCount
),
649 OFFSET(QuThreadListHead
, KQUEUE
, ThreadListHead
),
650 SIZE(QueueObjectLength
, KQUEUE
),
653 OFFSET(StrLength
, STRING
, Length
),
654 OFFSET(StrMaximumLength
, STRING
, MaximumLength
),
655 OFFSET(StrBuffer
, STRING
, Buffer
),
658 OFFSET(TeCmTeb
, TEB
, Tib
),
660 OFFSET(TeExceptionList
, TEB
, Tib
.ExceptionList
),
662 OFFSET(TeStackBase
, TEB
, Tib
.StackBase
),
663 OFFSET(TeStackLimit
, TEB
, Tib
.StackLimit
),
664 OFFSET(TeFiberData
, TEB
, Tib
.FiberData
),
665 OFFSET(TeSelf
, TEB
, Tib
.Self
),
666 OFFSET(TeEnvironmentPointer
, TEB
, EnvironmentPointer
),
667 OFFSET(TeClientId
, TEB
, ClientId
),
668 OFFSET(TeActiveRpcHandle
, TEB
, ActiveRpcHandle
),
669 OFFSET(TeThreadLocalStoragePointer
, TEB
, ThreadLocalStoragePointer
),
670 OFFSET(TeCountOfOwnedCriticalSections
, TEB
, CountOfOwnedCriticalSections
),
671 OFFSET(TePeb
, TEB
, ProcessEnvironmentBlock
),
672 OFFSET(TeCsrClientThread
, TEB
, CsrClientThread
),
673 OFFSET(TeWOW32Reserved
, TEB
, WOW32Reserved
),
674 // OFFSET(TeSoftFpcr, TEB, SoftFpcr),
675 OFFSET(TeExceptionCode
, TEB
, ExceptionCode
),
676 OFFSET(TeActivationContextStackPointer
, TEB
, ActivationContextStackPointer
),
677 OFFSET(TeGdiClientPID
, TEB
, GdiClientPID
),
678 OFFSET(TeGdiClientTID
, TEB
, GdiClientTID
),
679 OFFSET(TeGdiThreadLocalInfo
, TEB
, GdiThreadLocalInfo
),
680 OFFSET(TeglDispatchTable
, TEB
, glDispatchTable
),
681 OFFSET(TeglReserved1
, TEB
, glReserved1
),
682 OFFSET(TeglReserved2
, TEB
, glReserved2
),
683 OFFSET(TeglSectionInfo
, TEB
, glSectionInfo
),
684 OFFSET(TeglSection
, TEB
, glSection
),
685 OFFSET(TeglTable
, TEB
, glTable
),
686 OFFSET(TeglCurrentRC
, TEB
, glCurrentRC
),
687 OFFSET(TeglContext
, TEB
, glContext
),
688 OFFSET(TeDeallocationStack
, TEB
, DeallocationStack
),
689 OFFSET(TeTlsSlots
, TEB
, TlsSlots
),
690 OFFSET(TeTlsExpansionSlots
, TEB
, TlsExpansionSlots
),
691 OFFSET(TeLastErrorValue
, TEB
, LastErrorValue
),
692 OFFSET(TeVdm
, TEB
, Vdm
),
693 OFFSET(TeInstrumentation
, TEB
, Instrumentation
),
694 OFFSET(TeGdiBatchCount
, TEB
, GdiBatchCount
),
695 OFFSET(TeGuaranteedStackBytes
, TEB
, GuaranteedStackBytes
),
696 OFFSET(TeFlsData
, TEB
, FlsData
),
697 // OFFSET(TeProcessRundown, TEB, ProcessRundown),
698 SIZE(ThreadEnvironmentBlockLength
, TEB
),
700 HEADER("TIME_FIELDS"),
701 OFFSET(TfSecond
, TIME_FIELDS
, Second
),
702 OFFSET(TfMinute
, TIME_FIELDS
, Minute
),
703 OFFSET(TfHour
, TIME_FIELDS
, Hour
),
704 OFFSET(TfWeekday
, TIME_FIELDS
, Weekday
),
705 OFFSET(TfDay
, TIME_FIELDS
, Day
),
706 OFFSET(TfMonth
, TIME_FIELDS
, Month
),
707 OFFSET(TfYear
, TIME_FIELDS
, Year
),
708 OFFSET(TfMilliseconds
, TIME_FIELDS
, Milliseconds
),
711 OFFSET(ThType
, KTHREAD
, DispatcherHeader
.Type
),
712 // OFFSET(ThNpxIrql, KTHREAD, NpxIrql),
713 OFFSET(ThSize
, KTHREAD
, DispatcherHeader
.Size
),
714 OFFSET(ThDebugActive
, KTHREAD
, DispatcherHeader
.DebugActive
),
715 OFFSET(ThSignalState
, KTHREAD
, DispatcherHeader
.SignalState
),
716 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
717 OFFSET(ThCycleTime
, KTHREAD
, CycleTime
),
719 OFFSET(ThInitialStack
, KTHREAD
, InitialStack
),
720 OFFSET(ThStackLimit
, KTHREAD
, StackLimit
),
721 OFFSET(ThKernelStack
, KTHREAD
, KernelStack
),
722 OFFSET(ThThreadLock
, KTHREAD
, ThreadLock
),
723 OFFSET(ThApcState
, KTHREAD
, ApcState
),
724 OFFSET(ThNextProcessor
, KTHREAD
, NextProcessor
),
725 OFFSET(ThDeferredProcessor
, KTHREAD
, DeferredProcessor
),
726 OFFSET(ThAdjustReason
, KTHREAD
, AdjustReason
),
727 OFFSET(ThAdjustIncrement
, KTHREAD
, AdjustIncrement
),
728 OFFSET(ThApcQueueLock
, KTHREAD
, ApcQueueLock
),
729 OFFSET(ThWaitStatus
, KTHREAD
, WaitStatus
),
730 OFFSET(ThWaitBlockList
, KTHREAD
, WaitBlockList
),
731 OFFSET(ThGateObject
, KTHREAD
, GateObject
),
732 OFFSET(ThWaitReason
, KTHREAD
, WaitReason
),
733 OFFSET(ThPriority
, KTHREAD
, Priority
),
734 OFFSET(ThSwapBusy
, KTHREAD
, SwapBusy
),
735 OFFSET(ThAlerted
, KTHREAD
, Alerted
),
