add_library(genincdata SHARED genincdata.c)
set_entrypoint(genincdata DummyEntry)
+add_dependencies(genincdata bugcodes)
+endif()
if(MSVC)
set(OPT_MS "-ms")
add_custom_command(
OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/${_filename}.inc
COMMAND native-geninc ${CMAKE_CURRENT_BINARY_DIR}/genincdata.dll ${CMAKE_CURRENT_BINARY_DIR}/${_filename}.inc ${OPT_MS}
- DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/genincdata.dll
+ DEPENDS genincdata
)
add_custom_target(
--- /dev/null
+/*\r
+ * COPYRIGHT: See COPYING in the top level directory\r
+ * PROJECT: ReactOS Kernel\r
+ * FILE: ntoskrnl/include/amd64/asmmacro.S\r
+ * PURPOSE: ASM macros for for GAS and MASM/ML64\r
+ * PROGRAMMERS: Timo Kreuzer (timo.kreuzer@reactos.org)\r
+ */\r
+\r
+#ifdef _USE_ML\r
+\r
+/* Allow ".name" identifiers */\r
+OPTION DOTNAME\r
+\r
+.686P\r
+.XMM\r
+.MODEL FLAT\r
+ASSUME CS:NOTHING, DS:NOTHING, ES:NOTHING, FS:NOTHING, GS:NOTHING\r
+\r
+/* Hex numbers need to be in 01ABh format */\r
+#define HEX(x) 0##x##h\r
+\r
+/* Macro values need to be marked */\r
+#define VAL(x) x\r
+\r
+/* MASM/ML doesn't want explicit [rip] addressing */\r
+rip = 0\r
+\r
+/* Due to MASM's reverse syntax, we are forced to use a precompiler macro */\r
+#define MACRO(name, ...) name MACRO __VA_ARGS__\r
+\r
+/* To avoid reverse syntax we provide a new macro .PROC, replacing PROC... */\r
+.PROC MACRO name\r
+ name PROC FRAME\r
+ _name:\r
+ENDM\r
+\r
+/* ... and .ENDP, replacing ENDP */\r
+.ENDP MACRO name\r
+ name ENDP\r
+ENDM\r
+\r
+/* MASM doesn't have an ASCII macro */\r
+.ASCII MACRO text\r
+ DB text\r
+ENDM\r
+\r
+/* MASM doesn't have an ASCIZ macro */\r
+.ASCIZ MACRO text\r
+ DB text, 0\r
+ENDM\r
+\r
+#define lgdt lgdt fword ptr ds:\r
+\r
+#define lidt lidt fword ptr ds:\r
+\r
+ljmp MACRO segment, offset\r
+ DB 0\r
+ENDM\r
+\r
+.code64 MACRO\r
+ .code\r
+ENDM\r
+\r
+.code32 MACRO\r
+ .code\r
+ .586P\r
+ENDM\r
+\r
+.code16 MACRO\r
+ ASSUME nothing\r
+ .text SEGMENT use16\r
+ENDM\r
+\r
+.endcode16 MACRO\r
+ .text ENDS\r
+ENDM\r
+\r
+.bss MACRO\r
+ .DATA?\r
+ ASSUME nothing\r
+ENDM\r
+\r
+//.text MACRO\r
+//ENDM\r
+\r
+.align MACRO alignment\r
+ ALIGN alignment\r
+ENDM\r
+\r
+.byte MACRO args:VARARG\r
+ db args\r
+ENDM\r
+\r
+.short MACRO args:VARARG\r
+ dw args\r
+ENDM\r
+\r
+.word MACRO args:VARARG\r
+ dw args\r
+ENDM\r
+\r
+.long MACRO args:VARARG\r
+ dd args\r
+ENDM\r
+\r
+.double MACRO args:VARARG\r
+ dq args\r
+ENDM\r
+\r
+.fill MACRO repeat, size, value\r
+// FIXME\r
+ENDM\r
+\r
+ljmp MACRO segment, offset\r
+// FIXME\r
+ENDM\r
+\r
+UNIMPLEMENTED MACRO name\r
+ENDM\r
+\r
+/* We need this to distinguish repeat from macros */\r
+#define ENDR ENDM\r
+\r
+#else /***********************************************************************/\r
+\r
+/* Force intel syntax */\r
+.intel_syntax noprefix\r
+\r
+.altmacro\r
+\r
+/* Hex numbers need to be in 0x1AB format */\r
+#define HEX(y) 0x##y\r
+\r
+/* Macro values need to be marked */\r
+#define VAL(x) \x\r
+\r
+/* Due to MASM's reverse syntax, we are forced to use a precompiler macro */\r
+#define MACRO(...) .macro __VA_ARGS__\r
+#define ENDM .endm\r
+\r
+/* To avoid reverse syntax we provide a new macro .PROC, replacing PROC... */\r
+.macro .PROC name\r
+ .func \name\r
+ \name:\r
+ .cfi_startproc\r
+ .equ cfa_current_offset, -8\r
+.endm\r
+\r
+/* ... and .ENDP, replacing ENDP */\r
+.macro .ENDP name\r
+ .cfi_endproc\r
+ .endfunc\r
+.endm\r
+\r
+/* MASM compatible PUBLIC */\r
+.macro PUBLIC symbol\r
+ .global \symbol\r
+.endm\r
+\r
+/* Dummy ASSUME */\r
+.macro ASSUME p1 p2 p3 p4 p5 p6 p7 p8\r
+.endm\r
+\r
+/* MASM needs an end tag for segments */\r
+.macro .endcode16\r
+.endm\r
+\r
+/* MASM compatible ALIGN */\r
+#define ALIGN .align\r
+\r
+/* MASM compatible REPEAT, additional ENDR */\r
+#define REPEAT .rept\r
+#define ENDR .endr\r
+\r
+.macro ljmp segment, offset\r
+ jmp far ptr \segment:\offset\r
+.endm\r
+\r
+/* MASM compatible EXTERN */\r
+.macro EXTERN name\r
+.endm\r
+\r
+/* MASM needs an END tag */\r
+#define END\r
+\r
+.macro .MODEL model\r
+.endm\r
+\r
+.macro .code\r
+ .text\r
+.endm\r
+\r
+/* Macros for x64 stack unwind OPs */\r
+\r
+.macro .allocstack size\r
+ .cfi_adjust_cfa_offset \size\r
+ .set cfa_current_offset, cfa_current_offset - \size\r
+.endm\r
+\r
+code = 1\r
+.macro .pushframe param=0\r
+ .if (\param)\r
+ .cfi_adjust_cfa_offset 0x30\r
+ .set cfa_current_offset, cfa_current_offset - 0x30\r
+ .else\r
+ .cfi_adjust_cfa_offset 0x28\r
+ .set cfa_current_offset, cfa_current_offset - 0x28\r
+ .endif\r
+.endm\r
+\r
+.macro .pushreg reg\r
+ .cfi_adjust_cfa_offset 8\r
+ .equ cfa_current_offset, cfa_current_offset - 8\r
+ .cfi_offset \reg, cfa_current_offset\r
+.endm\r
+\r
+.macro .savereg reg, offset\r
+ // checkme!!!\r
+ .cfi_offset \reg, \offset\r
+.endm\r
+\r
+.macro .savexmm128 reg, offset\r
+ // checkme!!!\r
+ .cfi_offset \reg, \offset\r
+.endm\r
+\r
+.macro .setframe reg, offset\r
+ .cfi_def_cfa reg, \offset\r
+ .equ cfa_current_offset, \offset\r
+.endm\r
+\r
+.macro .endprolog\r
+.endm\r
+\r
+.macro UNIMPLEMENTED2 file, line, func\r
+\r
+ jmp 3f\r
+1: .asciz "\func"\r
+2: .asciz \file\r
+3:\r
+ sub rsp, 0x20\r
+ lea rcx, MsgUnimplemented[rip]\r
+ lea rdx, 1b[rip]\r
+ lea r8, 2b[rip]\r
+ mov r9, \line\r
+ call DbgPrint\r
+ add rsp, 0x20\r
+.endm\r
+#define UNIMPLEMENTED UNIMPLEMENTED2 __FILE__, __LINE__,\r
+\r
+/* MASM/ML uses ".if" for runtime conditionals, and "if" for compile time\r
+ conditionals. We therefore use "if", too. .if shouldn't be used at all */\r
+#define if .if\r
+#define endif .endif\r
+#define else .else\r
+#define elseif .elseif\r
+\r
+#endif\r
#define TYPE_HEADER 3
#define RAW(x) {TYPE_RAW, x, 0}
-#define CONSTANT(name) {TYPE_CONSTANT, #name, name}
+#define CONSTANT(name) {TYPE_CONSTANT, #name, name > (ULONG)-1 ? (ULONGLONG)name : (ULONG)name}
#define OFFSET(name, struct, member) {TYPE_CONSTANT, #name, FIELD_OFFSET(struct, member)}
#define RELOFFSET(name, struct, member, to) {TYPE_CONSTANT, #name, FIELD_OFFSET(struct, member) - FIELD_OFFSET(struct, to)}
#define SIZE(name, struct) {TYPE_CONSTANT, #name, sizeof(struct)}
{
/* PORTABLE CONSTANTS ********************************************************/
-
- HEADER("Pointer size"),
- SIZE(SizeofPointer, PVOID),
-
- HEADER("Breakpoints"),
- CONSTANT(BREAKPOINT_BREAK),
- CONSTANT(BREAKPOINT_PRINT),
- CONSTANT(BREAKPOINT_PROMPT),
- CONSTANT(BREAKPOINT_LOAD_SYMBOLS),
- CONSTANT(BREAKPOINT_UNLOAD_SYMBOLS),
- CONSTANT(BREAKPOINT_COMMAND_STRING),
-
- HEADER("Context Frame Flags"),
- CONSTANT(CONTEXT_FULL),
- CONSTANT(CONTEXT_CONTROL),
- CONSTANT(CONTEXT_INTEGER),
- CONSTANT(CONTEXT_SEGMENTS),
- CONSTANT(CONTEXT_FLOATING_POINT),
- CONSTANT(CONTEXT_DEBUG_REGISTERS),
-
- HEADER("Exception flags"),
- CONSTANT(EXCEPTION_NONCONTINUABLE),
- CONSTANT(EXCEPTION_UNWINDING),
- CONSTANT(EXCEPTION_EXIT_UNWIND),
- CONSTANT(EXCEPTION_STACK_INVALID),
- CONSTANT(EXCEPTION_NESTED_CALL),
- CONSTANT(EXCEPTION_TARGET_UNWIND),
- CONSTANT(EXCEPTION_COLLIDED_UNWIND),
- CONSTANT(EXCEPTION_UNWIND),
- CONSTANT(EXCEPTION_EXECUTE_HANDLER),
- CONSTANT(EXCEPTION_CONTINUE_SEARCH),
- CONSTANT(EXCEPTION_CONTINUE_EXECUTION),
-#ifdef _X86_
- //CONSTANT(EXCEPTION_CHAIN_END),
- //CONSTANT(FIXED_NTVDMSTATE_LINEAR),
-#endif
-
- HEADER("Exception types"),
- CONSTANT(ExceptionContinueExecution),
- CONSTANT(ExceptionContinueSearch),
- CONSTANT(ExceptionNestedException),
- CONSTANT(ExceptionCollidedUnwind),
-
- HEADER("Lock Queue"),
- CONSTANT(LOCK_QUEUE_WAIT),
- CONSTANT(LOCK_QUEUE_OWNER),
- CONSTANT(LockQueueDispatcherLock),
-
- HEADER("Performance Definitions"),
-// CONSTANT(PERF_CONTEXTSWAP_OFFSET),
-// CONSTANT(PERF_CONTEXTSWAP_FLAG),
-// CONSTANT(PERF_INTERRUPT_OFFSET),
-// CONSTANT(PERF_INTERRUPT_FLAG),
-// CONSTANT(PERF_PROFILE_OFFSET),
-// CONSTANT(PERF_PROFILE_FLAG),
-// CONSTANT(PERF_SYSCALL_OFFSET),
-// CONSTANT(PERF_SYSCALL_FLAG),
-// CONSTANT(PERF_SPINLOCK_OFFSET),
-// CONSTANT(PERF_SPINLOCK_FLAG),
-// CONSTANT(NTOS_YIELD_MACRO),
-
- HEADER("Process states"),
- CONSTANT(ProcessInMemory),
- CONSTANT(ProcessOutOfMemory),
- CONSTANT(ProcessInTransition),
-
- HEADER("Processor mode"),
- CONSTANT(KernelMode),
- CONSTANT(UserMode),
-
- HEADER("Status codes"),
- CONSTANT(STATUS_ACCESS_VIOLATION),
- CONSTANT(STATUS_ASSERTION_FAILURE),
- CONSTANT(STATUS_ARRAY_BOUNDS_EXCEEDED),
- CONSTANT(STATUS_BAD_COMPRESSION_BUFFER),
- CONSTANT(STATUS_BREAKPOINT),
- CONSTANT(STATUS_CALLBACK_POP_STACK),
- CONSTANT(STATUS_DATATYPE_MISALIGNMENT),
- CONSTANT(STATUS_FLOAT_DENORMAL_OPERAND),
- CONSTANT(STATUS_FLOAT_DIVIDE_BY_ZERO),
- CONSTANT(STATUS_FLOAT_INEXACT_RESULT),
- CONSTANT(STATUS_FLOAT_INVALID_OPERATION),
- CONSTANT(STATUS_FLOAT_OVERFLOW),
- CONSTANT(STATUS_FLOAT_STACK_CHECK),
- CONSTANT(STATUS_FLOAT_UNDERFLOW),
- CONSTANT(STATUS_FLOAT_MULTIPLE_FAULTS),
- CONSTANT(STATUS_FLOAT_MULTIPLE_TRAPS),
- CONSTANT(STATUS_GUARD_PAGE_VIOLATION),
- CONSTANT(STATUS_ILLEGAL_FLOAT_CONTEXT),
- CONSTANT(STATUS_ILLEGAL_INSTRUCTION),
- CONSTANT(STATUS_INSTRUCTION_MISALIGNMENT),
- CONSTANT(STATUS_INVALID_HANDLE),
- CONSTANT(STATUS_INVALID_LOCK_SEQUENCE),
- CONSTANT(STATUS_INVALID_OWNER),
- CONSTANT(STATUS_INVALID_PARAMETER),
- CONSTANT(STATUS_INVALID_PARAMETER_1),
- CONSTANT(STATUS_INVALID_SYSTEM_SERVICE),
-// CONSTANT(STATUS_INVALID_THREAD),