736 OFFSET(ThWaitListEntry
, KTHREAD
, WaitListEntry
),
737 OFFSET(ThSwapListEntry
, KTHREAD
, SwapListEntry
),
738 OFFSET(ThQueue
, KTHREAD
, Queue
),
739 OFFSET(ThTeb
, KTHREAD
, Teb
),
740 OFFSET(ThTimer
, KTHREAD
, Timer
),
741 OFFSET(ThThreadFlags
, KTHREAD
, ThreadFlags
),
742 OFFSET(ThWaitBlock
, KTHREAD
, WaitBlock
),
743 OFFSET(ThPreviousMode
, KTHREAD
, PreviousMode
),
744 OFFSET(ThResourceIndex
, KTHREAD
, ResourceIndex
),
745 OFFSET(ThLargeStack
, KTHREAD
, LargeStack
),
746 OFFSET(ThContextSwitches
, KTHREAD
, ContextSwitches
),
747 OFFSET(ThState
, KTHREAD
, State
),
748 OFFSET(ThNpxState
, KTHREAD
, NpxState
),
749 OFFSET(ThWaitIrql
, KTHREAD
, WaitIrql
),
750 OFFSET(ThWaitMode
, KTHREAD
, WaitMode
),
751 OFFSET(ThWaitTime
, KTHREAD
, WaitTime
),
752 OFFSET(ThCombinedApcDisable
, KTHREAD
, CombinedApcDisable
),
753 OFFSET(ThKernelApcDisable
, KTHREAD
, KernelApcDisable
),
754 OFFSET(ThSpecialApcDisable
, KTHREAD
, SpecialApcDisable
),
755 OFFSET(ThQueueListEntry
, KTHREAD
, QueueListEntry
),
756 OFFSET(ThTrapFrame
, KTHREAD
, TrapFrame
),
757 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
758 OFFSET(ThFirstArgument
, KTHREAD
, FirstArgument
),
760 OFFSET(ThCallbackStack
, KTHREAD
, CallbackStack
),
761 // OFFSET(ThCallbackDepth, KTHREAD, CallbackDepth),
762 OFFSET(ThApcStateIndex
, KTHREAD
, ApcStateIndex
),
763 OFFSET(ThIdealProcessor
, KTHREAD
, IdealProcessor
),
764 OFFSET(ThBasePriority
, KTHREAD
, BasePriority
),
765 OFFSET(ThPriorityDecrement
, KTHREAD
, PriorityDecrement
),
766 OFFSET(ThSaturation
, KTHREAD
, Saturation
),
767 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
768 OFFSET(ThSystemCallNumber
, KTHREAD
, SystemCallNumber
),
770 OFFSET(ThUserAffinity
, KTHREAD
, UserAffinity
),
771 OFFSET(ThProcess
, KTHREAD
, Process
),
772 OFFSET(ThAffinity
, KTHREAD
, Affinity
),
773 OFFSET(ThApcStatePointer
, KTHREAD
, ApcStatePointer
),
774 OFFSET(ThSavedApcState
, KTHREAD
, SavedApcState
),
775 OFFSET(ThFreezeCount
, KTHREAD
, FreezeCount
),
776 OFFSET(ThSuspendCount
, KTHREAD
, SuspendCount
),
777 OFFSET(ThUserIdealProcessor
, KTHREAD
, UserIdealProcessor
),
778 // OFFSET(ThCodePatchInProgress, KTHREAD, CodePatchInProgress),
779 OFFSET(ThWin32Thread
, KTHREAD
, Win32Thread
),
780 OFFSET(ThStackBase
, KTHREAD
, StackBase
),
781 OFFSET(ThSuspendApc
, KTHREAD
, SuspendApc
),
782 OFFSET(ThKernelTime
, KTHREAD
, KernelTime
),
783 OFFSET(ThLegoData
, KTHREAD
, LegoData
),
784 OFFSET(ThPowerState
, KTHREAD
, PowerState
),
785 OFFSET(ThUserTime
, KTHREAD
, UserTime
),
786 OFFSET(ThSuspendSemaphore
, KTHREAD
, SuspendSemaphore
),
787 OFFSET(ThSListFaultCount
, KTHREAD
, SListFaultCount
),
788 OFFSET(ThMutantListHead
, KTHREAD
, MutantListHead
),
789 OFFSET(ThThreadListEntry
, KTHREAD
, ThreadListEntry
),
790 OFFSET(ThSListFaultAddress
, KTHREAD
, SListFaultAddress
),
791 SIZE(KernelThreadObjectLength
, KTHREAD
),
792 SIZE(ExecutiveThreadObjectLength
, ETHREAD
),
795 OFFSET(TiType
, KTIMER
, Header
.Type
),
796 OFFSET(TiSize
, KTIMER
, Header
.Size
),
797 OFFSET(TiInserted
, KTIMER
, Header
.Inserted
),
798 OFFSET(TiSignalState
, KTIMER
, Header
.SignalState
),
799 OFFSET(TiDueTime
, KTIMER
, DueTime
),
800 OFFSET(TiTimerListEntry
, KTIMER
, TimerListEntry
),
801 OFFSET(TiDpc
, KTIMER
, Dpc
),
802 OFFSET(TiPeriod
, KTIMER
, Period
),
803 SIZE(TimerObjectLength
, KTIMER
),
806 // OFFSET(TmLowTime, TIME, LowTime),
807 // OFFSET(TmHighTime, TIME, HighTime),
810 HEADER("SYSTEM_CONTEXT_SWITCH_INFORMATION (relative to FindAny)"),
811 RELOFFSET(TwFindAny
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, FindAny
, FindAny
),
812 RELOFFSET(TwFindIdeal
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, FindIdeal
, FindAny
),
813 RELOFFSET(TwFindLast
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, FindLast
, FindAny
),
814 RELOFFSET(TwIdleAny
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, IdleAny
, FindAny
),
815 RELOFFSET(TwIdleCurrent