- CONSTANT(STATUS_INTEGER_DIVIDE_BY_ZERO),
- CONSTANT(STATUS_INTEGER_OVERFLOW),
- CONSTANT(STATUS_IN_PAGE_ERROR),
- CONSTANT(STATUS_KERNEL_APC),
- CONSTANT(STATUS_LONGJUMP),
- CONSTANT(STATUS_NO_CALLBACK_ACTIVE),
- CONSTANT(STATUS_NO_EVENT_PAIR),
- CONSTANT(STATUS_PRIVILEGED_INSTRUCTION),
- CONSTANT(STATUS_SINGLE_STEP),
- CONSTANT(STATUS_STACK_BUFFER_OVERRUN),
- CONSTANT(STATUS_STACK_OVERFLOW),
- CONSTANT(STATUS_SUCCESS),
- CONSTANT(STATUS_THREAD_IS_TERMINATING),
- CONSTANT(STATUS_TIMEOUT),
- CONSTANT(STATUS_UNWIND),
- CONSTANT(STATUS_UNWIND_CONSOLIDATE),
- CONSTANT(STATUS_USER_APC),
- CONSTANT(STATUS_WAKE_SYSTEM_DEBUGGER),
-
- HEADER("TLS defines"),
- CONSTANT(TLS_MINIMUM_AVAILABLE),
- CONSTANT(TLS_EXPANSION_SLOTS),
-
- HEADER("Thread states"),
- CONSTANT(Initialized),
- CONSTANT(Ready),
- CONSTANT(Running),
- CONSTANT(Standby),
- CONSTANT(Terminated),
- CONSTANT(Waiting),
-
- HEADER("Wait type / reason"),
- CONSTANT(WrExecutive),
- CONSTANT(WrMutex),
- CONSTANT(WrDispatchInt),
- CONSTANT(WrQuantumEnd),
- CONSTANT(WrEventPair),
- CONSTANT(WaitAny),
- CONSTANT(WaitAll),
-
- HEADER("Interrupt object types"),
-// CONSTANT(InLevelSensitive),
-// CONSTANT(InLatched),
-
- HEADER("Bug Check Codes"),
- CONSTANT(APC_INDEX_MISMATCH),
- CONSTANT(INVALID_AFFINITY_SET),
- CONSTANT(INVALID_DATA_ACCESS_TRAP),
- CONSTANT(IRQL_NOT_GREATER_OR_EQUAL),
- CONSTANT(IRQL_NOT_LESS_OR_EQUAL),
- CONSTANT(NO_USER_MODE_CONTEXT),
- CONSTANT(SPIN_LOCK_ALREADY_OWNED),
- CONSTANT(SPIN_LOCK_NOT_OWNED),
- CONSTANT(THREAD_NOT_MUTEX_OWNER),
- CONSTANT(TRAP_CAUSE_UNKNOWN),
- CONSTANT(KMODE_EXCEPTION_NOT_HANDLED),
- CONSTANT(KERNEL_APC_PENDING_DURING_EXIT),
- CONSTANT(PANIC_STACK_SWITCH),
- CONSTANT(DATA_BUS_ERROR),
- CONSTANT(INSTRUCTION_BUS_ERROR),
- CONSTANT(SYSTEM_EXIT_OWNED_MUTEX),
-// CONSTANT(SYSTEM_UNWIND_PREVIOUS_USER),
-// CONSTANT(SYSTEM_SERVICE_EXCEPTION),
-// CONSTANT(INTERRUPT_UNWIND_ATTEMPTED),
-// CONSTANT(INTERRUPT_EXCEPTION_NOT_HANDLED),
- CONSTANT(PAGE_FAULT_WITH_INTERRUPTS_OFF),
- CONSTANT(IRQL_GT_ZERO_AT_SYSTEM_SERVICE),
- CONSTANT(DATA_COHERENCY_EXCEPTION),
- CONSTANT(INSTRUCTION_COHERENCY_EXCEPTION),
- CONSTANT(HAL1_INITIALIZATION_FAILED),
- CONSTANT(UNEXPECTED_KERNEL_MODE_TRAP),
- CONSTANT(NMI_HARDWARE_FAILURE),
- CONSTANT(SPIN_LOCK_INIT_FAILURE),
- CONSTANT(ATTEMPTED_SWITCH_FROM_DPC),
-// CONSTANT(MUTEX_ALREADY_OWNED),
-// CONSTANT(HARDWARE_INTERRUPT_STORM),
-// CONSTANT(RECURSIVE_MACHINE_CHECK),
-// CONSTANT(RECURSIVE_NMI),
-
- HEADER("IRQL"),
- CONSTANT(PASSIVE_LEVEL),
- CONSTANT(APC_LEVEL),
- CONSTANT(DISPATCH_LEVEL),
-#ifdef _M_AMD64
- CONSTANT(CLOCK_LEVEL),
-#else
- CONSTANT(CLOCK1_LEVEL),
- CONSTANT(CLOCK2_LEVEL),
-#endif
- CONSTANT(IPI_LEVEL),
- CONSTANT(POWER_LEVEL),
- CONSTANT(PROFILE_LEVEL),
- CONSTANT(HIGH_LEVEL),
- RAW("#ifdef NT_UP"),
- {1, "SYNCH_LEVEL", DISPATCH_LEVEL},
- RAW("#else"),
- {1, "SYNCH_LEVEL", (IPI_LEVEL - 2)},
- RAW("#endif"),
-
- HEADER("Stack sizes"),
- CONSTANT(KERNEL_STACK_SIZE),
- CONSTANT(KERNEL_LARGE_STACK_SIZE),
- CONSTANT(KERNEL_LARGE_STACK_COMMIT),
-// CONSTANT(DOUBLE_FAULT_STACK_SIZE),
-#ifdef _M_AMD64
- CONSTANT(KERNEL_MCA_EXCEPTION_STACK_SIZE),
- CONSTANT(NMI_STACK_SIZE),
-#endif
-
- HEADER("Thread flags"),
-// CONSTANT(THREAD_FLAGS_CYCLE_PROFILING),
-// CONSTANT(THREAD_FLAGS_CYCLE_PROFILING_LOCK_BIT),
-// CONSTANT(THREAD_FLAGS_CYCLE_PROFILING_LOCK),
-// CONSTANT(THREAD_FLAGS_COUNTER_PROFILING),
-// CONSTANT(THREAD_FLAGS_COUNTER_PROFILING_LOCK_BIT),
-// CONSTANT(THREAD_FLAGS_COUNTER_PROFILING_LOCK),
-// CONSTANT(THREAD_FLAGS_CPU_THROTTLED),
-// CONSTANT(THREAD_FLAGS_CPU_THROTTLED_BIT),
-// CONSTANT(THREAD_FLAGS_ACCOUNTING_ANY),
-
- HEADER("Miscellaneous Definitions"),
-// CONSTANT(BASE_PRIORITY_THRESHOLD),
-// CONSTANT(EVENT_PAIR_INCREMENT),
- CONSTANT(LOW_REALTIME_PRIORITY),
- CONSTANT(CLOCK_QUANTUM_DECREMENT),
-// CONSTANT(READY_SKIP_QUANTUM),
-// CONSTANT(THREAD_QUANTUM),
- CONSTANT(WAIT_QUANTUM_DECREMENT),
-// CONSTANT(ROUND_TRIP_DECREMENT_COUNT),
- CONSTANT(MAXIMUM_PROCESSORS),
- CONSTANT(INITIAL_STALL_COUNT),
-// CONSTANT(EXCEPTION_EXECUTE_FAULT),
-// CONSTANT(KCACHE_ERRATA_MONITOR_FLAGS),
-// CONSTANT(KI_EXCEPTION_GP_FAULT),
-// CONSTANT(KI_EXCEPTION_INVALID_OP),
-// CONSTANT(KI_EXCEPTION_INTEGER_DIVIDE_BY_ZERO),
- CONSTANT(KI_EXCEPTION_ACCESS_VIOLATION),
-// CONSTANT(TARGET_FREEZE),
-// CONSTANT(BlackHole),
- CONSTANT(Executive),
- CONSTANT(FALSE),
- CONSTANT(TRUE),
- CONSTANT(DBG_STATUS_CONTROL_C),
- CONSTANT(USER_SHARED_DATA),
-// CONSTANT(MM_SHARED_USER_DATA_VA),
- CONSTANT(PAGE_SIZE),
-// CONSTANT(KERNEL_STACK_CONTROL_LARGE_STACK),
-// CONSTANT(KI_DPC_ALL_FLAGS),
-// CONSTANT(DISPATCH_LENGTH),
- CONSTANT(MAXIMUM_IDTVECTOR),
-// CONSTANT(MAXIMUM_PRIMARY_VECTOR),
- CONSTANT(PRIMARY_VECTOR_BASE),
- CONSTANT(RPL_MASK),
- CONSTANT(MODE_MASK),
-// CONSTANT(KTHREAD_AUTO_ALIGNMENT_BIT),
-// CONSTANT(KTHREAD_GUI_THREAD_MASK),
-// CONSTANT(KI_SLIST_FAULT_COUNT_MAXIMUM),
- CONSTANT(NUMBER_SERVICE_TABLES),
- CONSTANT(SERVICE_NUMBER_MASK),
- CONSTANT(SERVICE_TABLE_SHIFT),
- CONSTANT(SERVICE_TABLE_MASK),
- CONSTANT(SERVICE_TABLE_TEST),
+#include "ksx.template.h"
/* ARCHITECTURE SPECIFIC CONTSTANTS ******************************************/
-
-#if defined(_M_AMD64) || defined(_M_IX86)
-
- HEADER("CR0 flags"),
- CONSTANT(CR0_PE),
- CONSTANT(CR0_MP),
- CONSTANT(CR0_EM),
- CONSTANT(CR0_TS),
- CONSTANT(CR0_ET),
- CONSTANT(CR0_NE),
- CONSTANT(CR0_WP),
- CONSTANT(CR0_AM),
- CONSTANT(CR0_NW),
- CONSTANT(CR0_CD),
- CONSTANT(CR0_PG),
-
- HEADER("CR4 flags"),
- CONSTANT(CR4_VME),
- CONSTANT(CR4_PVI),
- CONSTANT(CR4_TSD),
- CONSTANT(CR4_DE),
- CONSTANT(CR4_PSE),
- CONSTANT(CR4_PAE),
- CONSTANT(CR4_MCE),
- CONSTANT(CR4_PGE),
- CONSTANT(CR4_FXSR),
- CONSTANT(CR4_XMMEXCPT),
-#if defined(_M_IX86)
-// CONSTANT(CR4_PGE_V),
-// CONSTANT(CR4_XSAVE),
-#elif defined(_M_AMD64)
- CONSTANT(CR4_CHANNELS),
-#endif
-
- HEADER("KeFeatureBits flags"),
- CONSTANT(KF_RDTSC),
- CONSTANT(KF_CR4),
- CONSTANT(KF_GLOBAL_PAGE),
- CONSTANT(KF_LARGE_PAGE),
- CONSTANT(KF_CMPXCHG8B),
- CONSTANT(KF_FAST_SYSCALL),
-#ifdef _M_IX86
- CONSTANT(KF_V86_VIS),
-// CONSTANT(KF_XSTATE),
-#endif
-
- HEADER("Machine type definitions"),
- CONSTANT(MACHINE_TYPE_ISA),
- CONSTANT(MACHINE_TYPE_EISA),
- CONSTANT(MACHINE_TYPE_MCA),
-
-#endif
-
#ifdef _M_IX86
-
- HEADER("EFLAGS"),
- CONSTANT(EFLAGS_TF),
- CONSTANT(EFLAGS_INTERRUPT_MASK),
- CONSTANT(EFLAGS_V86_MASK),
- CONSTANT(EFLAGS_ALIGN_CHECK),
- CONSTANT(EFLAGS_VIF),
- CONSTANT(EFLAGS_VIP),
- CONSTANT(EFLAGS_USER_SANITIZE),
-
- HEADER("KDGT selectors"),
- CONSTANT(KGDT_R3_DATA),
- CONSTANT(KGDT_R3_CODE),
- CONSTANT(KGDT_R0_CODE),
- CONSTANT(KGDT_R0_DATA),
- CONSTANT(KGDT_R0_PCR),
-// CONSTANT(KGDT_STACK16),
-// CONSTANT(KGDT_CODE16),
- CONSTANT(KGDT_TSS),
- CONSTANT(KGDT_R3_TEB),
- CONSTANT(KGDT_DF_TSS),
- CONSTANT(KGDT_NMI_TSS),
- CONSTANT(KGDT_LDT),
-
- CONSTANT(NPX_STATE_NOT_LOADED),
- CONSTANT(NPX_STATE_LOADED),
-// CONSTANT(NPX_MASK_LAZY),
-
-/*
- HEADER("VDM constants"),
- CONSTANT(VDM_INDEX_Invalid),
- CONSTANT(VDM_INDEX_0F),
- CONSTANT(VDM_INDEX_ESPrefix),
- CONSTANT(VDM_INDEX_CSPrefix),
- CONSTANT(VDM_INDEX_SSPrefix),
- CONSTANT(VDM_INDEX_DSPrefix),
- CONSTANT(VDM_INDEX_FSPrefix),
- CONSTANT(VDM_INDEX_GSPrefix),
- CONSTANT(VDM_INDEX_OPER32Prefix),
- CONSTANT(VDM_INDEX_ADDR32Prefix),
- CONSTANT(VDM_INDEX_INSB),
- CONSTANT(VDM_INDEX_INSW),
- CONSTANT(VDM_INDEX_OUTSB),
- CONSTANT(VDM_INDEX_OUTSW),
- CONSTANT(VDM_INDEX_PUSHF),
- CONSTANT(VDM_INDEX_POPF),
- CONSTANT(VDM_INDEX_INTnn),
- CONSTANT(VDM_INDEX_INTO),
- CONSTANT(VDM_INDEX_IRET),
- CONSTANT(VDM_INDEX_NPX),
- CONSTANT(VDM_INDEX_INBimm),
- CONSTANT(VDM_INDEX_INWimm),
- CONSTANT(VDM_INDEX_OUTBimm),
- CONSTANT(VDM_INDEX_OUTWimm),
- CONSTANT(VDM_INDEX_INB),
- CONSTANT(VDM_INDEX_INW),
- CONSTANT(VDM_INDEX_OUTB),
- CONSTANT(VDM_INDEX_OUTW),
- CONSTANT(VDM_INDEX_LOCKPrefix),
- CONSTANT(VDM_INDEX_REPNEPrefix),
- CONSTANT(VDM_INDEX_REPPrefix),
- CONSTANT(VDM_INDEX_CLI),
- CONSTANT(VDM_INDEX_STI),
- CONSTANT(VDM_INDEX_HLT),
- CONSTANT(MAX_VDM_INDEX),
-*/
- CONSTANT(PF_XMMI_INSTRUCTIONS_AVAILABLE),
- CONSTANT(EFLAG_SELECT),
-// CONSTANT(IPI_FREEZE),
-// CONSTANT(XSAVE_PRESENT),
-
+#include "ks386.template.h"
#elif defined(_M_AMD64)
-
- HEADER("EFLAGS"),
- CONSTANT(EFLAGS_TF_MASK),
- CONSTANT(EFLAGS_TF_SHIFT),
- CONSTANT(EFLAGS_IF_MASK),
- CONSTANT(EFLAGS_IF_SHIFT),
- CONSTANT(EFLAGS_ID_MASK),
-
- HEADER("Hypervisor Enlightenment Definitions"),
- CONSTANT(HV_MMU_USE_HYPERCALL_FOR_ADDRESS_SWITCH),
- CONSTANT(HV_MMU_USE_HYPERCALL_FOR_LOCAL_FLUSH),
- CONSTANT(HV_MMU_USE_HYPERCALL_FOR_REMOTE_FLUSH),
- CONSTANT(HV_X64_MSR_APIC_EOI),
- CONSTANT(HV_APIC_ENLIGHTENED),
- CONSTANT(HV_KE_USE_HYPERCALL_FOR_LONG_SPIN_WAIT),
- CONSTANT(HV_VIRTUAL_APIC_NO_EOI_REQUIRED_V),
- CONSTANT(HvApicFlags),
-
- HEADER("KDGT selectors"),
- CONSTANT(KGDT64_NULL),
- CONSTANT(KGDT64_R0_CODE),
- CONSTANT(KGDT64_R0_DATA),
- CONSTANT(KGDT64_R3_CMCODE),
- CONSTANT(KGDT64_R3_DATA),
- CONSTANT(KGDT64_R3_CODE),
- CONSTANT(KGDT64_SYS_TSS),
- CONSTANT(KGDT64_R3_CMTEB),
-
- HEADER("Machine Specific Register Numbers"),
- CONSTANT(MSR_EFER),
- CONSTANT(MSR_STAR),
- CONSTANT(MSR_LSTAR),
- CONSTANT(MSR_CSTAR),
- CONSTANT(MSR_SYSCALL_MASK),
- CONSTANT(MSR_FS_BASE),
- CONSTANT(MSR_GS_BASE),
- CONSTANT(MSR_GS_SWAP),
- CONSTANT(MSR_MCG_STATUS),
- CONSTANT(MSR_AMD_ACCESS),