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, IdleCurrent
, FindAny
),
816 RELOFFSET(TwIdleIdeal
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, IdleIdeal
, FindAny
),
817 RELOFFSET(TwIdleLast
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, IdleLast
, FindAny
),
818 RELOFFSET(TwPreemptAny
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, PreemptAny
, FindAny
),
819 RELOFFSET(TwPreemptCurrent
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, PreemptCurrent
, FindAny
),
820 RELOFFSET(TwPreemptLast
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, PreemptLast
, FindAny
),
821 RELOFFSET(TwSwitchToIdle
, SYSTEM_CONTEXT_SWITCH_INFORMATION
, SwitchToIdle
, FindAny
),
824 HEADER("KUSER_SHARED_DATA"),
825 OFFSET(UsTickCountMultiplier
, KUSER_SHARED_DATA
, TickCountMultiplier
),
826 OFFSET(UsInterruptTime
, KUSER_SHARED_DATA
, InterruptTime
),
827 OFFSET(UsSystemTime
, KUSER_SHARED_DATA
, SystemTime
),
828 OFFSET(UsTimeZoneBias
, KUSER_SHARED_DATA
, TimeZoneBias
),
829 OFFSET(UsImageNumberLow
, KUSER_SHARED_DATA
, ImageNumberLow
),
830 OFFSET(UsImageNumberHigh
, KUSER_SHARED_DATA
, ImageNumberHigh
),
831 OFFSET(UsNtSystemRoot
, KUSER_SHARED_DATA
, NtSystemRoot
),
832 OFFSET(UsMaxStackTraceDepth
, KUSER_SHARED_DATA
, MaxStackTraceDepth
),
833 OFFSET(UsCryptoExponent
, KUSER_SHARED_DATA
, CryptoExponent
),
834 OFFSET(UsTimeZoneId
, KUSER_SHARED_DATA
, TimeZoneId
),
835 OFFSET(UsLargePageMinimum
, KUSER_SHARED_DATA
, LargePageMinimum
),
836 OFFSET(UsReserved2
, KUSER_SHARED_DATA
, Reserved2
),
837 OFFSET(UsNtProductType
, KUSER_SHARED_DATA
, NtProductType
),
838 OFFSET(UsProductTypeIsValid
, KUSER_SHARED_DATA
, ProductTypeIsValid
),
839 OFFSET(UsNtMajorVersion
, KUSER_SHARED_DATA
, NtMajorVersion
),
840 OFFSET(UsNtMinorVersion
, KUSER_SHARED_DATA
, NtMinorVersion
),
841 OFFSET(UsProcessorFeatures
, KUSER_SHARED_DATA
, ProcessorFeatures
),
842 OFFSET(UsReserved1
, KUSER_SHARED_DATA
, Reserved1
),
843 OFFSET(UsReserved3
, KUSER_SHARED_DATA
, Reserved3
),
844 OFFSET(UsTimeSlip
, KUSER_SHARED_DATA
, TimeSlip
),
845 OFFSET(UsAlternativeArchitecture
, KUSER_SHARED_DATA
, AlternativeArchitecture
),
846 OFFSET(UsSystemExpirationDate
, KUSER_SHARED_DATA
, SystemExpirationDate
),
847 OFFSET(UsSuiteMask
, KUSER_SHARED_DATA
, SuiteMask
),
848 OFFSET(UsKdDebuggerEnabled
, KUSER_SHARED_DATA
, KdDebuggerEnabled
),
849 OFFSET(UsActiveConsoleId
, KUSER_SHARED_DATA
, ActiveConsoleId
),
850 OFFSET(UsDismountCount
, KUSER_SHARED_DATA
, DismountCount
),
851 OFFSET(UsComPlusPackage
, KUSER_SHARED_DATA
, ComPlusPackage
),
852 OFFSET(UsLastSystemRITEventTickCount
, KUSER_SHARED_DATA
, LastSystemRITEventTickCount
),
853 OFFSET(UsNumberOfPhysicalPages
, KUSER_SHARED_DATA
, NumberOfPhysicalPages
),
854 OFFSET(UsSafeBootMode
, KUSER_SHARED_DATA
, SafeBootMode
),
855 OFFSET(UsTestRetInstruction
, KUSER_SHARED_DATA
, TestRetInstruction
),
856 OFFSET(UsSystemCall
, KUSER_SHARED_DATA
, SystemCall
),
857 OFFSET(UsSystemCallReturn
, KUSER_SHARED_DATA
, SystemCallReturn
),
858 OFFSET(UsSystemCallPad
, KUSER_SHARED_DATA
, SystemCallPad
),
859 OFFSET(UsTickCount
, KUSER_SHARED_DATA
, TickCount
),
860 OFFSET(UsTickCountQuad
, KUSER_SHARED_DATA
, TickCountQuad
),
861 OFFSET(UsWow64SharedInformation
, KUSER_SHARED_DATA
, Wow64SharedInformation
),
863 HEADER("KWAIT_BLOCK"),
864 OFFSET(WbWaitListEntry
, KWAIT_BLOCK
, WaitListEntry
),
865 OFFSET(WbThread
, KWAIT_BLOCK
, Thread
),
866 OFFSET(WbObject
, KWAIT_BLOCK
, Object
),
867 OFFSET(WbNextWaitBlock
, KWAIT_BLOCK
, NextWaitBlock
),
868 OFFSET(WbWaitKey
, KWAIT_BLOCK
, WaitKey
),
869 OFFSET(WbWaitType
, KWAIT_BLOCK
, WaitType
),
874 #elif defined(_M_AMD64)
876 HEADER("Argument Home Address"),
877 OFFSET(P1Home
, CONTEXT
, Member
),
878 OFFSET(P2Home
, CONTEXT
, Member
),
879 OFFSET(P3Home
, CONTEXT
, Member
),
880 OFFSET(P4Home
, CONTEXT
, Member
),
883 OFFSET(CxP1Home
, CONTEXT
, P1Home
),
884 OFFSET(CxP2Home
, CONTEXT
, P2Home
),
885 OFFSET(CxP3Home
, CONTEXT
, P3Home
),
886 OFFSET(CxP4Home