-
- HEADER("Flags for MSR_EFER"),
- CONSTANT(MSR_LMA),
- CONSTANT(MSR_LME),
- CONSTANT(MSR_SCE),
- CONSTANT(MSR_NXE),
- CONSTANT(MSR_PAT),
- CONSTANT(MSR_DEGUG_CTL),
- CONSTANT(MSR_LAST_BRANCH_FROM),
- CONSTANT(MSR_LAST_BRANCH_TO),
- CONSTANT(MSR_LAST_EXCEPTION_FROM),
- CONSTANT(MSR_LAST_EXCEPTION_TO),
-
- HEADER("Flags for MSR_DEGUG_CTL"),
- CONSTANT(MSR_DEBUG_CTL_LBR),
- CONSTANT(MSR_DEBUG_CRL_BTF),
-
-#endif
-
-#if 0
- HEADER("Fatal exception codes"),
- CONSTANT(EXCEPTION_DIVIDED_BY_ZERO),
- CONSTANT(EXCEPTION_DEBUG),
- CONSTANT(EXCEPTION_NMI),
- CONSTANT(EXCEPTION_INT3),
- CONSTANT(EXCEPTION_BOUND_CHECK),
- CONSTANT(EXCEPTION_INVALID_OPCODE),
- CONSTANT(EXCEPTION_NPX_NOT_AVAILABLE),
- CONSTANT(EXCEPTION_DOUBLE_FAULT),
- CONSTANT(EXCEPTION_NPX_OVERRUN),
- CONSTANT(EXCEPTION_INVALID_TSS),
- CONSTANT(EXCEPTION_SEGMENT_NOT_PRESENT),
- CONSTANT(EXCEPTION_STACK_FAULT),
- CONSTANT(EXCEPTION_GP_FAULT),
- CONSTANT(EXCEPTION_RESERVED_TRAP),
- CONSTANT(EXCEPTION_NPX_ERROR),
- CONSTANT(EXCEPTION_ALIGNMENT_CHECK),
-#endif
-
-
-/* STRUCTURE OFFSETS *********************************************************/
-
- HEADER("KAFFINITY_EX"),
-// OFFSET(AfBitmap, KAFFINITY_EX, Bitmap),
-
- HEADER("Aligned Affinity"),
-// OFFSET(AfsCpuSet, ???, CpuSet),
-
- HEADER("KAPC"),
- OFFSET(ApType, KAPC, Type),
- OFFSET(ApSize, KAPC, Size),
- OFFSET(ApThread, KAPC, Thread),
- OFFSET(ApApcListEntry, KAPC, ApcListEntry),
- OFFSET(ApKernelRoutine, KAPC, KernelRoutine),
- OFFSET(ApRundownRoutine, KAPC, RundownRoutine),
- OFFSET(ApNormalRoutine, KAPC, NormalRoutine),
- OFFSET(ApNormalContext, KAPC, NormalContext),
- OFFSET(ApSystemArgument1, KAPC, SystemArgument1),
- OFFSET(ApSystemArgument2, KAPC, SystemArgument2),
- OFFSET(ApApcStateIndex, KAPC, ApcStateIndex),
- OFFSET(ApApcMode, KAPC, ApcMode),
- OFFSET(ApInserted, KAPC, Inserted),
- SIZE(ApcObjectLength, KAPC),
-
- HEADER("KAPC_STATE"),
- OFFSET(AsApcListHead, KAPC_STATE, ApcListHead),
- OFFSET(AsProcess, KAPC_STATE, Process),
- OFFSET(AsKernelApcInProgress, KAPC_STATE, KernelApcInProgress),
- OFFSET(AsKernelApcPending, KAPC_STATE, KernelApcPending),
- OFFSET(AsUserApcPending, KAPC_STATE, UserApcPending),
-
- HEADER("CLIENT_ID"),
- OFFSET(CidUniqueProcess, CLIENT_ID, UniqueProcess),
- OFFSET(CidUniqueThread, CLIENT_ID, UniqueThread),
-
- HEADER("RTL_CRITICAL_SECTION"),
- OFFSET(CsDebugInfo, RTL_CRITICAL_SECTION, DebugInfo),
- OFFSET(CsLockCount, RTL_CRITICAL_SECTION, LockCount),
- OFFSET(CsRecursionCount, RTL_CRITICAL_SECTION, RecursionCount),
- OFFSET(CsOwningThread, RTL_CRITICAL_SECTION, OwningThread),
- OFFSET(CsLockSemaphore, RTL_CRITICAL_SECTION, LockSemaphore),
- OFFSET(CsSpinCount, RTL_CRITICAL_SECTION, SpinCount),
-
- HEADER("RTL_CRITICAL_SECTION_DEBUG"),
- OFFSET(CsType, RTL_CRITICAL_SECTION_DEBUG, Type),
- OFFSET(CsCreatorBackTraceIndex, RTL_CRITICAL_SECTION_DEBUG, CreatorBackTraceIndex),
- OFFSET(CsCriticalSection, RTL_CRITICAL_SECTION_DEBUG, CriticalSection),
- OFFSET(CsProcessLocksList, RTL_CRITICAL_SECTION_DEBUG, ProcessLocksList),
- OFFSET(CsEntryCount, RTL_CRITICAL_SECTION_DEBUG, EntryCount),
- OFFSET(CsContentionCount, RTL_CRITICAL_SECTION_DEBUG, ContentionCount),
-
- HEADER("KDEVICE_QUEUE_ENTRY"),
- OFFSET(DeDeviceListEntry, KDEVICE_QUEUE_ENTRY, DeviceListEntry),
- OFFSET(DeSortKey, KDEVICE_QUEUE_ENTRY, SortKey),
- OFFSET(DeInserted, KDEVICE_QUEUE_ENTRY, Inserted),
- SIZE(DeviceQueueEntryLength, KDEVICE_QUEUE_ENTRY),
-
- HEADER("KDPC"),
- OFFSET(DpType, KDPC, Type),
- OFFSET(DpImportance, KDPC, Importance),
- OFFSET(DpNumber, KDPC, Number),
- OFFSET(DpDpcListEntry, KDPC, DpcListEntry),
- OFFSET(DpDeferredRoutine, KDPC, DeferredRoutine),
- OFFSET(DpDeferredContext, KDPC, DeferredContext),
- OFFSET(DpSystemArgument1, KDPC, SystemArgument1),
- OFFSET(DpSystemArgument2, KDPC, SystemArgument2),
- OFFSET(DpDpcData, KDPC, DpcData),
- SIZE(DpcObjectLength, KDPC),
-
- HEADER("KDEVICE_QUEUE"),
- OFFSET(DvType, KDEVICE_QUEUE, Type),
- OFFSET(DvSize, KDEVICE_QUEUE, Size),
- OFFSET(DvDeviceListHead, KDEVICE_QUEUE, DeviceListHead),
- OFFSET(DvSpinLock, KDEVICE_QUEUE, Lock),
- OFFSET(DvBusy, KDEVICE_QUEUE, Busy),
- SIZE(DeviceQueueObjectLength, KDEVICE_QUEUE),
-
- HEADER("EXCEPTION_RECORD"),
- OFFSET(ErExceptionCode, EXCEPTION_RECORD, ExceptionCode),
- OFFSET(ErExceptionFlags, EXCEPTION_RECORD, ExceptionFlags),
- OFFSET(ErExceptionRecord, EXCEPTION_RECORD, ExceptionRecord),
- OFFSET(ErExceptionAddress, EXCEPTION_RECORD, ExceptionAddress),
- OFFSET(ErNumberParameters, EXCEPTION_RECORD, NumberParameters),
- OFFSET(ErExceptionInformation, EXCEPTION_RECORD, ExceptionInformation),
- SIZE(ExceptionRecordLength, EXCEPTION_RECORD),
- SIZE(EXCEPTION_RECORD_LENGTH, EXCEPTION_RECORD),
-
- HEADER("EPROCESS"),
- OFFSET(EpDebugPort, EPROCESS, DebugPort),
- OFFSET(EpVdmObjects, EPROCESS, VdmObjects),
- SIZE(ExecutiveProcessObjectLength, EPROCESS),
-
- HEADER("KEVENT"),
- OFFSET(EvType, KEVENT, Header.Type),
- OFFSET(EvSize, KEVENT, Header.Size),
- OFFSET(EvSignalState, KEVENT, Header.SignalState),
- OFFSET(EvWaitListHead, KEVENT, Header.WaitListHead),
- SIZE(EventObjectLength, KEVENT),
-
- HEADER("FAST_MUTEX"),
- OFFSET(FmCount, FAST_MUTEX, Count),
- OFFSET(FmOwner, FAST_MUTEX, Owner),
- OFFSET(FmContention, FAST_MUTEX, Contention),
-// OFFSET(FmGate, FAST_MUTEX, Gate),
- OFFSET(FmOldIrql, FAST_MUTEX, OldIrql),
-
- HEADER("KINTERRUPT"),
- OFFSET(InType, KINTERRUPT, Type),
- OFFSET(InSize, KINTERRUPT, Size),
- OFFSET(InInterruptListEntry, KINTERRUPT, InterruptListEntry),
- OFFSET(InServiceRoutine, KINTERRUPT, ServiceRoutine),
- OFFSET(InServiceContext, KINTERRUPT, ServiceContext),
- OFFSET(InSpinLock, KINTERRUPT, SpinLock),
- OFFSET(InTickCount, KINTERRUPT, TickCount),
- OFFSET(InActualLock, KINTERRUPT, ActualLock),
- OFFSET(InDispatchAddress, KINTERRUPT, DispatchAddress),
- OFFSET(InVector, KINTERRUPT, Vector),
- OFFSET(InIrql, KINTERRUPT, Irql),
- OFFSET(InSynchronizeIrql, KINTERRUPT, SynchronizeIrql),
- OFFSET(InFloatingSave, KINTERRUPT, FloatingSave),
- OFFSET(InConnected, KINTERRUPT, Connected),
- OFFSET(InNumber, KINTERRUPT, Number),
- OFFSET(InShareVector, KINTERRUPT, ShareVector),
- OFFSET(InMode, KINTERRUPT, Mode),
- OFFSET(InServiceCount, KINTERRUPT, ServiceCount),
- OFFSET(InDispatchCount, KINTERRUPT, DispatchCount),
-// OFFSET(InTrapFrame, KINTERRUPT, TrapFrame),
- OFFSET(InDispatchCode, KINTERRUPT, DispatchCode),
- SIZE(InterruptObjectLength, KINTERRUPT),
-
- HEADER("IO_STATUS_BLOCK"),
- OFFSET(IoStatus, IO_STATUS_BLOCK, Status),
- OFFSET(IoPointer, IO_STATUS_BLOCK, Pointer),
- OFFSET(IoInformation, IO_STATUS_BLOCK, Information),
-
-#ifdef _M_IX86
-// Kernel Stack Control Structure Offset (relative to initial stack pointer) Definitions
-// RELOFFSET(KcPreviousBase, KERNEL_STACK_CONTROL, PreviousBase, ???),
-// RELOFFSET(KcPreviousLimit, KERNEL_STACK_CONTROL, PreviousBase, ???),
-// RELOFFSET(KcPreviousKernel, KERNEL_STACK_CONTROL, PreviousBase, ???),
-// RELOFFSET(KcPreviousInitial, KERNEL_STACK_CONTROL, PreviousBase, ???),
-#else
- HEADER("KERNEL_STACK_CONTROL"),
-// OFFSET(KcPreviousBase, KERNEL_STACK_CONTROL, PreviousBase),
-// OFFSET(KcPreviousLimit, KERNEL_STACK_CONTROL, PreviousLimit),
-// OFFSET(KcPreviousKernel, KERNEL_STACK_CONTROL, PreviousKernel),
-// OFFSET(KcPreviousInitial, KERNEL_STACK_CONTROL, PreviousInitial),
-// SIZE(KERNEL_STACK_CONTROL_LENGTH, KERNEL_STACK_CONTROL),
-#endif
-
- HEADER("KNODE"),
-// OFFSET(KnRight, KNODE, Right),
-// OFFSET(KnLeft, KNODE, Left),
- OFFSET(KnPfnDereferenceSListHead, KNODE, PfnDereferenceSListHead),
- OFFSET(KnProcessorMask, KNODE, ProcessorMask),
- OFFSET(KnColor, KNODE, Color),
- OFFSET(KnSeed, KNODE, Seed),
- OFFSET(KnNodeNumber, KNODE, NodeNumber),
- OFFSET(KnFlags, KNODE, Flags),
- OFFSET(knMmShiftedColor, KNODE, MmShiftedColor),
- OFFSET(KnFreeCount, KNODE, FreeCount),
- OFFSET(KnPfnDeferredList, KNODE, PfnDeferredList),
- SIZE(KNODE_SIZE, KNODE),
-
- HEADER("KSPIN_LOCK_QUEUE"),
- OFFSET(LqNext, KSPIN_LOCK_QUEUE, Next),
- OFFSET(LqLock, KSPIN_LOCK_QUEUE, Lock),
-
- HEADER("KLOCK_QUEUE_HANDLE"),
- OFFSET(LqhNext, KLOCK_QUEUE_HANDLE, LockQueue.Next),
- OFFSET(LqhLock, KLOCK_QUEUE_HANDLE, LockQueue.Lock),
- OFFSET(LqhOldIrql, KLOCK_QUEUE_HANDLE, OldIrql),
- SIZE(LOCK_QUEUE_HEADER_SIZE, KLOCK_QUEUE_HANDLE),
-
- HEADER("LARGE_INTEGER"),
- OFFSET(LiLowPart, LARGE_INTEGER, LowPart),
- OFFSET(LiHighPart, LARGE_INTEGER, HighPart),
-#if 0
- HEADER("LOADER_PARAMETER_BLOCK (rel. to LoadOrderListHead)"),
- RELOFFSET(LpbLoadOrderListHead, LOADER_PARAMETER_BLOCK, LoadOrderListHead, LoadOrderListHead),
- RELOFFSET(LpbMemoryDescriptorListHead, LOADER_PARAMETER_BLOCK, MemoryDescriptorListHead, LoadOrderListHead),
- RELOFFSET(LpbKernelStack, LOADER_PARAMETER_BLOCK, KernelStack, LoadOrderListHead),
- RELOFFSET(LpbPrcb, LOADER_PARAMETER_BLOCK, Prcb, LoadOrderListHead),
- RELOFFSET(LpbProcess, LOADER_PARAMETER_BLOCK, Process, LoadOrderListHead),
- RELOFFSET(LpbThread, LOADER_PARAMETER_BLOCK, Thread, LoadOrderListHead),
- RELOFFSET(LpbI386, LOADER_PARAMETER_BLOCK, u.I386, LoadOrderListHead),
- RELOFFSET(LpbRegistryLength, LOADER_PARAMETER_BLOCK, RegistryLength, LoadOrderListHead),
- RELOFFSET(LpbRegistryBase, LOADER_PARAMETER_BLOCK, RegistryBase, LoadOrderListHead),
- RELOFFSET(LpbConfigurationRoot, LOADER_PARAMETER_BLOCK, ConfigurationRoot, LoadOrderListHead),
- RELOFFSET(LpbArcBootDeviceName, LOADER_PARAMETER_BLOCK, ArcBootDeviceName, LoadOrderListHead),
- RELOFFSET(LpbArcHalDeviceName, LOADER_PARAMETER_BLOCK, ArcHalDeviceName, LoadOrderListHead),
- RELOFFSET(LpbLoadOptions, LOADER_PARAMETER_BLOCK, LoadOptions, LoadOrderListHead),
- RELOFFSET(LpbExtension, LOADER_PARAMETER_BLOCK, Extension, LoadOrderListHead),
-#endif
-
- HEADER("LIST_ENTRY"),
- OFFSET(LsFlink, LIST_ENTRY, Flink),
- OFFSET(LsBlink, LIST_ENTRY, Blink),
-
- HEADER("PEB"),
- OFFSET(PeKernelCallbackTable, PEB, KernelCallbackTable),
- SIZE(ProcessEnvironmentBlockLength, PEB),
-
- HEADER("KPROFILE"),
- OFFSET(PfType, KPROFILE, Type),
- OFFSET(PfSize, KPROFILE, Size),
- OFFSET(PfProfileListEntry, KPROFILE, ProfileListEntry),
- OFFSET(PfProcess, KPROFILE, Process),
- OFFSET(PfRangeBase, KPROFILE, RangeBase),
- OFFSET(PfRangeLimit, KPROFILE, RangeLimit),
- OFFSET(PfBucketShift, KPROFILE, BucketShift),
- OFFSET(PfBuffer, KPROFILE, Buffer),
- OFFSET(PfSegment, KPROFILE, Segment),
- OFFSET(PfAffinity, KPROFILE, Affinity),
- OFFSET(PfSource, KPROFILE, Source),
- OFFSET(PfStarted, KPROFILE, Started),
- SIZE(ProfileObjectLength, KPROFILE),
-
- HEADER("PORT_MESSAGE"),
- OFFSET(PmLength, PORT_MESSAGE, u1.Length),
- OFFSET(PmZeroInit, PORT_MESSAGE, u2.ZeroInit),
- OFFSET(PmClientId, PORT_MESSAGE, ClientId),
- OFFSET(PmProcess, PORT_MESSAGE, ClientId.UniqueProcess),
- OFFSET(PmThread, PORT_MESSAGE, ClientId.UniqueThread),
- OFFSET(PmMessageId, PORT_MESSAGE, MessageId),
- OFFSET(PmClientViewSize, PORT_MESSAGE, ClientViewSize),
- SIZE(PortMessageLength, PORT_MESSAGE),
-
- HEADER("KPROCESS"),
- OFFSET(PrType, KPROCESS, Header.Type),
- OFFSET(PrSize, KPROCESS, Header.Size),
- OFFSET(PrSignalState, KPROCESS, Header.SignalState),
- OFFSET(PrProfileListHead, KPROCESS, ProfileListHead),
- OFFSET(PrDirectoryTableBase, KPROCESS, DirectoryTableBase),
-#ifdef _M_IX86
- OFFSET(PrLdtDescriptor, KPROCESS, LdtDescriptor),
-#endif
- OFFSET(PrIopmOffset, KPROCESS, IopmOffset),
-#ifdef _M_IX86
- OFFSET(PrInt21Descriptor, KPROCESS, Int21Descriptor),
- OFFSET(PrVdmTrapcHandler, KPROCESS, VdmTrapcHandler),
-// OFFSET(PrVdmObjects, KPROCESS, VdmObjects),
- OFFSET(PrFlags, KPROCESS, Flags),
-#endif
-// OFFSET(PrInstrumentationCallback, KPROCESS, InstrumentationCallback),
- OFFSET(PrActiveProcessors, KPROCESS, ActiveProcessors),
- OFFSET(PrKernelTime, KPROCESS, KernelTime),
- OFFSET(PrUserTime, KPROCESS, UserTime),
- OFFSET(PrReadyListHead, KPROCESS, ReadyListHead),
- OFFSET(PrSwapListEntry, KPROCESS, SwapListEntry),
- OFFSET(PrThreadListHead, KPROCESS, ThreadListHead),
- OFFSET(PrProcessLock, KPROCESS, ProcessLock),
- OFFSET(PrAffinity, KPROCESS, Affinity),
- OFFSET(PrProcessFlags, KPROCESS, ProcessFlags),
- OFFSET(PrBasePriority, KPROCESS, BasePriority),
- OFFSET(PrQuantumReset, KPROCESS, QuantumReset),
- OFFSET(PrState, KPROCESS, State),
- OFFSET(PrStackCount, KPROCESS, StackCount),
-#if (NTDDI_VERSION >= NTDDI_LONGHORN)
- OFFSET(PrCycleTime, KPROCESS, CycleTime),
-#endif
- SIZE(KernelProcessObjectLength, KPROCESS),
-
- HEADER("KQUEUE"),
- OFFSET(QuType, KQUEUE, Header.Type),
- OFFSET(QuSize, KQUEUE, Header.Size),
- OFFSET(QuSignalState, KQUEUE, Header.SignalState),
- OFFSET(QuEntryListHead, KQUEUE, EntryListHead),
- OFFSET(QuCurrentCount, KQUEUE, CurrentCount),
- OFFSET(QuMaximumCount, KQUEUE, MaximumCount),
- OFFSET(QuThreadListHead, KQUEUE, ThreadListHead),
- SIZE(QueueObjectLength, KQUEUE),
-
- HEADER("STRING"),
- OFFSET(StrLength, STRING, Length),
- OFFSET(StrMaximumLength, STRING, MaximumLength),
- OFFSET(StrBuffer, STRING, Buffer),
-
- HEADER("TEB"),
- OFFSET(TeCmTeb, TEB, NtTib),
-#ifdef _M_IX86
- OFFSET(TeExceptionList, TEB, NtTib.ExceptionList),
-#endif
- OFFSET(TeStackBase, TEB, NtTib.StackBase),
- OFFSET(TeStackLimit, TEB, NtTib.StackLimit),
- OFFSET(TeFiberData, TEB, NtTib.FiberData),
- OFFSET(TeSelf, TEB, NtTib.Self),
- OFFSET(TeEnvironmentPointer, TEB, EnvironmentPointer),
- OFFSET(TeClientId, TEB, ClientId),
- OFFSET(TeActiveRpcHandle, TEB, ActiveRpcHandle),
- OFFSET(TeThreadLocalStoragePointer, TEB, ThreadLocalStoragePointer),
- OFFSET(TeCountOfOwnedCriticalSections, TEB, CountOfOwnedCriticalSections),
- OFFSET(TePeb, TEB, ProcessEnvironmentBlock),
- OFFSET(TeCsrClientThread, TEB, CsrClientThread),
- OFFSET(TeWOW32Reserved, TEB, WOW32Reserved),
-// OFFSET(TeSoftFpcr, TEB, SoftFpcr),
- OFFSET(TeExceptionCode, TEB, ExceptionCode),
- OFFSET(TeActivationContextStackPointer, TEB, ActivationContextStackPointer),
- OFFSET(TeGdiClientPID, TEB, GdiClientPID),
- OFFSET(TeGdiClientTID, TEB, GdiClientTID),
- OFFSET(TeGdiThreadLocalInfo, TEB, GdiThreadLocalInfo),
- OFFSET(TeglDispatchTable, TEB, glDispatchTable),
- OFFSET(TeglReserved1, TEB, glReserved1),
- OFFSET(TeglReserved2, TEB, glReserved2),
- OFFSET(TeglSectionInfo, TEB, glSectionInfo),
- OFFSET(TeglSection, TEB, glSection),
- OFFSET(TeglTable, TEB, glTable),
- OFFSET(TeglCurrentRC, TEB, glCurrentRC),
- OFFSET(TeglContext, TEB, glContext),
- OFFSET(TeDeallocationStack, TEB, DeallocationStack),
- OFFSET(TeTlsSlots, TEB, TlsSlots),
- OFFSET(TeTlsExpansionSlots, TEB, TlsExpansionSlots),
- OFFSET(TeLastErrorValue, TEB, LastErrorValue),
- OFFSET(TeVdm, TEB, Vdm),
- OFFSET(TeInstrumentation, TEB, Instrumentation),
- OFFSET(TeGdiBatchCount, TEB, GdiBatchCount),
- OFFSET(TeGuaranteedStackBytes, TEB, GuaranteedStackBytes),
- OFFSET(TeFlsData, TEB, FlsData),
-// OFFSET(TeProcessRundown, TEB, ProcessRundown),
- SIZE(ThreadEnvironmentBlockLength, TEB),
-
- HEADER("TIME_FIELDS"),
- OFFSET(TfSecond, TIME_FIELDS, Second),
- OFFSET(TfMinute, TIME_FIELDS, Minute),
- OFFSET(TfHour, TIME_FIELDS, Hour),
- OFFSET(TfWeekday, TIME_FIELDS, Weekday),
- OFFSET(TfDay, TIME_FIELDS, Day),
- OFFSET(TfMonth, TIME_FIELDS, Month),
- OFFSET(TfYear, TIME_FIELDS, Year),
- OFFSET(TfMilliseconds, TIME_FIELDS, Milliseconds),
-
- HEADER("KTHREAD"),
- OFFSET(ThType, KTHREAD, DispatcherHeader.Type),
-// OFFSET(ThNpxIrql, KTHREAD, NpxIrql),
- OFFSET(ThSize, KTHREAD, DispatcherHeader.Size),
- OFFSET(ThLock, KTHREAD, DispatcherHeader.Lock),
- OFFSET(ThDebugActive, KTHREAD, DispatcherHeader.DebugActive),
-// OFFSET(ThThreadControlFlags, KTHREAD, DispatcherHeader.ThreadControlFlags),
- OFFSET(ThSignalState, KTHREAD, DispatcherHeader.SignalState),
-#if (NTDDI_VERSION >= NTDDI_LONGHORN)
- OFFSET(ThCycleTime, KTHREAD, CycleTime),
- OFFSET(ThHighCycleTime, KTHREAD, HighCycleTime),
-#endif
- OFFSET(ThInitialStack, KTHREAD, InitialStack),
- OFFSET(ThStackLimit, KTHREAD, StackLimit),
- OFFSET(ThKernelStack, KTHREAD, KernelStack),
- OFFSET(ThThreadLock, KTHREAD, ThreadLock),
-// OFFSET(ThRunning, KTHREAD, Running),
- OFFSET(ThAlerted, KTHREAD, Alerted),
-// OFFSET(ThMiscFlags, KTHREAD, MiscFlags),
- OFFSET(ThApcState, KTHREAD, ApcState),
- OFFSET(ThPriority, KTHREAD, Priority),
- OFFSET(ThSwapBusy, KTHREAD, SwapBusy),
- OFFSET(ThNextProcessor, KTHREAD, NextProcessor),
- OFFSET(ThDeferredProcessor, KTHREAD, DeferredProcessor),
- OFFSET(ThApcQueueLock, KTHREAD, ApcQueueLock),
- OFFSET(ThContextSwitches, KTHREAD, ContextSwitches),
- OFFSET(ThState, KTHREAD, State),
- OFFSET(ThNpxState, KTHREAD, NpxState),
- OFFSET(ThWaitIrql, KTHREAD, WaitIrql),
- OFFSET(ThWaitMode, KTHREAD, WaitMode),
- OFFSET(ThWaitStatus, KTHREAD, WaitStatus),
- OFFSET(ThWaitBlockList, KTHREAD, WaitBlockList),
- OFFSET(ThGateObject, KTHREAD, GateObject),
- OFFSET(ThWaitListEntry, KTHREAD, WaitListEntry),
- OFFSET(ThSwapListEntry, KTHREAD, SwapListEntry),
- OFFSET(ThQueue, KTHREAD, Queue),
- OFFSET(ThWaitTime, KTHREAD, WaitTime),
- OFFSET(ThCombinedApcDisable, KTHREAD, CombinedApcDisable),
- OFFSET(ThKernelApcDisable, KTHREAD, KernelApcDisable),
- OFFSET(ThSpecialApcDisable, KTHREAD, SpecialApcDisable),
- OFFSET(ThTeb, KTHREAD, Teb),
- OFFSET(ThTimer, KTHREAD, Timer),
- OFFSET(ThThreadFlags, KTHREAD, ThreadFlags),
- OFFSET(ThServiceTable, KTHREAD, ServiceTable),
- OFFSET(ThWaitBlock, KTHREAD, WaitBlock),
- OFFSET(ThResourceIndex, KTHREAD, ResourceIndex),
- OFFSET(ThQueueListEntry, KTHREAD, QueueListEntry),
- OFFSET(ThTrapFrame, KTHREAD, TrapFrame),
-#if (NTDDI_VERSION >= NTDDI_LONGHORN)
- OFFSET(ThFirstArgument, KTHREAD, FirstArgument),
-#endif
- OFFSET(ThCallbackStack, KTHREAD, CallbackStack),
-// OFFSET(ThCallbackDepth, KTHREAD, CallbackDepth),
- OFFSET(ThApcStateIndex, KTHREAD, ApcStateIndex),
- OFFSET(ThIdealProcessor, KTHREAD, IdealProcessor),
- OFFSET(ThBasePriority, KTHREAD, BasePriority),
- OFFSET(ThPriorityDecrement, KTHREAD, PriorityDecrement),
- OFFSET(ThAdjustReason, KTHREAD, AdjustReason),
- OFFSET(ThAdjustIncrement, KTHREAD, AdjustIncrement),
- OFFSET(ThPreviousMode, KTHREAD, PreviousMode),
- OFFSET(ThSaturation, KTHREAD, Saturation),
-#if (NTDDI_VERSION >= NTDDI_LONGHORN)
- OFFSET(ThSystemCallNumber, KTHREAD, SystemCallNumber),
-#endif
- OFFSET(ThFreezeCount, KTHREAD, FreezeCount),
- OFFSET(ThUserAffinity, KTHREAD, UserAffinity),
- OFFSET(ThProcess, KTHREAD, Process),
- OFFSET(ThAffinity, KTHREAD, Affinity),
- OFFSET(ThUserIdealProcessor, KTHREAD, UserIdealProcessor),
- OFFSET(ThApcStatePointer, KTHREAD, ApcStatePointer),
- OFFSET(ThSavedApcState, KTHREAD, SavedApcState),
- OFFSET(ThWaitReason, KTHREAD, WaitReason),
- OFFSET(ThSuspendCount, KTHREAD, SuspendCount),