, CONTEXT
, P4Home
),
887 OFFSET(CxP5Home
, CONTEXT
, P5Home
),
888 OFFSET(CxP6Home
, CONTEXT
, P6Home
),
889 OFFSET(CxContextFlags
, CONTEXT
, ContextFlags
),
890 OFFSET(CxMxCsr
, CONTEXT
, MxCsr
),
891 OFFSET(CxSegCs
, CONTEXT
, SegCs
),
892 OFFSET(CxSegDs
, CONTEXT
, SegDs
),
893 OFFSET(CxSegEs
, CONTEXT
, SegEs
),
894 OFFSET(CxSegFs
, CONTEXT
, SegFs
),
895 OFFSET(CxSegGs
, CONTEXT
, SegGs
),
896 OFFSET(CxSegSs
, CONTEXT
, SegSs
),
897 OFFSET(CxEFlags
, CONTEXT
, EFlags
),
898 OFFSET(CxDr0
, CONTEXT
, Dr0
),
899 OFFSET(CxDr1
, CONTEXT
, Dr1
),
900 OFFSET(CxDr2
, CONTEXT
, Dr2
),
901 OFFSET(CxDr3
, CONTEXT
, Dr3
),
902 OFFSET(CxDr6
, CONTEXT
, Dr6
),
903 OFFSET(CxDr7
, CONTEXT
, Dr7
),
904 OFFSET(CxRax
, CONTEXT
, Rax
),
905 OFFSET(CxRcx
, CONTEXT
, Rcx
),
906 OFFSET(CxRdx
, CONTEXT
, Rdx
),
907 OFFSET(CxRbx
, CONTEXT
, Rbx
),
908 OFFSET(CxRsp
, CONTEXT
, Rsp
),
909 OFFSET(CxRbp
, CONTEXT
, Rbp
),
910 OFFSET(CxRsi
, CONTEXT
, Rsi
),
911 OFFSET(CxRdi
, CONTEXT
, Rdi
),
912 OFFSET(CxR8
, CONTEXT
, R8
),
913 OFFSET(CxR9
, CONTEXT
, R9
),
914 OFFSET(CxR10
, CONTEXT
, R10
),
915 OFFSET(CxR11
, CONTEXT
, R11
),
916 OFFSET(CxR12
, CONTEXT
, R12
),
917 OFFSET(CxR13
, CONTEXT
, R13
),
918 OFFSET(CxR14
, CONTEXT
, R14
),
919 OFFSET(CxR15
, CONTEXT
, R15
),
920 OFFSET(CxRip
, CONTEXT
, Rip
),
921 OFFSET(CxFltSave
, CONTEXT
, FltSave
),
922 OFFSET(CxXmm0
, CONTEXT
, Xmm0
),
923 OFFSET(CxXmm1
, CONTEXT
, Xmm1
),
924 OFFSET(CxXmm2
, CONTEXT
, Xmm2
),
925 OFFSET(CxXmm3
, CONTEXT
, Xmm3
),
926 OFFSET(CxXmm4
, CONTEXT
, Xmm4
),
927 OFFSET(CxXmm5
, CONTEXT
, Xmm5
),
928 OFFSET(CxXmm6
, CONTEXT
, Xmm6
),
929 OFFSET(CxXmm7
, CONTEXT
, Xmm7
),
930 OFFSET(CxXmm8
, CONTEXT
, Xmm8
),
931 OFFSET(CxXmm9
, CONTEXT
, Xmm9
),
932 OFFSET(CxXmm10
, CONTEXT
, Xmm10
),
933 OFFSET(CxXmm11
, CONTEXT
, Xmm11
),
934 OFFSET(CxXmm12
, CONTEXT
, Xmm12
),
935 OFFSET(CxXmm13
, CONTEXT
, Xmm13
),
936 OFFSET(CxXmm14
, CONTEXT
, Xmm14
),
937 OFFSET(CxXmm15
, CONTEXT
, Xmm15
),
938 OFFSET(CxDebugControl
, CONTEXT
, DebugControl
),
939 OFFSET(CxLastBranchToRip
, CONTEXT
, LastBranchToRip
),
940 OFFSET(CxLastBranchFromRip
, CONTEXT
, LastBranchFromRip
),
941 OFFSET(CxLastExceptionToRip
, CONTEXT
, LastExceptionToRip
),
942 OFFSET(CxLastExceptionFromRip
, CONTEXT
, LastExceptionFromRip
),
943 OFFSET(CxVectorControl
, CONTEXT
, VectorControl
),
944 OFFSET(CxVectorRegister
, CONTEXT
, VectorRegister
),
945 SIZE(CONTEXT_FRAME_LENGTH
, CONTEXT
),
947 HEADER("DISPATCHER_CONTEXT"),
948 OFFSET(DcControlPc
, TYPE
, ControlPc
),
949 OFFSET(DcImageBase
, TYPE
, ImageBase
),
950 OFFSET(DcFunctionEntry
, TYPE
, FunctionEntry
),
951 OFFSET(DcEstablisherFrame
, TYPE
, EstablisherFrame
),
952 OFFSET(DcTargetIp
, TYPE
, TargetIp
),
953 OFFSET(DcContextRecord
, TYPE
, ContextRecord
),
954 OFFSET(DcLanguageHandler
, TYPE
, LanguageHandler
),
955 OFFSET(DcHandlerData
, TYPE
, HandlerData
),
956 OFFSET(DcHistoryTable
, TYPE
, HistoryTable
),
957 OFFSET(DcScopeIndex
, TYPE
, ScopeIndex
),
959 HEADER("KEXCEPTION_FRAME"),
960 OFFSET(ExP1Home
, KEXCEPTION_FRAME
, P1Home
),
961 OFFSET(ExP2Home
, KEXCEPTION_FRAME
, P2Home
),
962 OFFSET(ExP3Home
, KEXCEPTION_FRAME
, P3Home
),
963 OFFSET(ExP4Home
, KEXCEPTION_FRAME
, P4Home
),
964 OFFSET(ExP5
, KEXCEPTION_FRAME
, P5
),
965 OFFSET(ExXmm6
, KEXCEPTION_FRAME
, Xmm6
),
966 OFFSET(ExXmm7
, KEXCEPTION_FRAME
, Xmm7
),
967 OFFSET(ExXmm8
, KEXCEPTION_FRAME
, Xmm8
),
968 OFFSET(ExXmm9
, KEXCEPTION_FRAME
, Xmm9
),
969 OFFSET(ExXmm10
, KEXCEPTION_FRAME
, Xmm10
),
970 OFFSET(ExXmm11
, KEXCEPTION_FRAME
, Xmm11
),
971 OFFSET(ExXmm12
, KEXCEPTION_FRAME
, Xmm12
),
972 OFFSET(ExXmm13
, KEXCEPTION_FRAME
, Xmm13
),
973 OFFSET(ExXmm14
, KEXCEPTION_FRAME
, Xmm14
),
974 OFFSET(ExXmm15
, KEXCEPTION_FRAME
, Xmm15
),
975 OFFSET(ExMxCsr
, KEXCEPTION_FRAME
, MxCsr
),
976 OFFSET(ExRbp
, KEXCEPTION_FRAME
, Rbp
),
977 OFFSET(ExRbx
, KEXCEPTION_FRAME
, Rbx
),
978 OFFSET(ExRdi
, KEXCEPTION_FRAME
, Rdi
),
979 OFFSET(ExRsi
, KEXCEPTION_FRAME
, Rsi
),
980 OFFSET(ExR12
, KEXCEPTION_FRAME
, R12
),
981 OFFSET(ExR13
, KEXCEPTION_FRAME
, R13
),
982 OFFSET(ExR14
, KEXCEPTION_FRAME
, R14
),
983 OFFSET(ExR15
, KEXCEPTION_FRAME
, R15
),
984 OFFSET(ExReturn
, KEXCEPTION_FRAME
, Return
),
985 OFFSET(CuInitialStack
, KEXCEPTION_FRAME
, InitialStack
),
986 OFFSET(CuTrapFrame
, KEXCEPTION_FRAME
, TrapFrame
),
987 OFFSET(CuCallbackStack
, KEXCEPTION_FRAME
, CallbackStack
),
988 OFFSET(CuOutputBuffer
, KEXCEPTION_FRAME
, OutputBuffer
),
989 OFFSET(CuOutputLength
, KEXCEPTION_FRAME
, OutputLength
),
990 SIZE(KEXCEPTION_FRAME_LENGTH
, KEXCEPTION_FRAME
),
992 HEADER("JUMP_BUFFER"),
993 OFFSET(JbFrame
, JUMP_BUFFER
, Frame
),
994 OFFSET(JbRbx
, JUMP_BUFFER
, Rbx
),
995 OFFSET(JbRsp
, JUMP_BUFFER
, Rsp
),
996 OFFSET(JbRbp
, JUMP_BUFFER
, Rbp
),
997 OFFSET(JbRsi
, JUMP_BUFFER
, Rsi
),
998 OFFSET(JbRdi
, JUMP_BUFFER
, Rdi
),
999 OFFSET(JbR12
, JUMP_BUFFER
, R12
),
1000 OFFSET(JbR13
, JUMP_BUFFER
, R13
),
1001 OFFSET(JbR14
, JUMP_BUFFER
, R14
),
1002 OFFSET(JbR15
, JUMP_BUFFER
, R15
),
1003 OFFSET(JbRip
, JUMP_BUFFER
, Rip
),
1004 OFFSET(JbMxCsr
, JUMP_BUFFER
, MxCsr
),
1005 OFFSET(JbFpCsr
, JUMP_BUFFER
, FpCsr
),
1006 OFFSET(JbXmm6
, JUMP_BUFFER
, Xmm6
),
1007 OFFSET(JbXmm7
, JUMP_BUFFER
, Xmm7
),
1008 OFFSET(JbXmm8
, JUMP_BUFFER
, Xmm8
),
1009 OFFSET(JbXmm9
, JUMP_BUFFER
, Xmm9
),
1010 OFFSET(JbXmm10
, JUMP_BUFFER
, Xmm10
),
1011 OFFSET(JbXmm11
, JUMP_BUFFER
, Xmm11
),
1012 OFFSET(JbXmm12
, JUMP_BUFFER
, Xmm12
),
1013 OFFSET(JbXmm13
, JUMP_BUFFER
, Xmm13
),
1014 OFFSET(JbXmm14
, JUMP_BUFFER
, Xmm14
),
1015 OFFSET(JbXmm15
, JUMP_BUFFER
, Xmm15
),
1018 OFFSET(KgdtBaseLow
, KGDT64
, BaseLow
),
1019 OFFSET(KgdtBaseMiddle
, KGDT64
, BaseMiddle
),
1020 OFFSET(KgdtBaseHigh
, KGDT64
, BaseHigh
),
1021 OFFSET(KgdtBaseUpper
, KGDT64
, BaseUpper
),
1022 OFFSET(KgdtLimitHigh
, KGDT64
, LimitHigh
),
1023 OFFSET(KgdtLimitLow
, KGDT64
, LimitLow
),
1024 CONSTANT(KGDT_LIMIT_ENCODE_MASK
),
1027 OFFSET(PbMxCsr
, KPRCB
, MxCsr
),
1028 OFFSET(PbNumber
, KPRCB
, Number
),
1029 OFFSET(PbInterruptRequest
, KPRCB
, InterruptRequest
),
1030 OFFSET(PbIdleHalt
, KPRCB
, IdleHalt
),
1031 OFFSET(PbCurrentThread
, KPRCB
, CurrentThread
),
1032 OFFSET(PbNextThread
, KPRCB
, NextThread
),
1033 OFFSET(PbIdleThread
, KPRCB
, IdleThread
),
1034 OFFSET(PbNestingLevel
, KPRCB
, NestingLevel
),
1035 OFFSET(PbRspBase
, KPRCB
, RspBase
),
1036 OFFSET(PbPrcbLock
, KPRCB
, PrcbLock
),
1037 OFFSET(PbSetMember
, KPRCB
, SetMember
),
1038 OFFSET(PbProcessorState
, KPRCB
, ProcessorState
),
1039 OFFSET(PbCpuType
, KPRCB
, CpuType
),
1040 OFFSET(PbCpuID
, KPRCB
, CpuID
),
1041 OFFSET(PbCpuStep
, KPRCB
, CpuStep
),
1042 OFFSET(PbHalReserved
, KPRCB
, HalReserved
),
1043 OFFSET(PbMinorVersion
, KPRCB
, MinorVersion
),
1044 OFFSET(PbMajorVersion
, KPRCB
, MajorVersion
),
1045 OFFSET(PbBuildType
, KPRCB
, Member
),
1046 OFFSET(PbCpuVendor
, KPRCB
, Member
),
1047 OFFSET(PbCoresPerPhysicalProcessor
, KPRCB
, Member
),
1048 OFFSET(PbLogicalProcessorsPerCore
, KPRCB
, Member
),
1049 OFFSET(PbApicMask
, KPRCB
, Member
),
1050 OFFSET(PbCFlushSize
, KPRCB
, Member
),
1051 OFFSET(PbAcpiReserved
, KPRCB
, Member
),
1052 OFFSET(PbInitialApicId
, KPRCB
, Member
),
1053 OFFSET(PbStride
, KPRCB
, Member
),
1054 OFFSET(PbLockQueue
, KPRCB
, Member
),
1055 OFFSET(PbPPLookasideList
, KPRCB
, Member
),
1056 OFFSET(PbPPNPagedLookasideList
, KPRCB
, Member
),
1057 OFFSET(PbPPPagedLookasideList
, KPRCB
, Member
),
1058 OFFSET(PbPacketBarrier
, KPRCB
, Member
),
1059 OFFSET(PbDeferredReadyListHead
, KPRCB
, Member
),
1060 OFFSET(PbLookasideIrpFloat
, KPRCB
, Member
),
1061 OFFSET(PbSystemCalls
, KPRCB
, Member
),
1062 OFFSET(PbReadOperationCount
, KPRCB
, Member
),
1063 OFFSET(PbWriteOperationCount
, KPRCB
, Member
),
1064 OFFSET(PbOtherOperationCount
, KPRCB
, Member
),
1065 OFFSET(PbReadTransferCount
, KPRCB
, Member
),
1066 OFFSET(PbWriteTransferCount
, KPRCB
, Member
),
1067 OFFSET(PbOtherTransferCount
, KPRCB
, Member
),