-// OFFSET(ThCodePatchInProgress, KTHREAD, CodePatchInProgress),
- OFFSET(ThWin32Thread, KTHREAD, Win32Thread),
- OFFSET(ThStackBase, KTHREAD, StackBase),
- OFFSET(ThSuspendApc, KTHREAD, SuspendApc),
- OFFSET(ThPowerState, KTHREAD, PowerState),
- OFFSET(ThKernelTime, KTHREAD, KernelTime),
- OFFSET(ThLegoData, KTHREAD, LegoData),
- OFFSET(ThLargeStack, KTHREAD, LargeStack),
- OFFSET(ThUserTime, KTHREAD, UserTime),
- OFFSET(ThSuspendSemaphore, KTHREAD, SuspendSemaphore),
- OFFSET(ThSListFaultCount, KTHREAD, SListFaultCount),
- OFFSET(ThThreadListEntry, KTHREAD, ThreadListEntry),
- OFFSET(ThMutantListHead, KTHREAD, MutantListHead),
- OFFSET(ThSListFaultAddress, KTHREAD, SListFaultAddress),
- SIZE(KernelThreadObjectLength, KTHREAD),
- SIZE(ExecutiveThreadObjectLength, ETHREAD),
-
- HEADER("KTIMER"),
- OFFSET(TiType, KTIMER, Header.Type),
- OFFSET(TiSize, KTIMER, Header.Size),
- OFFSET(TiInserted, KTIMER, Header.Inserted),
- OFFSET(TiSignalState, KTIMER, Header.SignalState),
- OFFSET(TiDueTime, KTIMER, DueTime),
- OFFSET(TiTimerListEntry, KTIMER, TimerListEntry),
- OFFSET(TiDpc, KTIMER, Dpc),
- OFFSET(TiPeriod, KTIMER, Period),
- SIZE(TimerObjectLength, KTIMER),
-
- HEADER("TIME"),
-// OFFSET(TmLowTime, TIME, LowTime),
-// OFFSET(TmHighTime, TIME, HighTime),
-
-#if 0
- HEADER("SYSTEM_CONTEXT_SWITCH_INFORMATION (relative to FindAny)"),
- RELOFFSET(TwFindAny, SYSTEM_CONTEXT_SWITCH_INFORMATION, FindAny, FindAny),
- RELOFFSET(TwFindIdeal, SYSTEM_CONTEXT_SWITCH_INFORMATION, FindIdeal, FindAny),
- RELOFFSET(TwFindLast, SYSTEM_CONTEXT_SWITCH_INFORMATION, FindLast, FindAny),
- RELOFFSET(TwIdleAny, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleAny, FindAny),
- RELOFFSET(TwIdleCurrent, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleCurrent, FindAny),
- RELOFFSET(TwIdleIdeal, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleIdeal, FindAny),
- RELOFFSET(TwIdleLast, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleLast, FindAny),
- RELOFFSET(TwPreemptAny, SYSTEM_CONTEXT_SWITCH_INFORMATION, PreemptAny, FindAny),
- RELOFFSET(TwPreemptCurrent, SYSTEM_CONTEXT_SWITCH_INFORMATION, PreemptCurrent, FindAny),
- RELOFFSET(TwPreemptLast, SYSTEM_CONTEXT_SWITCH_INFORMATION, PreemptLast, FindAny),
- RELOFFSET(TwSwitchToIdle, SYSTEM_CONTEXT_SWITCH_INFORMATION, SwitchToIdle, FindAny),
-#endif
-
- HEADER("KUSER_SHARED_DATA"),
- OFFSET(UsTickCountMultiplier, KUSER_SHARED_DATA, TickCountMultiplier),
- OFFSET(UsInterruptTime, KUSER_SHARED_DATA, InterruptTime),
- OFFSET(UsSystemTime, KUSER_SHARED_DATA, SystemTime),
- OFFSET(UsTimeZoneBias, KUSER_SHARED_DATA, TimeZoneBias),
- OFFSET(UsImageNumberLow, KUSER_SHARED_DATA, ImageNumberLow),
- OFFSET(UsImageNumberHigh, KUSER_SHARED_DATA, ImageNumberHigh),
- OFFSET(UsNtSystemRoot, KUSER_SHARED_DATA, NtSystemRoot),
- OFFSET(UsMaxStackTraceDepth, KUSER_SHARED_DATA, MaxStackTraceDepth),
- OFFSET(UsCryptoExponent, KUSER_SHARED_DATA, CryptoExponent),
- OFFSET(UsTimeZoneId, KUSER_SHARED_DATA, TimeZoneId),
- OFFSET(UsLargePageMinimum, KUSER_SHARED_DATA, LargePageMinimum),
- OFFSET(UsReserved2, KUSER_SHARED_DATA, Reserved2),
- OFFSET(UsNtProductType, KUSER_SHARED_DATA, NtProductType),
- OFFSET(UsProductTypeIsValid, KUSER_SHARED_DATA, ProductTypeIsValid),
- OFFSET(UsNtMajorVersion, KUSER_SHARED_DATA, NtMajorVersion),
- OFFSET(UsNtMinorVersion, KUSER_SHARED_DATA, NtMinorVersion),
- OFFSET(UsProcessorFeatures, KUSER_SHARED_DATA, ProcessorFeatures),
- OFFSET(UsReserved1, KUSER_SHARED_DATA, Reserved1),
- OFFSET(UsReserved3, KUSER_SHARED_DATA, Reserved3),
- OFFSET(UsTimeSlip, KUSER_SHARED_DATA, TimeSlip),
- OFFSET(UsAlternativeArchitecture, KUSER_SHARED_DATA, AlternativeArchitecture),
- OFFSET(UsSystemExpirationDate, KUSER_SHARED_DATA, SystemExpirationDate),
- OFFSET(UsSuiteMask, KUSER_SHARED_DATA, SuiteMask),
- OFFSET(UsKdDebuggerEnabled, KUSER_SHARED_DATA, KdDebuggerEnabled),
- OFFSET(UsActiveConsoleId, KUSER_SHARED_DATA, ActiveConsoleId),
- OFFSET(UsDismountCount, KUSER_SHARED_DATA, DismountCount),
- OFFSET(UsComPlusPackage, KUSER_SHARED_DATA, ComPlusPackage),
- OFFSET(UsLastSystemRITEventTickCount, KUSER_SHARED_DATA, LastSystemRITEventTickCount),
- OFFSET(UsNumberOfPhysicalPages, KUSER_SHARED_DATA, NumberOfPhysicalPages),
- OFFSET(UsSafeBootMode, KUSER_SHARED_DATA, SafeBootMode),
-// OFFSET(UsTscQpcData, KUSER_SHARED_DATA, TscQpcData),
- OFFSET(UsTestRetInstruction, KUSER_SHARED_DATA, TestRetInstruction),
- OFFSET(UsSystemCall, KUSER_SHARED_DATA, SystemCall),
- OFFSET(UsSystemCallReturn, KUSER_SHARED_DATA, SystemCallReturn),
- OFFSET(UsSystemCallPad, KUSER_SHARED_DATA, SystemCallPad),
- OFFSET(UsTickCount, KUSER_SHARED_DATA, TickCount),
- OFFSET(UsTickCountQuad, KUSER_SHARED_DATA, TickCountQuad),
- OFFSET(UsWow64SharedInformation, KUSER_SHARED_DATA, Wow64SharedInformation),
-
- HEADER("KWAIT_BLOCK"),
- OFFSET(WbWaitListEntry, KWAIT_BLOCK, WaitListEntry),
- OFFSET(WbThread, KWAIT_BLOCK, Thread),
- OFFSET(WbObject, KWAIT_BLOCK, Object),
- OFFSET(WbNextWaitBlock, KWAIT_BLOCK, NextWaitBlock),
- OFFSET(WbWaitKey, KWAIT_BLOCK, WaitKey),
- OFFSET(WbWaitType, KWAIT_BLOCK, WaitType),
-
-#if defined(_M_IX86)
-
- HEADER("CONTEXT"),
- OFFSET(CsContextFlags, CONTEXT, ContextFlags),
- OFFSET(CsDr0, CONTEXT, Dr0),
- OFFSET(CsDr1, CONTEXT, Dr1),
- OFFSET(CsDr2, CONTEXT, Dr2),
- OFFSET(CsDr3, CONTEXT, Dr3),
- OFFSET(CsDr6, CONTEXT, Dr6),
- OFFSET(CsDr7, CONTEXT, Dr7),
- OFFSET(CsFloatSave, CONTEXT, FloatSave),
- OFFSET(CsSegGs, CONTEXT, SegGs),
- OFFSET(CsSegFs, CONTEXT, SegFs),
- OFFSET(CsSegEs, CONTEXT, SegEs),
- OFFSET(CsSegDs, CONTEXT, SegDs),
- OFFSET(CsEdi, CONTEXT, Edi),
- OFFSET(CsEsi, CONTEXT, Esi),
- OFFSET(CsEbx, CONTEXT, Ebx),
- OFFSET(CsEdx, CONTEXT, Edx),
- OFFSET(CsEcx, CONTEXT, Ecx),
- OFFSET(CsEax, CONTEXT, Eax),
- OFFSET(CsEbp, CONTEXT, Ebp),
- OFFSET(CsEip, CONTEXT, Eip),
- OFFSET(CsSegCs, CONTEXT, SegCs),
- OFFSET(CsEflags, CONTEXT, EFlags),
- OFFSET(CsEsp, CONTEXT, Esp),
- OFFSET(CsSegSs, CONTEXT, SegSs),
- OFFSET(CsExtendedRegisters, CONTEXT, ExtendedRegisters),
- SIZE(ContextFrameLength, CONTEXT),
- SIZE(CONTEXT_LENGTH, CONTEXT),
-
- HEADER("KGDTENTRY"),
- OFFSET(KgdtBaseLow, KGDTENTRY, BaseLow),
- OFFSET(KgdtBaseMid, KGDTENTRY, HighWord.Bytes.BaseMid),
- OFFSET(KgdtBaseHi, KGDTENTRY, HighWord.Bytes.BaseHi),
- OFFSET(KgdtLimitHi, KGDTENTRY, HighWord.Bytes.Flags2),
- OFFSET(KgdtLimitLow, KGDTENTRY, LimitLow),
-
- HEADER("KTRAP_FRAME"),
- OFFSET(TsExceptionList, KTRAP_FRAME, ExceptionList),
- OFFSET(TsPreviousPreviousMode, KTRAP_FRAME, PreviousPreviousMode),
- OFFSET(TsSegGs, KTRAP_FRAME, SegGs),
- OFFSET(TsSegFs, KTRAP_FRAME, SegFs),
- OFFSET(TsSegEs, KTRAP_FRAME, SegEs),
- OFFSET(TsSegDs, KTRAP_FRAME, SegDs),
- OFFSET(TsEdi, KTRAP_FRAME, Edi),
- OFFSET(TsEsi, KTRAP_FRAME, Esi),
- OFFSET(TsEbp, KTRAP_FRAME, Ebp),
- OFFSET(TsEbx, KTRAP_FRAME, Ebx),
- OFFSET(TsEdx, KTRAP_FRAME, Edx),
- OFFSET(TsEcx, KTRAP_FRAME, Ecx),
- OFFSET(TsEax, KTRAP_FRAME, Eax),
- OFFSET(TsErrCode, KTRAP_FRAME, ErrCode),
- OFFSET(TsEip, KTRAP_FRAME, Eip),
- OFFSET(TsSegCs, KTRAP_FRAME, SegCs),
- OFFSET(TsEflags, KTRAP_FRAME, EFlags),
- OFFSET(TsHardwareEsp, KTRAP_FRAME, HardwareEsp),
- OFFSET(TsHardwareSegSs, KTRAP_FRAME, HardwareSegSs),
- OFFSET(TsTempSegCs, KTRAP_FRAME, TempSegCs),
-// OFFSET(TsLogging, KTRAP_FRAME, Logging),
- OFFSET(TsTempEsp, KTRAP_FRAME, TempEsp),
- OFFSET(TsDbgEbp, KTRAP_FRAME, DbgEbp),
- OFFSET(TsDbgEip, KTRAP_FRAME, DbgEip),
- OFFSET(TsDbgArgMark, KTRAP_FRAME, DbgArgMark),
- OFFSET(TsDbgArgPointer, KTRAP_FRAME, DbgArgPointer),
- OFFSET(TsDr0, KTRAP_FRAME, Dr0),
- OFFSET(TsDr1, KTRAP_FRAME, Dr1),
- OFFSET(TsDr2, KTRAP_FRAME, Dr2),
- OFFSET(TsDr3, KTRAP_FRAME, Dr3),
- OFFSET(TsDr6, KTRAP_FRAME, Dr6),
- OFFSET(TsDr7, KTRAP_FRAME, Dr7),
- OFFSET(TsV86Es, KTRAP_FRAME, V86Es),
- OFFSET(TsV86Ds, KTRAP_FRAME, V86Ds),
- OFFSET(TsV86Fs, KTRAP_FRAME, V86Fs),
- OFFSET(TsV86Gs, KTRAP_FRAME, V86Gs),
- SIZE(KTRAP_FRAME_LENGTH, KTRAP_FRAME),
- CONSTANT(KTRAP_FRAME_ALIGN),
- CONSTANT(FRAME_EDITED),
-
- HEADER("KTSS"),
- OFFSET(TssEsp0, KTSS, Esp0),
- OFFSET(TssCR3, KTSS, CR3),
- OFFSET(TssEip, KTSS, Eip),
- OFFSET(TssEFlags, KTSS, EFlags),
- OFFSET(TssEax, KTSS, Eax),
- OFFSET(TssEbx, KTSS, Ebx),
- OFFSET(TssEcx, KTSS, Ecx),
- OFFSET(TssEdx, KTSS, Edx),
- OFFSET(TssEsp, KTSS, Esp),
- OFFSET(TssEbp, KTSS, Ebp),
- OFFSET(TssEsi, KTSS, Esi),
- OFFSET(TssEdi, KTSS, Edi),
- OFFSET(TssEs, KTSS, Es),
- OFFSET(TssCs, KTSS, Cs),
- OFFSET(TssSs, KTSS, Ss),
- OFFSET(TssDs, KTSS, Ds),
- OFFSET(TssFs, KTSS, Fs),
- OFFSET(TssGs, KTSS, Gs),
- OFFSET(TssLDT, KTSS, LDT),
- OFFSET(TssIoMapBase, KTSS, IoMapBase),
- OFFSET(TssIoMaps, KTSS, IoMaps),
- SIZE(TssLength, KTSS),
-
-#elif defined(_M_AMD64)
-
- HEADER("Argument Home Address"),
- OFFSET(P1Home, CONTEXT, P1Home),
- OFFSET(P2Home, CONTEXT, P1Home),
- OFFSET(P3Home, CONTEXT, P1Home),
- OFFSET(P4Home, CONTEXT, P1Home),
-
- HEADER("CONTEXT"),
- OFFSET(CxP1Home, CONTEXT, P1Home),
- OFFSET(CxP2Home, CONTEXT, P2Home),
- OFFSET(CxP3Home, CONTEXT, P3Home),
- OFFSET(CxP4Home, CONTEXT, P4Home),
- OFFSET(CxP5Home, CONTEXT, P5Home),
- OFFSET(CxP6Home, CONTEXT, P6Home),
- OFFSET(CxContextFlags, CONTEXT, ContextFlags),
- OFFSET(CxMxCsr, CONTEXT, MxCsr),
- OFFSET(CxSegCs, CONTEXT, SegCs),
- OFFSET(CxSegDs, CONTEXT, SegDs),
- OFFSET(CxSegEs, CONTEXT, SegEs),