1068 OFFSET(PbContextSwitches
, KPRCB
, Member
),
1069 OFFSET(PbTargetSet
, KPRCB
, Member
),
1070 OFFSET(PbIpiFrozen
, KPRCB
, Member
),
1071 OFFSET(PbRequestMailbox
, KPRCB
, Member
),
1072 OFFSET(PbSenderSummary
, KPRCB
, Member
),
1073 OFFSET(PbDpcListHead
, KPRCB
, Member
),
1074 OFFSET(PbDpcLock
, KPRCB
, Member
),
1075 OFFSET(PbDpcQueueDepth
, KPRCB
, Member
),
1076 OFFSET(PbDpcCount
, KPRCB
, Member
),
1077 OFFSET(PbDpcStack
, KPRCB
, Member
),
1078 OFFSET(PbMaximumDpcQueueDepth
, KPRCB
, Member
),
1079 OFFSET(PbDpcRequestRate
, KPRCB
, Member
),
1080 OFFSET(PbMinimumDpcRate
, KPRCB
, Member
),
1081 OFFSET(PbDpcInterruptRequested
, KPRCB
, Member
),
1082 OFFSET(PbDpcThreadRequested
, KPRCB
, Member
),
1083 OFFSET(PbDpcRoutineActive
, KPRCB
, Member
),
1084 OFFSET(PbDpcThreadActive
, KPRCB
, Member
),
1085 OFFSET(PbTimerHand
, KPRCB
, Member
),
1086 OFFSET(PbTimerRequest
, KPRCB
, Member
),
1087 OFFSET(PbTickOffset
, KPRCB
, Member
),
1088 OFFSET(PbMasterOffset
, KPRCB
, Member
),
1089 OFFSET(PbDpcLastCount
, KPRCB
, Member
),
1090 OFFSET(PbQuantumEnd
, KPRCB
, Member
),
1091 OFFSET(PbDpcSetEventRequest
, KPRCB
, Member
),
1092 OFFSET(PbIdleSchedule
, KPRCB
, Member
),
1093 OFFSET(PbReadySummary
, KPRCB
, Member
),
1094 OFFSET(PbDispatcherReadyListHead
, KPRCB
, Member
),
1095 OFFSET(PbInterruptCount
, KPRCB
, Member
),
1096 OFFSET(PbKernelTime
, KPRCB
, Member
),
1097 OFFSET(PbUserTime
, KPRCB
, Member
),
1098 OFFSET(PbDpcTime
, KPRCB
, Member
),
1099 OFFSET(PbInterruptTime
, KPRCB
, Member
),
1100 OFFSET(PbAdjustDpcThreshold
, KPRCB
, Member
),
1101 OFFSET(PbSkipTick
, KPRCB
, Member
),
1102 OFFSET(PbPollSlot
, KPRCB
, Member
),
1103 OFFSET(PbParentNode
, KPRCB
, Member
),
1104 OFFSET(PbMultiThreadProcessorSet
, KPRCB
, Member
),
1105 OFFSET(PbMultiThreadSetMaster
, KPRCB
, Member
),
1106 OFFSET(PbStartCycles
, KPRCB
, Member
),
1107 OFFSET(PbPageColor
, KPRCB
, Member
),
1108 OFFSET(PbNodeColor
, KPRCB
, Member
),
1109 OFFSET(PbNodeShiftedColor
, KPRCB
, Member
),
1110 OFFSET(PbSecondaryColorMask
, KPRCB
, Member
),
1111 OFFSET(PbSleeping
, KPRCB
, Member
),
1112 OFFSET(PbCycleTime
, KPRCB
, Member
),
1113 OFFSET(PbFastReadNoWait
, KPRCB
, Member
),
1114 OFFSET(PbFastReadWait
, KPRCB
, Member
),
1115 OFFSET(PbFastReadNotPossible
, KPRCB
, Member
),
1116 OFFSET(PbCopyReadNoWait
, KPRCB
, Member
),
1117 OFFSET(PbCopyReadWait
, KPRCB
, Member
),
1118 OFFSET(PbCopyReadNoWaitMiss
, KPRCB
, Member
),
1119 OFFSET(PbAlignmentFixupCount
, KPRCB
, Member
),
1120 OFFSET(PbExceptionDispatchCount
, KPRCB
, Member
),
1121 OFFSET(PbVendorString
, KPRCB
, Member
),
1122 OFFSET(PbPowerState
, KPRCB
, Member
),
1123 OFFSET(ProcessorBlockLength
, KPRCB
, Member
),
1126 OFFSET(PcGdt
, KPCR
, Gdt
),
1127 OFFSET(PcTss
, KPCR
, Tss
),
1128 OFFSET(PcUserRsp
, KPCR
, UserRsp
),
1129 OFFSET(PcSelf
, KPCR
, Self
),
1130 OFFSET(PcCurrentPrcb
, KPCR
, CurrentPrcb
),
1131 OFFSET(PcLockArray
, KPCR
, LockArray
),
1132 OFFSET(PcTeb
, KPCR
, Teb
),
1133 OFFSET(PcIdt
, KPCR
, Idt
),
1134 OFFSET(PcIrql
, KPCR
, Irql
),
1135 OFFSET(PcStallScaleFactor
, KPCR
, StallScaleFactor
),
1136 OFFSET(PcHalReserved
, KPCR
, HalReserved
),
1137 OFFSET(PcPrcb
, KPCR
, Prcb
),
1138 OFFSET(PcMxCsr
, KPCR
, MxCsr
),
1139 OFFSET(PcNumber
, KPCR
, Number
),
1140 OFFSET(PcInterruptRequest
, KPCR
, InterruptRequest
),
1141 OFFSET(PcIdleHalt
, KPCR
, IdleHalt
),
1142 OFFSET(PcCurrentThread
, KPCR
, CurrentThread
),
1143 OFFSET(PcNextThread
, KPCR
, NextThread
),
1144 OFFSET(PcIdleThread
, KPCR
, IdleThread
),
1145 OFFSET(PcIpiFrozen
, KPCR
, IpiFrozen
),
1146 OFFSET(PcNestingLevel
, KPCR
, NestingLevel
),
1147 OFFSET(PcRspBase
, KPCR
, RspBase
),
1148 OFFSET(PcPrcbLock
, KPCR
, PrcbLock
),
1149 OFFSET(PcSetMember
, KPCR
, SetMember
),
1150 OFFSET(PcCr0
, KPCR
, Cr0
),
1151 OFFSET(PcCr2
, KPCR
, Cr2
),
1152 OFFSET(PcCr3
, KPCR
, Cr3
),
1153 OFFSET(PcCr4
, KPCR
, Cr4
),
1154 OFFSET(PcKernelDr0
, KPCR
, KernelDr0
),
1155 OFFSET(PcKernelDr1
, KPCR
, KernelDr1
),