- OFFSET(CxSegFs, CONTEXT, SegFs),
- OFFSET(CxSegGs, CONTEXT, SegGs),
- OFFSET(CxSegSs, CONTEXT, SegSs),
- OFFSET(CxEFlags, CONTEXT, EFlags),
- OFFSET(CxDr0, CONTEXT, Dr0),
- OFFSET(CxDr1, CONTEXT, Dr1),
- OFFSET(CxDr2, CONTEXT, Dr2),
- OFFSET(CxDr3, CONTEXT, Dr3),
- OFFSET(CxDr6, CONTEXT, Dr6),
- OFFSET(CxDr7, CONTEXT, Dr7),
- OFFSET(CxRax, CONTEXT, Rax),
- OFFSET(CxRcx, CONTEXT, Rcx),
- OFFSET(CxRdx, CONTEXT, Rdx),
- OFFSET(CxRbx, CONTEXT, Rbx),
- OFFSET(CxRsp, CONTEXT, Rsp),
- OFFSET(CxRbp, CONTEXT, Rbp),
- OFFSET(CxRsi, CONTEXT, Rsi),
- OFFSET(CxRdi, CONTEXT, Rdi),
- OFFSET(CxR8, CONTEXT, R8),
- OFFSET(CxR9, CONTEXT, R9),
- OFFSET(CxR10, CONTEXT, R10),
- OFFSET(CxR11, CONTEXT, R11),
- OFFSET(CxR12, CONTEXT, R12),
- OFFSET(CxR13, CONTEXT, R13),
- OFFSET(CxR14, CONTEXT, R14),
- OFFSET(CxR15, CONTEXT, R15),
- OFFSET(CxRip, CONTEXT, Rip),
- OFFSET(CxFltSave, CONTEXT, FltSave),
- OFFSET(CxXmm0, CONTEXT, Xmm0),
- OFFSET(CxXmm1, CONTEXT, Xmm1),
- OFFSET(CxXmm2, CONTEXT, Xmm2),
- OFFSET(CxXmm3, CONTEXT, Xmm3),
- OFFSET(CxXmm4, CONTEXT, Xmm4),
- OFFSET(CxXmm5, CONTEXT, Xmm5),
- OFFSET(CxXmm6, CONTEXT, Xmm6),
- OFFSET(CxXmm7, CONTEXT, Xmm7),
- OFFSET(CxXmm8, CONTEXT, Xmm8),
- OFFSET(CxXmm9, CONTEXT, Xmm9),
- OFFSET(CxXmm10, CONTEXT, Xmm10),
- OFFSET(CxXmm11, CONTEXT, Xmm11),
- OFFSET(CxXmm12, CONTEXT, Xmm12),
- OFFSET(CxXmm13, CONTEXT, Xmm13),
- OFFSET(CxXmm14, CONTEXT, Xmm14),
- OFFSET(CxXmm15, CONTEXT, Xmm15),
- OFFSET(CxDebugControl, CONTEXT, DebugControl),
- OFFSET(CxLastBranchToRip, CONTEXT, LastBranchToRip),
- OFFSET(CxLastBranchFromRip, CONTEXT, LastBranchFromRip),
- OFFSET(CxLastExceptionToRip, CONTEXT, LastExceptionToRip),
- OFFSET(CxLastExceptionFromRip, CONTEXT, LastExceptionFromRip),
- OFFSET(CxVectorControl, CONTEXT, VectorControl),
- OFFSET(CxVectorRegister, CONTEXT, VectorRegister),
- SIZE(CONTEXT_FRAME_LENGTH, CONTEXT),
-
- HEADER("DISPATCHER_CONTEXT"),
- OFFSET(DcControlPc, TYPE, ControlPc),
- OFFSET(DcImageBase, TYPE, ImageBase),
- OFFSET(DcFunctionEntry, TYPE, FunctionEntry),
- OFFSET(DcEstablisherFrame, TYPE, EstablisherFrame),
- OFFSET(DcTargetIp, TYPE, TargetIp),
- OFFSET(DcContextRecord, TYPE, ContextRecord),
- OFFSET(DcLanguageHandler, TYPE, LanguageHandler),
- OFFSET(DcHandlerData, TYPE, HandlerData),
- OFFSET(DcHistoryTable, TYPE, HistoryTable),
- OFFSET(DcScopeIndex, TYPE, ScopeIndex),
-
- HEADER("KEXCEPTION_FRAME"),
- OFFSET(ExP1Home, KEXCEPTION_FRAME, P1Home),
- OFFSET(ExP2Home, KEXCEPTION_FRAME, P2Home),
- OFFSET(ExP3Home, KEXCEPTION_FRAME, P3Home),
- OFFSET(ExP4Home, KEXCEPTION_FRAME, P4Home),
- OFFSET(ExP5, KEXCEPTION_FRAME, P5),
- OFFSET(ExXmm6, KEXCEPTION_FRAME, Xmm6),
- OFFSET(ExXmm7, KEXCEPTION_FRAME, Xmm7),
- OFFSET(ExXmm8, KEXCEPTION_FRAME, Xmm8),
- OFFSET(ExXmm9, KEXCEPTION_FRAME, Xmm9),
- OFFSET(ExXmm10, KEXCEPTION_FRAME, Xmm10),
- OFFSET(ExXmm11, KEXCEPTION_FRAME, Xmm11),
- OFFSET(ExXmm12, KEXCEPTION_FRAME, Xmm12),
- OFFSET(ExXmm13, KEXCEPTION_FRAME, Xmm13),
- OFFSET(ExXmm14, KEXCEPTION_FRAME, Xmm14),
- OFFSET(ExXmm15, KEXCEPTION_FRAME, Xmm15),
- OFFSET(ExMxCsr, KEXCEPTION_FRAME, MxCsr),
- OFFSET(ExRbp, KEXCEPTION_FRAME, Rbp),
- OFFSET(ExRbx, KEXCEPTION_FRAME, Rbx),
- OFFSET(ExRdi, KEXCEPTION_FRAME, Rdi),
- OFFSET(ExRsi, KEXCEPTION_FRAME, Rsi),
- OFFSET(ExR12, KEXCEPTION_FRAME, R12),
- OFFSET(ExR13, KEXCEPTION_FRAME, R13),
- OFFSET(ExR14, KEXCEPTION_FRAME, R14),
- OFFSET(ExR15, KEXCEPTION_FRAME, R15),
- OFFSET(ExReturn, KEXCEPTION_FRAME, Return),
- OFFSET(CuInitialStack, KEXCEPTION_FRAME, InitialStack),
- OFFSET(CuTrapFrame, KEXCEPTION_FRAME, TrapFrame),
- OFFSET(CuCallbackStack, KEXCEPTION_FRAME, CallbackStack),
- OFFSET(CuOutputBuffer, KEXCEPTION_FRAME, OutputBuffer),
- OFFSET(CuOutputLength, KEXCEPTION_FRAME, OutputLength),
- SIZE(KEXCEPTION_FRAME_LENGTH, KEXCEPTION_FRAME),
-
- HEADER("JUMP_BUFFER"),
- OFFSET(JbFrame, JUMP_BUFFER, Frame),
- OFFSET(JbRbx, JUMP_BUFFER, Rbx),
- OFFSET(JbRsp, JUMP_BUFFER, Rsp),
- OFFSET(JbRbp, JUMP_BUFFER, Rbp),
- OFFSET(JbRsi, JUMP_BUFFER, Rsi),
- OFFSET(JbRdi, JUMP_BUFFER, Rdi),
- OFFSET(JbR12, JUMP_BUFFER, R12),
- OFFSET(JbR13, JUMP_BUFFER, R13),
- OFFSET(JbR14, JUMP_BUFFER, R14),
- OFFSET(JbR15, JUMP_BUFFER, R15),
- OFFSET(JbRip, JUMP_BUFFER, Rip),
- OFFSET(JbMxCsr, JUMP_BUFFER, MxCsr),
- OFFSET(JbFpCsr, JUMP_BUFFER, FpCsr),
- OFFSET(JbXmm6, JUMP_BUFFER, Xmm6),
- OFFSET(JbXmm7, JUMP_BUFFER, Xmm7),
- OFFSET(JbXmm8, JUMP_BUFFER, Xmm8),
- OFFSET(JbXmm9, JUMP_BUFFER, Xmm9),
- OFFSET(JbXmm10, JUMP_BUFFER, Xmm10),
- OFFSET(JbXmm11, JUMP_BUFFER, Xmm11),
- OFFSET(JbXmm12, JUMP_BUFFER, Xmm12),
- OFFSET(JbXmm13, JUMP_BUFFER, Xmm13),
- OFFSET(JbXmm14, JUMP_BUFFER, Xmm14),
- OFFSET(JbXmm15, JUMP_BUFFER, Xmm15),
-
- HEADER("KGDT64"),
- OFFSET(KgdtBaseLow, KGDT64, BaseLow),
- OFFSET(KgdtBaseMiddle, KGDT64, BaseMiddle),
- OFFSET(KgdtBaseHigh, KGDT64, BaseHigh),
- OFFSET(KgdtBaseUpper, KGDT64, BaseUpper),
- OFFSET(KgdtLimitHigh, KGDT64, LimitHigh),
- OFFSET(KgdtLimitLow, KGDT64, LimitLow),
- CONSTANT(KGDT_LIMIT_ENCODE_MASK),
-
- HEADER("KPRCB"),
- OFFSET(PbMxCsr, KPRCB, MxCsr),
- OFFSET(PbNumber, KPRCB, Number),
- OFFSET(PbInterruptRequest, KPRCB, InterruptRequest),
- OFFSET(PbIdleHalt, KPRCB, IdleHalt),
- OFFSET(PbCurrentThread, KPRCB, CurrentThread),
- OFFSET(PbNextThread, KPRCB, NextThread),
- OFFSET(PbIdleThread, KPRCB, IdleThread),
- OFFSET(PbNestingLevel, KPRCB, NestingLevel),
- OFFSET(PbRspBase, KPRCB, RspBase),
- OFFSET(PbPrcbLock, KPRCB, PrcbLock),
- OFFSET(PbSetMember, KPRCB, SetMember),
- OFFSET(PbProcessorState, KPRCB, ProcessorState),
- OFFSET(PbCpuType, KPRCB, CpuType),
- OFFSET(PbCpuID, KPRCB, CpuID),
- OFFSET(PbCpuStep, KPRCB, CpuStep),
- OFFSET(PbHalReserved, KPRCB, HalReserved),
- OFFSET(PbMinorVersion, KPRCB, MinorVersion),
- OFFSET(PbMajorVersion, KPRCB, MajorVersion),
- OFFSET(PbBuildType, KPRCB, BuildType),
- OFFSET(PbCpuVendor, KPRCB, CpuVendor),
- OFFSET(PbCoresPerPhysicalProcessor, KPRCB, CoresPerPhysicalProcessor),
- OFFSET(PbLogicalProcessorsPerCore, KPRCB, LogicalProcessorsPerCore),
- OFFSET(PbApicMask, KPRCB, ApicMask),
- OFFSET(PbCFlushSize, KPRCB, CFlushSize),
- OFFSET(PbAcpiReserved, KPRCB, AcpiReserved),
- OFFSET(PbInitialApicId, KPRCB, InitialApicId),
- OFFSET(PbStride, KPRCB, Stride),
- OFFSET(PbLockQueue, KPRCB, LockQueue),
- OFFSET(PbPPLookasideList, KPRCB, PPLookasideList),
- OFFSET(PbPPNPagedLookasideList, KPRCB, PPNPagedLookasideList),
- OFFSET(PbPPPagedLookasideList, KPRCB, PPPagedLookasideList),
- OFFSET(PbPacketBarrier, KPRCB, PacketBarrier),
- OFFSET(PbDeferredReadyListHead, KPRCB, DeferredReadyListHead),
- OFFSET(PbLookasideIrpFloat, KPRCB, LookasideIrpFloat),
- OFFSET(PbSystemCalls, KPRCB, SystemCalls),
- OFFSET(PbReadOperationCount, KPRCB, ReadOperationCount),
- OFFSET(PbWriteOperationCount, KPRCB, WriteOperationCount),
- OFFSET(PbOtherOperationCount, KPRCB, OtherOperationCount),
- OFFSET(PbReadTransferCount, KPRCB, ReadTransferCount),
- OFFSET(PbWriteTransferCount, KPRCB, WriteTransferCount),
- OFFSET(PbOtherTransferCount, KPRCB, OtherTransferCount),
- OFFSET(PbContextSwitches, KPRCB, ContextSwitches),
- OFFSET(PbTargetSet, KPRCB, TargetSet),
- OFFSET(PbIpiFrozen, KPRCB, IpiFrozen),
- OFFSET(PbRequestMailbox, KPRCB, RequestMailbox),
- OFFSET(PbSenderSummary, KPRCB, SenderSummary),
- OFFSET(PbDpcListHead, KPRCB, DpcListHead),
- OFFSET(PbDpcLock, KPRCB, DpcLock),
- OFFSET(PbDpcQueueDepth, KPRCB, DpcQueueDepth),
- OFFSET(PbDpcCount, KPRCB, DpcCount),
- OFFSET(PbDpcStack, KPRCB, DpcStack),
- OFFSET(PbMaximumDpcQueueDepth, KPRCB, MaximumDpcQueueDepth),
- OFFSET(PbDpcRequestRate, KPRCB, DpcRequestRate),
- OFFSET(PbMinimumDpcRate, KPRCB, MinimumDpcRate),
- OFFSET(PbDpcInterruptRequested, KPRCB, DpcInterruptRequested),
- OFFSET(PbDpcThreadRequested, KPRCB, DpcThreadRequested),
- OFFSET(PbDpcRoutineActive, KPRCB, DpcRoutineActive),
- OFFSET(PbDpcThreadActive, KPRCB, DpcThreadActive),
- OFFSET(PbTimerHand, KPRCB, TimerHand),
- OFFSET(PbTimerRequest, KPRCB, TimerRequest),
- OFFSET(PbTickOffset, KPRCB, TickOffset),
- OFFSET(PbMasterOffset, KPRCB, MasterOffset),
- OFFSET(PbDpcLastCount, KPRCB, DpcLastCount),
- OFFSET(PbQuantumEnd, KPRCB, QuantumEnd),
- OFFSET(PbDpcSetEventRequest, KPRCB, DpcSetEventRequest),
- OFFSET(PbIdleSchedule, KPRCB, IdleSchedule),
- OFFSET(PbReadySummary, KPRCB, ReadySummary),
- OFFSET(PbDispatcherReadyListHead, KPRCB, DispatcherReadyListHead),
- OFFSET(PbInterruptCount, KPRCB, InterruptCount),
- OFFSET(PbKernelTime, KPRCB, KernelTime),
- OFFSET(PbUserTime, KPRCB, UserTime),
- OFFSET(PbDpcTime, KPRCB, DpcTime),
- OFFSET(PbInterruptTime, KPRCB, InterruptTime),
- OFFSET(PbAdjustDpcThreshold, KPRCB, AdjustDpcThreshold),
- OFFSET(PbSkipTick, KPRCB, SkipTick),
- OFFSET(PbPollSlot, KPRCB, PollSlot),
- OFFSET(PbParentNode, KPRCB, ParentNode),
- OFFSET(PbMultiThreadProcessorSet, KPRCB, MultiThreadProcessorSet),
- OFFSET(PbMultiThreadSetMaster, KPRCB, MultiThreadSetMaster),
- OFFSET(PbStartCycles, KPRCB, StartCycles),
- OFFSET(PbPageColor, KPRCB, PageColor),
- OFFSET(PbNodeColor, KPRCB, NodeColor),
- OFFSET(PbNodeShiftedColor, KPRCB,NodeShiftedColor),
- OFFSET(PbSecondaryColorMask, KPRCB, SecondaryColorMask),
- OFFSET(PbSleeping, KPRCB, Sleeping),
- OFFSET(PbCycleTime, KPRCB, CycleTime),
- OFFSET(PbFastReadNoWait, KPRCB, FastReadNoWait),