1156 OFFSET(PcKernelDr2
, KPCR
, KernelDr2
),
1157 OFFSET(PcKernelDr3
, KPCR
, KernelDr3
),
1158 OFFSET(PcKernelDr7
, KPCR
, KernelDr7
),
1159 OFFSET(PcGdtrLimit
, KPCR
, GdtrLimit
),
1160 OFFSET(PcGdtrBase
, KPCR
, GdtrBase
),
1161 OFFSET(PcIdtrLimit
, KPCR
, IdtrLimit
),
1162 OFFSET(PcIdtrBase
, KPCR
, IdtrBase
),
1163 OFFSET(PcTr
, KPCR
, Tr
),
1164 OFFSET(PcLdtr
, KPCR
, Ldtr
),
1165 OFFSET(PcDebugControl
, KPCR
, DebugControl
),
1166 OFFSET(PcLastBranchToRip
, KPCR
, LastBranchToRip
),
1167 OFFSET(PcLastBranchFromRip
, KPCR
, LastBranchFromRip
),
1168 OFFSET(PcLastExceptionToRip
, KPCR
, LastExceptionToRip
),
1169 OFFSET(PcLastExceptionFromRip
, KPCR
, LastExceptionFromRip
),
1170 OFFSET(PcCr8
, KPCR
, Cr8
),
1171 OFFSET(PcCpuType
, KPCR
, CpuType
),
1172 OFFSET(PcCpuID
, KPCR
, CpuID
),
1173 OFFSET(PcCpuStep
, KPCR
, CpuStep
),
1174 OFFSET(PcCpuVendor
, KPCR
, CpuVendor
),
1175 OFFSET(PcVirtualApicAssist
, KPCR
, VirtualApicAssist
),
1176 OFFSET(PcCFlushSize
, KPCR
, CFlushSize
),
1177 OFFSET(PcDeferredReadyListHead
, KPCR
, DeferredReadyListHead
),
1178 OFFSET(PcSystemCalls
, KPCR
, SystemCalls
),
1179 OFFSET(PcDpcRoutineActive
, KPCR
, DpcRoutineActive
),
1180 OFFSET(PcInterruptCount
, KPCR
, InterruptCount
),
1181 OFFSET(PcDebuggerSavedIRQL
, KPCR
, DebuggerSavedIRQL
),
1182 OFFSET(PcTickOffset
, KPCR
, TickOffset
),
1183 OFFSET(PcMasterOffset
, KPCR
, MasterOffset
),
1184 OFFSET(PcSkipTick
, KPCR
, SkipTick
),
1185 OFFSET(PcStartCycles
, KPCR
, StartCycles
),
1186 SIZE(ProcessorControlRegisterLength
, KPCR
),
1188 HEADER("KPROCESSOR_STATE"),
1189 OFFSET(PsSpecialRegisters
, KPROCESSOR_STATE
, SpecialRegisters
),
1190 OFFSET(PsCr0
, KPROCESSOR_STATE
, Cr0
),
1191 OFFSET(PsCr2
, KPROCESSOR_STATE
, Cr2
),
1192 OFFSET(PsCr3
, KPROCESSOR_STATE
, Cr3
),
1193 OFFSET(PsCr4
, KPROCESSOR_STATE
, Cr4
),
1194 OFFSET(PsKernelDr0
, KPROCESSOR_STATE
, KernelDr0
),
1195 OFFSET(PsKernelDr1
, KPROCESSOR_STATE
, KernelDr1
),
1196 OFFSET(PsKernelDr2
, KPROCESSOR_STATE
, KernelDr2
),
1197 OFFSET(PsKernelDr3
, KPROCESSOR_STATE
, KernelDr3
),
1198 OFFSET(PsKernelDr6
, KPROCESSOR_STATE
, KernelDr6
),
1199 OFFSET(PsKernelDr7
, KPROCESSOR_STATE
, KernelDr7
),
1200 OFFSET(PsGdtr
, KPROCESSOR_STATE
, Gdtr
),
1201 OFFSET(PsIdtr
, KPROCESSOR_STATE
, Idtr
),
1202 OFFSET(PsTr
, KPROCESSOR_STATE
, Tr
),
1203 OFFSET(PsLdtr
, KPROCESSOR_STATE
, Ldtr
),
1204 OFFSET(PsMxCsr
, KPROCESSOR_STATE
, MxCsr
),
1205 OFFSET(PsContextFrame
, KPROCESSOR_STATE
, ContextFrame
),
1206 OFFSET(PsDebugControl
, KPROCESSOR_STATE
, DebugControl
),
1207 OFFSET(PsLastBranchToRip
, KPROCESSOR_STATE
, LastBranchToRip
),
1208 OFFSET(PsLastBranchFromRip
, KPROCESSOR_STATE
, LastBranchFromRip
),
1209 OFFSET(PsLastExceptionToRip
, KPROCESSOR_STATE
, LastExceptionToRip
),
1210 OFFSET(PsLastExceptionFromRip
, KPROCESSOR_STATE
, LastExceptionFromRip
),
1211 OFFSET(PsCr8
, KPROCESSOR_STATE
, Cr8
),
1212 SIZE(ProcessorStateLength
, KPROCESSOR_STATE
),
1214 HEADER("KSTART_FRAME"),
1215 OFFSET(SfP1Home
, KSTART_FRAME
, P1Home
),
1216 OFFSET(SfP2Home
, KSTART_FRAME
, P2Home
),
1217 OFFSET(SfP3Home
, KSTART_FRAME
, P3Home
),
1218 OFFSET(SfP4Home
, KSTART_FRAME
, P4Home
),
1219 OFFSET(SfReturn
, KSTART_FRAME
, Return
),
1220 SIZE(KSTART_FRAME_LENGTH
, KSTART_FRAME
),
1222 HEADER("KSPECIAL_REGISTERS"),
1223 OFFSET(SrKernelDr0
, KSPECIAL_REGISTERS
, KernelDr0
),
1224 OFFSET(SrKernelDr1
, KSPECIAL_REGISTERS
, KernelDr1
),
1225 OFFSET(SrKernelDr2
, KSPECIAL_REGISTERS
, KernelDr2
),
1226 OFFSET(SrKernelDr3
, KSPECIAL_REGISTERS
, KernelDr3
),
1227 OFFSET(SrKernelDr6
, KSPECIAL_REGISTERS
, KernelDr6
),
1228 OFFSET(SrKernelDr7
, KSPECIAL_REGISTERS
, KernelDr7
),
1229 OFFSET(SrGdtr
, KSPECIAL_REGISTERS
, Gdtr
),
1230 OFFSET(SrIdtr
, KSPECIAL_REGISTERS
, Idtr
),
1231 OFFSET(SrTr
, KSPECIAL_REGISTERS
, Tr
),
1232 OFFSET(SrMxCsr
, KSPECIAL_REGISTERS
, MxCsr
),
1233 OFFSET(SrMsrGsBase
, KSPECIAL_REGISTERS
, MsrGsBase
),
1234 OFFSET(SrMsrGsSwap
, KSPECIAL_REGISTERS
, MsrGsSwap