- OFFSET(PbFastReadWait, KPRCB, FastReadWait),
- OFFSET(PbFastReadNotPossible, KPRCB, FastReadNotPossible),
- OFFSET(PbCopyReadNoWait, KPRCB, CopyReadNoWait),
- OFFSET(PbCopyReadWait, KPRCB, CopyReadWait),
- OFFSET(PbCopyReadNoWaitMiss, KPRCB, CopyReadNoWaitMiss),
- OFFSET(PbAlignmentFixupCount, KPRCB, AlignmentFixupCount),
- OFFSET(PbExceptionDispatchCount, KPRCB, ExceptionDispatchCount),
- OFFSET(PbVendorString, KPRCB, VendorString),
- OFFSET(PbPowerState, KPRCB, PowerState),
- SIZE(ProcessorBlockLength, KPRCB),
-
- HEADER("KPCR"),
- OFFSET(PcGdt, KPCR, Gdt),
- OFFSET(PcTss, KPCR, Tss),
- OFFSET(PcUserRsp, KPCR, UserRsp),
- OFFSET(PcSelf, KPCR, Self),
- OFFSET(PcCurrentPrcb, KPCR, CurrentPrcb),
- OFFSET(PcLockArray, KPCR, LockArray),
- OFFSET(PcTeb, KPCR, Teb),
- OFFSET(PcIdt, KPCR, Idt),
- OFFSET(PcIrql, KPCR, Irql),
- OFFSET(PcStallScaleFactor, KPCR, StallScaleFactor),
- OFFSET(PcHalReserved, KPCR, HalReserved),
- OFFSET(PcPrcb, KPCR, Prcb),
- OFFSET(PcMxCsr, KPCR, MxCsr),
- OFFSET(PcNumber, KPCR, Number),
- OFFSET(PcInterruptRequest, KPCR, InterruptRequest),
- OFFSET(PcIdleHalt, KPCR, IdleHalt),
- OFFSET(PcCurrentThread, KPCR, CurrentThread),
- OFFSET(PcNextThread, KPCR, NextThread),
- OFFSET(PcIdleThread, KPCR, IdleThread),
- OFFSET(PcIpiFrozen, KPCR, IpiFrozen),
- OFFSET(PcNestingLevel, KPCR, NestingLevel),
- OFFSET(PcRspBase, KPCR, RspBase),
- OFFSET(PcPrcbLock, KPCR, PrcbLock),
- OFFSET(PcSetMember, KPCR, SetMember),
- OFFSET(PcCr0, KPCR, Cr0),
- OFFSET(PcCr2, KPCR, Cr2),
- OFFSET(PcCr3, KPCR, Cr3),
- OFFSET(PcCr4, KPCR, Cr4),
- OFFSET(PcKernelDr0, KPCR, KernelDr0),
- OFFSET(PcKernelDr1, KPCR, KernelDr1),
- OFFSET(PcKernelDr2, KPCR, KernelDr2),
- OFFSET(PcKernelDr3, KPCR, KernelDr3),
- OFFSET(PcKernelDr7, KPCR, KernelDr7),
- OFFSET(PcGdtrLimit, KPCR, GdtrLimit),
- OFFSET(PcGdtrBase, KPCR, GdtrBase),
- OFFSET(PcIdtrLimit, KPCR, IdtrLimit),
- OFFSET(PcIdtrBase, KPCR, IdtrBase),
- OFFSET(PcTr, KPCR, Tr),
- OFFSET(PcLdtr, KPCR, Ldtr),
- OFFSET(PcDebugControl, KPCR, DebugControl),
- OFFSET(PcLastBranchToRip, KPCR, LastBranchToRip),
- OFFSET(PcLastBranchFromRip, KPCR, LastBranchFromRip),
- OFFSET(PcLastExceptionToRip, KPCR, LastExceptionToRip),
- OFFSET(PcLastExceptionFromRip, KPCR, LastExceptionFromRip),
- OFFSET(PcCr8, KPCR, Cr8),
- OFFSET(PcCpuType, KPCR, CpuType),
- OFFSET(PcCpuID, KPCR, CpuID),
- OFFSET(PcCpuStep, KPCR, CpuStep),
- OFFSET(PcCpuVendor, KPCR, CpuVendor),
- OFFSET(PcVirtualApicAssist, KPCR, VirtualApicAssist),
- OFFSET(PcCFlushSize, KPCR, CFlushSize),
- OFFSET(PcDeferredReadyListHead, KPCR, DeferredReadyListHead),
- OFFSET(PcSystemCalls, KPCR, SystemCalls),
- OFFSET(PcDpcRoutineActive, KPCR, DpcRoutineActive),
- OFFSET(PcInterruptCount, KPCR, InterruptCount),
- OFFSET(PcDebuggerSavedIRQL, KPCR, DebuggerSavedIRQL),
- OFFSET(PcTickOffset, KPCR, TickOffset),
- OFFSET(PcMasterOffset, KPCR, MasterOffset),
- OFFSET(PcSkipTick, KPCR, SkipTick),
- OFFSET(PcStartCycles, KPCR, StartCycles),
- SIZE(ProcessorControlRegisterLength, KPCR),
-
- HEADER("KPROCESSOR_STATE"),
- OFFSET(PsSpecialRegisters, KPROCESSOR_STATE, SpecialRegisters),
- OFFSET(PsCr0, KPROCESSOR_STATE, Cr0),
- OFFSET(PsCr2, KPROCESSOR_STATE, Cr2),
- OFFSET(PsCr3, KPROCESSOR_STATE, Cr3),
- OFFSET(PsCr4, KPROCESSOR_STATE, Cr4),
- OFFSET(PsKernelDr0, KPROCESSOR_STATE, KernelDr0),
- OFFSET(PsKernelDr1, KPROCESSOR_STATE, KernelDr1),
- OFFSET(PsKernelDr2, KPROCESSOR_STATE, KernelDr2),
- OFFSET(PsKernelDr3, KPROCESSOR_STATE, KernelDr3),
- OFFSET(PsKernelDr6, KPROCESSOR_STATE, KernelDr6),
- OFFSET(PsKernelDr7, KPROCESSOR_STATE, KernelDr7),
- OFFSET(PsGdtr, KPROCESSOR_STATE, Gdtr),
- OFFSET(PsIdtr, KPROCESSOR_STATE, Idtr),
- OFFSET(PsTr, KPROCESSOR_STATE, Tr),
- OFFSET(PsLdtr, KPROCESSOR_STATE, Ldtr),
- OFFSET(PsMxCsr, KPROCESSOR_STATE, MxCsr),
- OFFSET(PsContextFrame, KPROCESSOR_STATE, ContextFrame),
- OFFSET(PsDebugControl, KPROCESSOR_STATE, DebugControl),
- OFFSET(PsLastBranchToRip, KPROCESSOR_STATE, LastBranchToRip),
- OFFSET(PsLastBranchFromRip, KPROCESSOR_STATE, LastBranchFromRip),
- OFFSET(PsLastExceptionToRip, KPROCESSOR_STATE, LastExceptionToRip),
- OFFSET(PsLastExceptionFromRip, KPROCESSOR_STATE, LastExceptionFromRip),
- OFFSET(PsCr8, KPROCESSOR_STATE, Cr8),
- SIZE(ProcessorStateLength, KPROCESSOR_STATE),
-
- HEADER("KSTART_FRAME"),
- OFFSET(SfP1Home, KSTART_FRAME, P1Home),
- OFFSET(SfP2Home, KSTART_FRAME, P2Home),
- OFFSET(SfP3Home, KSTART_FRAME, P3Home),
- OFFSET(SfP4Home, KSTART_FRAME, P4Home),
- OFFSET(SfReturn, KSTART_FRAME, Return),
- SIZE(KSTART_FRAME_LENGTH, KSTART_FRAME),
-
- HEADER("KSPECIAL_REGISTERS"),
- OFFSET(SrKernelDr0, KSPECIAL_REGISTERS, KernelDr0),
- OFFSET(SrKernelDr1, KSPECIAL_REGISTERS, KernelDr1),
- OFFSET(SrKernelDr2, KSPECIAL_REGISTERS, KernelDr2),
- OFFSET(SrKernelDr3, KSPECIAL_REGISTERS, KernelDr3),
- OFFSET(SrKernelDr6, KSPECIAL_REGISTERS, KernelDr6),
- OFFSET(SrKernelDr7, KSPECIAL_REGISTERS, KernelDr7),
- OFFSET(SrGdtr, KSPECIAL_REGISTERS, Gdtr),
- OFFSET(SrIdtr, KSPECIAL_REGISTERS, Idtr),
- OFFSET(SrTr, KSPECIAL_REGISTERS, Tr),
- OFFSET(SrMxCsr, KSPECIAL_REGISTERS, MxCsr),
- OFFSET(SrMsrGsBase, KSPECIAL_REGISTERS, MsrGsBase),
- OFFSET(SrMsrGsSwap, KSPECIAL_REGISTERS, MsrGsSwap),
- OFFSET(SrMsrStar, KSPECIAL_REGISTERS, MsrStar),
- OFFSET(SrMsrLStar, KSPECIAL_REGISTERS, MsrLStar),
- OFFSET(SrMsrCStar, KSPECIAL_REGISTERS, MsrCStar),
- OFFSET(SrMsrSyscallMask, KSPECIAL_REGISTERS, MsrSyscallMask),
-
- HEADER("KSYSTEM_TIME"),
- OFFSET(StLowTime, KSYSTEM_TIME, LowTime),
- OFFSET(StHigh1Time, KSYSTEM_TIME, High1Time),
- OFFSET(StHigh2Time, KSYSTEM_TIME, High2Time),
-
- HEADER("KSWITCH_FRAME"),
- OFFSET(SwP5Home, KSWITCH_FRAME, P5Home),
- OFFSET(SwApcBypass, KSWITCH_FRAME, ApcBypass),
- OFFSET(SwRbp, KSWITCH_FRAME, Rbp),
- OFFSET(SwReturn, KSWITCH_FRAME, Return),
- SIZE(SwitchFrameLength, KSWITCH_FRAME),
- SIZE(KSWITCH_FRAME_LENGTH, KSWITCH_FRAME),
-
- HEADER("KTRAP_FRAME"),
- OFFSET(TrP1Home, KTRAP_FRAME, P1Home),
- OFFSET(TrP2Home, KTRAP_FRAME, P2Home),
- OFFSET(TrP3Home, KTRAP_FRAME, P3Home),
- OFFSET(TrP4Home, KTRAP_FRAME, P4Home),
- OFFSET(TrP5, KTRAP_FRAME, P5),
- OFFSET(TrPreviousMode, KTRAP_FRAME, PreviousMode),
- OFFSET(TrPreviousIrql, KTRAP_FRAME, PreviousIrql),
- OFFSET(TrFaultIndicator, KTRAP_FRAME, FaultIndicator),
- OFFSET(TrExceptionActive, KTRAP_FRAME, ExceptionActive),
- OFFSET(TrMxCsr, KTRAP_FRAME, MxCsr),
- OFFSET(TrRax, KTRAP_FRAME, Rax),
- OFFSET(TrRcx, KTRAP_FRAME, Rcx),
- OFFSET(TrRdx, KTRAP_FRAME, Rdx),
- OFFSET(TrR8, KTRAP_FRAME, R8),
- OFFSET(TrR9, KTRAP_FRAME, R9),
- OFFSET(TrR10, KTRAP_FRAME, R10),
- OFFSET(TrR11, KTRAP_FRAME, R11),
- OFFSET(TrGsBase, KTRAP_FRAME, GsBase),
- OFFSET(TrGsSwap, KTRAP_FRAME,GsSwap),
- OFFSET(TrXmm0, KTRAP_FRAME, Xmm0),
- OFFSET(TrXmm1, KTRAP_FRAME, Xmm1),
- OFFSET(TrXmm2, KTRAP_FRAME, Xmm2),
- OFFSET(TrXmm3, KTRAP_FRAME, Xmm3),
- OFFSET(TrXmm4, KTRAP_FRAME, Xmm4),
- OFFSET(TrXmm5, KTRAP_FRAME, Xmm5),
- OFFSET(TrFaultAddress, KTRAP_FRAME, FaultAddress),
- OFFSET(TrTimeStampCKCL, KTRAP_FRAME, TimeStampCKCL),
- OFFSET(TrDr0, KTRAP_FRAME, Dr0),
- OFFSET(TrDr1, KTRAP_FRAME, Dr1),
- OFFSET(TrDr2, KTRAP_FRAME, Dr2),
- OFFSET(TrDr3, KTRAP_FRAME, Dr3),
- OFFSET(TrDr6, KTRAP_FRAME, Dr6),
- OFFSET(TrDr7, KTRAP_FRAME, Dr7),
- OFFSET(TrDebugControl, KTRAP_FRAME, DebugControl),
- OFFSET(TrLastBranchToRip, KTRAP_FRAME, LastBranchToRip),
- OFFSET(TrLastBranchFromRip, KTRAP_FRAME, LastBranchFromRip),
- OFFSET(TrLastExceptionToRip, KTRAP_FRAME, LastExceptionToRip),
- OFFSET(TrLastExceptionFromRip, KTRAP_FRAME, LastExceptionFromRip),
- OFFSET(TrLastBranchControl, KTRAP_FRAME, LastBranchControl),
- OFFSET(TrLastBranchMSR, KTRAP_FRAME, LastBranchMSR),
- OFFSET(TrSegDs, KTRAP_FRAME, SegDs),
- OFFSET(TrSegEs, KTRAP_FRAME, SegEs),
- OFFSET(TrSegFs, KTRAP_FRAME, SegFs),
- OFFSET(TrSegGs, KTRAP_FRAME, SegGs),
- OFFSET(TrTrapFrame, KTRAP_FRAME, TrapFrame),
- OFFSET(TrRbx, KTRAP_FRAME, Rbx),
- OFFSET(TrRdi, KTRAP_FRAME, Rdi),
- OFFSET(TrRsi, KTRAP_FRAME, Rsi),
- OFFSET(TrRbp, KTRAP_FRAME, Rbp),
- OFFSET(TrErrorCode, KTRAP_FRAME, ErrorCode),
- OFFSET(TrTimeStampKlog, KTRAP_FRAME, TimeStampKlog),
- OFFSET(TrRip, KTRAP_FRAME, Rip),
- OFFSET(TrSegCs, KTRAP_FRAME, SegCs),
- OFFSET(TrLogging, KTRAP_FRAME, Logging),
- OFFSET(TrEFlags, KTRAP_FRAME, EFlags),
- OFFSET(TrRsp, KTRAP_FRAME, Rsp),
- OFFSET(TrSegSs, KTRAP_FRAME, SegSs),
- OFFSET(TrCodePatchCycle, KTRAP_FRAME, CodePatchCycle),
- SIZE(KTRAP_FRAME_LENGTH, KTRAP_FRAME),
-
- HEADER("KTIMER_TABLE"),
- OFFSET(TtEntry, KTIMER_TABLE, TimerEntries),
- OFFSET(TtTime, KTIMER_TABLE, Time),
- SIZE(TIMER_ENTRY_SIZE, KTIMER_ENTRY),
- SIZE(TIMER_TABLE_SIZE, KTIMER_TABLE),
- SIZE(KTIMER_TABLE_SIZE, KTIMER_TABLE),
-
- HEADER("KTSS"),
- OFFSET(TssRsp0, TYPE, Rsp0),
- OFFSET(TssRsp1, TYPE, Rsp1),
- OFFSET(TssRsp2, TYPE, Rsp2),
- OFFSET(TssPanicStack, TYPE, PanicStack),
- OFFSET(TssMcaStack, TYPE, McaStack),
- OFFSET(TssNmiStack, TYPE, NmiStack),
- OFFSET(TssIoMapBase, TYPE, IoMapBase),
- SIZE(TssLength, TYPE),
-
+#include "ksamd64.template.h"
#endif
/* End of list */
{TYPE_END, "", 0}
};
-void DummyEntry()
+LONG NTAPI DummyEntry(HANDLE hinstDLL, ULONG fdwReason, PVOID lpvReserved)
{
-
+ return 0;
}
--- /dev/null
+
+HEADER("CR0 flags"),
+CONSTANT(CR0_PE),
+CONSTANT(CR0_MP),
+CONSTANT(CR0_EM),
+CONSTANT(CR0_TS),
+CONSTANT(CR0_ET),