),
1235 OFFSET(SrMsrStar
, KSPECIAL_REGISTERS
, MsrStar
),
1236 OFFSET(SrMsrLStar
, KSPECIAL_REGISTERS
, MsrLStar
),
1237 OFFSET(SrMsrCStar
, KSPECIAL_REGISTERS
, MsrCStar
),
1238 OFFSET(SrMsrSyscallMask
, KSPECIAL_REGISTERS
, MsrSyscallMask
),
1240 HEADER("KSWITCH_FRAME"),
1241 OFFSET(SwP5Home
, KSWITCH_FRAME
, P5Home
),
1242 OFFSET(SwApcBypass
, KSWITCH_FRAME
, ApcBypass
),
1243 OFFSET(SwRbp
, KSWITCH_FRAME
, Rbp
),
1244 OFFSET(SwReturn
, KSWITCH_FRAME
, Return
),
1245 SIZE(KSWITCH_FRAME_LENGTH
, KSWITCH_FRAME
),
1247 HEADER("KTRAP_FRAME"),
1248 OFFSET(TrP1Home
, KTRAP_FRAME
, P1Home
),
1249 OFFSET(TrP2Home
, KTRAP_FRAME
, P2Home
),
1250 OFFSET(TrP3Home
, KTRAP_FRAME
, P3Home
),
1251 OFFSET(TrP4Home
, KTRAP_FRAME
, P4Home
),
1252 OFFSET(TrP5
, KTRAP_FRAME
, P5
),
1253 OFFSET(TrPreviousMode
, KTRAP_FRAME
, PreviousMode
),
1254 OFFSET(TrPreviousIrql
, KTRAP_FRAME
, PreviousIrql
),
1255 OFFSET(TrFaultIndicator
, KTRAP_FRAME
, FaultIndicator
),
1256 OFFSET(TrExceptionActive
, KTRAP_FRAME
, ExceptionActive
),
1257 OFFSET(TrMxCsr
, KTRAP_FRAME
, MxCsr
),
1258 OFFSET(TrRax
, KTRAP_FRAME
, Rax
),
1259 OFFSET(TrRcx
, KTRAP_FRAME
, Rcx
),
1260 OFFSET(TrRdx
, KTRAP_FRAME
, Rdx
),
1261 OFFSET(TrR8
, KTRAP_FRAME
, R8
),
1262 OFFSET(TrR9
, KTRAP_FRAME
, R9
),
1263 OFFSET(TrR10
, KTRAP_FRAME
, R10
),
1264 OFFSET(TrR11
, KTRAP_FRAME
, R11
),
1265 OFFSET(TrGsBase
, KTRAP_FRAME
, GsBase
),
1266 OFFSET(TrGsSwap
, KTRAP_FRAME
,GsSwap
),
1267 OFFSET(TrXmm0
, KTRAP_FRAME
, Xmm0
),
1268 OFFSET(TrXmm1
, KTRAP_FRAME
, Xmm1
),
1269 OFFSET(TrXmm2
, KTRAP_FRAME
, Xmm2
),
1270 OFFSET(TrXmm3
, KTRAP_FRAME
, Xmm3
),
1271 OFFSET(TrXmm4
, KTRAP_FRAME
, Xmm4
),
1272 OFFSET(TrXmm5
, KTRAP_FRAME
, Xmm5
),
1273 OFFSET(TrFaultAddress
, KTRAP_FRAME
, FaultAddress
),
1274 OFFSET(TrTimeStampCKCL
, KTRAP_FRAME
, TimeStampCKCL
),
1275 OFFSET(TrDr0
, KTRAP_FRAME
, Dr0
),
1276 OFFSET(TrDr1
, KTRAP_FRAME
, Dr1
),
1277 OFFSET(TrDr2
, KTRAP_FRAME
, Dr2
),
1278 OFFSET(TrDr3
, KTRAP_FRAME
, Dr3
),
1279 OFFSET(TrDr6
, KTRAP_FRAME
, Dr6
),
1280 OFFSET(TrDr7
, KTRAP_FRAME
, Dr7
),
1281 OFFSET(TrDebugControl
, KTRAP_FRAME
, DebugControl
),
1282 OFFSET(TrLastBranchToRip
, KTRAP_FRAME
, LastBranchToRip
),
1283 OFFSET(TrLastBranchFromRip
, KTRAP_FRAME
, LastBranchFromRip
),
1284 OFFSET(TrLastExceptionToRip
, KTRAP_FRAME
, LastExceptionToRip
),
1285 OFFSET(TrLastExceptionFromRip
, KTRAP_FRAME
, LastExceptionFromRip
),
1286 OFFSET(TrLastBranchControl
, KTRAP_FRAME
, LastBranchControl
),
1287 OFFSET(TrLastBranchMSR
, KTRAP_FRAME
, LastBranchMSR
),
1288 OFFSET(TrSegDs
, KTRAP_FRAME
, SegDs
),
1289 OFFSET(TrSegEs
, KTRAP_FRAME
, SegEs
),
1290 OFFSET(TrSegFs
, KTRAP_FRAME
, SegFs
),
1291 OFFSET(TrSegGs
, KTRAP_FRAME
, SegGs
),
1292 OFFSET(TrTrapFrame
, KTRAP_FRAME
, TrapFrame
),
1293 OFFSET(TrRbx
, KTRAP_FRAME
, Rbx
),
1294 OFFSET(TrRdi
, KTRAP_FRAME
, Rdi
),
1295 OFFSET(TrRsi
, KTRAP_FRAME
, Rsi
),
1296 OFFSET(TrRbp
, KTRAP_FRAME
, Rbp
),
1297 OFFSET(TrErrorCode
, KTRAP_FRAME
, ErrorCode
),
1298 OFFSET(TrTimeStampKlog
, KTRAP_FRAME
, TimeStampKlog
),
1299 OFFSET(TrRip
, KTRAP_FRAME
, Rip
),
1300 OFFSET(TrSegCs
, KTRAP_FRAME
, SegCs
),
1301 OFFSET(TrLogging
, KTRAP_FRAME
, Logging
),
1302 OFFSET(TrEFlags
, KTRAP_FRAME
, EFlags
),
1303 OFFSET(TrRsp
, KTRAP_FRAME
, Rsp
),
1304 OFFSET(TrSegSs
, KTRAP_FRAME
, SegSs
),
1305 OFFSET(TrCodePatchCycle
, KTRAP_FRAME
, CodePatchCycle
),
1306 SIZE(KTRAP_FRAME_LENGTH
, KTRAP_FRAME
),
1308 HEADER("KTIMER_TABLE"),
1309 OFFSET(TtEntry
, KTIMER_TABLE
, TimerEntries
),
1310 OFFSET(TtTime
, KTIMER_TABLE
, Time
),
1311 SIZE(TIMER_ENTRY_SIZE
, KTIMER_ENTRY
),
1312 SIZE(TIMER_TABLE_SIZE
, KTIMER_TABLE
),
1315 OFFSET(TssRsp0
, TYPE
, Rsp0
),
1316 OFFSET(TssRsp1
, TYPE
, Rsp1
),
1317 OFFSET(TssRsp2
, TYPE
, Rsp2
),
1318 OFFSET(TssPanicStack
, TYPE
, PanicStack
),
1319 OFFSET(TssMcaStack
, TYPE
, McaStack
),
1320 OFFSET(TssNmiStack
, TYPE
, NmiStack
),
1321 OFFSET(TssIoMapBase
, TYPE
, IoMapBase
),
1322 SIZE(TssLength
, TYPE
),