+CONSTANT(CR0_NE),
+CONSTANT(CR0_WP),
+CONSTANT(CR0_AM),
+CONSTANT(CR0_NW),
+CONSTANT(CR0_CD),
+CONSTANT(CR0_PG),
+
+HEADER("CR4 flags"),
+CONSTANT(CR4_VME),
+CONSTANT(CR4_PVI),
+CONSTANT(CR4_TSD),
+CONSTANT(CR4_DE),
+CONSTANT(CR4_PSE),
+CONSTANT(CR4_PAE),
+CONSTANT(CR4_MCE),
+CONSTANT(CR4_PGE),
+CONSTANT(CR4_FXSR),
+CONSTANT(CR4_XMMEXCPT),
+//CONSTANT(CR4_PGE_V),
+//CONSTANT(CR4_XSAVE),
+
+HEADER("KeFeatureBits flags"),
+CONSTANT(KF_RDTSC),
+CONSTANT(KF_CR4),
+CONSTANT(KF_GLOBAL_PAGE),
+CONSTANT(KF_LARGE_PAGE),
+CONSTANT(KF_CMPXCHG8B),
+CONSTANT(KF_FAST_SYSCALL),
+CONSTANT(KF_V86_VIS),
+//CONSTANT(KF_XSTATE),
+
+HEADER("Machine type definitions"),
+CONSTANT(MACHINE_TYPE_ISA),
+CONSTANT(MACHINE_TYPE_EISA),
+CONSTANT(MACHINE_TYPE_MCA),
+
+HEADER("EFLAGS"),
+CONSTANT(EFLAGS_TF),
+CONSTANT(EFLAGS_INTERRUPT_MASK),
+CONSTANT(EFLAGS_V86_MASK),
+CONSTANT(EFLAGS_ALIGN_CHECK),
+CONSTANT(EFLAGS_VIF),
+CONSTANT(EFLAGS_VIP),
+CONSTANT(EFLAGS_USER_SANITIZE),
+
+HEADER("KDGT selectors"),
+CONSTANT(KGDT_R3_DATA),
+CONSTANT(KGDT_R3_CODE),
+CONSTANT(KGDT_R0_CODE),
+CONSTANT(KGDT_R0_DATA),
+CONSTANT(KGDT_R0_PCR),
+//CONSTANT(KGDT_STACK16),
+//CONSTANT(KGDT_CODE16),
+CONSTANT(KGDT_TSS),
+CONSTANT(KGDT_R3_TEB),
+CONSTANT(KGDT_DF_TSS),
+CONSTANT(KGDT_NMI_TSS),
+CONSTANT(KGDT_LDT),
+
+CONSTANT(NPX_STATE_NOT_LOADED),
+CONSTANT(NPX_STATE_LOADED),
+//CONSTANT(NPX_MASK_LAZY),
+
+/*
+HEADER("VDM constants"),
+CONSTANT(VDM_INDEX_Invalid),
+CONSTANT(VDM_INDEX_0F),
+CONSTANT(VDM_INDEX_ESPrefix),
+CONSTANT(VDM_INDEX_CSPrefix),
+CONSTANT(VDM_INDEX_SSPrefix),
+CONSTANT(VDM_INDEX_DSPrefix),
+CONSTANT(VDM_INDEX_FSPrefix),
+CONSTANT(VDM_INDEX_GSPrefix),
+CONSTANT(VDM_INDEX_OPER32Prefix),
+CONSTANT(VDM_INDEX_ADDR32Prefix),
+CONSTANT(VDM_INDEX_INSB),
+CONSTANT(VDM_INDEX_INSW),
+CONSTANT(VDM_INDEX_OUTSB),
+CONSTANT(VDM_INDEX_OUTSW),
+CONSTANT(VDM_INDEX_PUSHF),
+CONSTANT(VDM_INDEX_POPF),
+CONSTANT(VDM_INDEX_INTnn),
+CONSTANT(VDM_INDEX_INTO),
+CONSTANT(VDM_INDEX_IRET),
+CONSTANT(VDM_INDEX_NPX),
+CONSTANT(VDM_INDEX_INBimm),
+CONSTANT(VDM_INDEX_INWimm),
+CONSTANT(VDM_INDEX_OUTBimm),
+CONSTANT(VDM_INDEX_OUTWimm),
+CONSTANT(VDM_INDEX_INB),
+CONSTANT(VDM_INDEX_INW),
+CONSTANT(VDM_INDEX_OUTB),
+CONSTANT(VDM_INDEX_OUTW),
+CONSTANT(VDM_INDEX_LOCKPrefix),
+CONSTANT(VDM_INDEX_REPNEPrefix),
+CONSTANT(VDM_INDEX_REPPrefix),
+CONSTANT(VDM_INDEX_CLI),
+CONSTANT(VDM_INDEX_STI),
+CONSTANT(VDM_INDEX_HLT),
+CONSTANT(MAX_VDM_INDEX),
+*/
+CONSTANT(PF_XMMI_INSTRUCTIONS_AVAILABLE),
+CONSTANT(EFLAG_SELECT),
+//CONSTANT(IPI_FREEZE),
+//CONSTANT(XSAVE_PRESENT),
+
+HEADER("CONTEXT"),
+OFFSET(CsContextFlags, CONTEXT, ContextFlags),
+OFFSET(CsDr0, CONTEXT, Dr0),
+OFFSET(CsDr1, CONTEXT, Dr1),
+OFFSET(CsDr2, CONTEXT, Dr2),
+OFFSET(CsDr3, CONTEXT, Dr3),
+OFFSET(CsDr6, CONTEXT, Dr6),
+OFFSET(CsDr7, CONTEXT, Dr7),
+OFFSET(CsFloatSave, CONTEXT, FloatSave),
+OFFSET(CsSegGs, CONTEXT, SegGs),
+OFFSET(CsSegFs, CONTEXT, SegFs),
+OFFSET(CsSegEs, CONTEXT, SegEs),
+OFFSET(CsSegDs, CONTEXT, SegDs),
+OFFSET(CsEdi, CONTEXT, Edi),
+OFFSET(CsEsi, CONTEXT, Esi),
+OFFSET(CsEbx, CONTEXT, Ebx),
+OFFSET(CsEdx, CONTEXT, Edx),
+OFFSET(CsEcx, CONTEXT, Ecx),
+OFFSET(CsEax, CONTEXT, Eax),
+OFFSET(CsEbp, CONTEXT, Ebp),
+OFFSET(CsEip, CONTEXT, Eip),
+OFFSET(CsSegCs, CONTEXT, SegCs),
+OFFSET(CsEflags, CONTEXT, EFlags),
+OFFSET(CsEsp, CONTEXT, Esp),
+OFFSET(CsSegSs, CONTEXT, SegSs),
+OFFSET(CsExtendedRegisters, CONTEXT, ExtendedRegisters),
+SIZE(ContextFrameLength, CONTEXT),
+SIZE(CONTEXT_LENGTH, CONTEXT),
+
+HEADER("KGDTENTRY"),
+OFFSET(KgdtBaseLow, KGDTENTRY, BaseLow),
+OFFSET(KgdtBaseMid, KGDTENTRY, HighWord.Bytes.BaseMid),
+OFFSET(KgdtBaseHi, KGDTENTRY, HighWord.Bytes.BaseHi),
+OFFSET(KgdtLimitHi, KGDTENTRY, HighWord.Bytes.Flags2),
+OFFSET(KgdtLimitLow, KGDTENTRY, LimitLow),
+
+HEADER("KTRAP_FRAME"),
+OFFSET(TsExceptionList, KTRAP_FRAME, ExceptionList),
+OFFSET(TsPreviousPreviousMode, KTRAP_FRAME, PreviousPreviousMode),
+OFFSET(TsSegGs, KTRAP_FRAME, SegGs),
+OFFSET(TsSegFs, KTRAP_FRAME, SegFs),
+OFFSET(TsSegEs, KTRAP_FRAME, SegEs),
+OFFSET(TsSegDs, KTRAP_FRAME, SegDs),
+OFFSET(TsEdi, KTRAP_FRAME, Edi),
+OFFSET(TsEsi, KTRAP_FRAME, Esi),
+OFFSET(TsEbp, KTRAP_FRAME, Ebp),
+OFFSET(TsEbx, KTRAP_FRAME, Ebx),
+OFFSET(TsEdx, KTRAP_FRAME, Edx),
+OFFSET(TsEcx, KTRAP_FRAME, Ecx),
+OFFSET(TsEax, KTRAP_FRAME, Eax),
+OFFSET(TsErrCode, KTRAP_FRAME, ErrCode),
+OFFSET(TsEip, KTRAP_FRAME, Eip),
+OFFSET(TsSegCs, KTRAP_FRAME, SegCs),
+OFFSET(TsEflags, KTRAP_FRAME, EFlags),
+OFFSET(TsHardwareEsp, KTRAP_FRAME, HardwareEsp),
+OFFSET(TsHardwareSegSs, KTRAP_FRAME, HardwareSegSs),
+OFFSET(TsTempSegCs, KTRAP_FRAME, TempSegCs),
+//OFFSET(TsLogging, KTRAP_FRAME, Logging),
+OFFSET(TsTempEsp, KTRAP_FRAME, TempEsp),
+OFFSET(TsDbgEbp, KTRAP_FRAME, DbgEbp),
+OFFSET(TsDbgEip, KTRAP_FRAME, DbgEip),
+OFFSET(TsDbgArgMark, KTRAP_FRAME, DbgArgMark),
+OFFSET(TsDbgArgPointer, KTRAP_FRAME, DbgArgPointer),
+OFFSET(TsDr0, KTRAP_FRAME, Dr0),
+OFFSET(TsDr1, KTRAP_FRAME, Dr1),
+OFFSET(TsDr2, KTRAP_FRAME, Dr2),
+OFFSET(TsDr3, KTRAP_FRAME, Dr3),
+OFFSET(TsDr6, KTRAP_FRAME, Dr6),
+OFFSET(TsDr7, KTRAP_FRAME, Dr7),
+OFFSET(TsV86Es, KTRAP_FRAME, V86Es),
+OFFSET(TsV86Ds, KTRAP_FRAME, V86Ds),
+OFFSET(TsV86Fs, KTRAP_FRAME, V86Fs),
+OFFSET(TsV86Gs, KTRAP_FRAME, V86Gs),
+SIZE(KTRAP_FRAME_LENGTH, KTRAP_FRAME),
+CONSTANT(KTRAP_FRAME_ALIGN),
+CONSTANT(FRAME_EDITED),
+
+HEADER("KTSS"),
+OFFSET(TssEsp0, KTSS, Esp0),
+OFFSET(TssCR3, KTSS, CR3),
+OFFSET(TssEip, KTSS, Eip),
+OFFSET(TssEFlags, KTSS, EFlags),
+OFFSET(TssEax, KTSS, Eax),
+OFFSET(TssEbx, KTSS, Ebx),
+OFFSET(TssEcx, KTSS, Ecx),
+OFFSET(TssEdx, KTSS, Edx),
+OFFSET(TssEsp, KTSS, Esp),
+OFFSET(TssEbp, KTSS, Ebp),
+OFFSET(TssEsi, KTSS, Esi),
+OFFSET(TssEdi, KTSS, Edi),
+OFFSET(TssEs, KTSS, Es),
+OFFSET(TssCs, KTSS, Cs),
+OFFSET(TssSs, KTSS, Ss),
+OFFSET(TssDs, KTSS, Ds),
+OFFSET(TssFs, KTSS, Fs),
+OFFSET(TssGs, KTSS, Gs),
+OFFSET(TssLDT, KTSS, LDT),
+OFFSET(TssIoMapBase, KTSS, IoMapBase),
+OFFSET(TssIoMaps, KTSS, IoMaps),
+SIZE(TssLength, KTSS),
--- /dev/null
+
+
+HEADER("CR0 flags"),
+CONSTANT(CR0_PE),
+CONSTANT(CR0_MP),
+CONSTANT(CR0_EM),
+CONSTANT(CR0_TS),
+CONSTANT(CR0_ET),
+CONSTANT(CR0_NE),
+CONSTANT(CR0_WP),
+CONSTANT(CR0_AM),
+CONSTANT(CR0_NW),
+CONSTANT(CR0_CD),
+CONSTANT(CR0_PG),
+
+HEADER("CR4 flags"),
+CONSTANT(CR4_VME),
+CONSTANT(CR4_PVI),
+CONSTANT(CR4_TSD),
+CONSTANT(CR4_DE),
+CONSTANT(CR4_PSE),
+CONSTANT(CR4_PAE),
+CONSTANT(CR4_MCE),
+CONSTANT(CR4_PGE),
+CONSTANT(CR4_FXSR),
+CONSTANT(CR4_XMMEXCPT),
+CONSTANT(CR4_CHANNELS),
+
+HEADER("KeFeatureBits flags"),
+CONSTANT(KF_RDTSC),
+CONSTANT(KF_CR4),
+CONSTANT(KF_GLOBAL_PAGE),
+CONSTANT(KF_LARGE_PAGE),
+CONSTANT(KF_CMPXCHG8B),
+CONSTANT(KF_FAST_SYSCALL),
+
+HEADER("Machine type definitions"),
+CONSTANT(MACHINE_TYPE_ISA),
+CONSTANT(MACHINE_TYPE_EISA),
+CONSTANT(MACHINE_TYPE_MCA),
+
+#endif
+HEADER("EFLAGS"),
+CONSTANT(EFLAGS_TF_MASK),
+CONSTANT(EFLAGS_TF_SHIFT),
+CONSTANT(EFLAGS_IF_MASK),
+CONSTANT(EFLAGS_IF_SHIFT),
+CONSTANT(EFLAGS_ID_MASK),
+
+HEADER("Hypervisor Enlightenment Definitions"),
+CONSTANT(HV_MMU_USE_HYPERCALL_FOR_ADDRESS_SWITCH),
+CONSTANT(HV_MMU_USE_HYPERCALL_FOR_LOCAL_FLUSH),
+CONSTANT(HV_MMU_USE_HYPERCALL_FOR_REMOTE_FLUSH),
+CONSTANT(HV_X64_MSR_APIC_EOI),
+CONSTANT(HV_APIC_ENLIGHTENED),
+CONSTANT(HV_KE_USE_HYPERCALL_FOR_LONG_SPIN_WAIT),
+CONSTANT(HV_VIRTUAL_APIC_NO_EOI_REQUIRED_V),
+CONSTANT(HvApicFlags),
+
+HEADER("KDGT selectors"),
+CONSTANT(KGDT64_NULL),
+CONSTANT(KGDT64_R0_CODE),
+CONSTANT(KGDT64_R0_DATA),
+CONSTANT(KGDT64_R3_CMCODE),
+CONSTANT(KGDT64_R3_DATA),
+CONSTANT(KGDT64_R3_CODE),
+CONSTANT(KGDT64_SYS_TSS),
+CONSTANT(KGDT64_R3_CMTEB),
+
+HEADER("Machine Specific Register Numbers"),
+CONSTANT(MSR_EFER),
+CONSTANT(MSR_STAR),
+CONSTANT(MSR_LSTAR),
+CONSTANT(MSR_CSTAR),
+CONSTANT(MSR_SYSCALL_MASK),
+CONSTANT(MSR_FS_BASE),
+CONSTANT(MSR_GS_BASE),
+CONSTANT(MSR_GS_SWAP),
+CONSTANT(MSR_MCG_STATUS),
+CONSTANT(MSR_AMD_ACCESS),
+
+HEADER("Flags for MSR_EFER"),
+CONSTANT(MSR_LMA),
+CONSTANT(MSR_LME),
+CONSTANT(MSR_SCE),
+CONSTANT(MSR_NXE),
+CONSTANT(MSR_PAT),
+CONSTANT(MSR_DEGUG_CTL),
+CONSTANT(MSR_LAST_BRANCH_FROM),
+CONSTANT(MSR_LAST_BRANCH_TO),
+CONSTANT(MSR_LAST_EXCEPTION_FROM),
+CONSTANT(MSR_LAST_EXCEPTION_TO),
+
+HEADER("Flags for MSR_DEGUG_CTL"),
+CONSTANT(MSR_DEBUG_CTL_LBR),
+CONSTANT(MSR_DEBUG_CRL_BTF),
+
+#if 0
+HEADER("Fatal exception codes"),
+CONSTANT(EXCEPTION_DIVIDED_BY_ZERO),
+CONSTANT(EXCEPTION_DEBUG),
+CONSTANT(EXCEPTION_NMI),
+CONSTANT(EXCEPTION_INT3),
+CONSTANT(EXCEPTION_BOUND_CHECK),
+CONSTANT(EXCEPTION_INVALID_OPCODE),
+CONSTANT(EXCEPTION_NPX_NOT_AVAILABLE),
+CONSTANT(EXCEPTION_DOUBLE_FAULT),
+CONSTANT(EXCEPTION_NPX_OVERRUN),
+CONSTANT(EXCEPTION_INVALID_TSS),
+CONSTANT(EXCEPTION_SEGMENT_NOT_PRESENT),
+CONSTANT(EXCEPTION_STACK_FAULT),
+CONSTANT(EXCEPTION_GP_FAULT),
+CONSTANT(EXCEPTION_RESERVED_TRAP),
+CONSTANT(EXCEPTION_NPX_ERROR),
+CONSTANT(EXCEPTION_ALIGNMENT_CHECK),
+#endif
+
+HEADER("Argument Home Address"),
+OFFSET(P1Home, CONTEXT, P1Home),
+OFFSET(P2Home, CONTEXT, P1Home),
+OFFSET(P3Home, CONTEXT, P1Home),
+OFFSET(P4Home, CONTEXT, P1Home),
+
+HEADER("CONTEXT"),
+OFFSET(CxP1Home, CONTEXT, P1Home),
+OFFSET(CxP2Home, CONTEXT, P2Home),
+OFFSET(CxP3Home, CONTEXT, P3Home),
+OFFSET(CxP4Home, CONTEXT, P4Home),
+OFFSET(CxP5Home, CONTEXT, P5Home),
+OFFSET(CxP6Home, CONTEXT, P6Home),
+OFFSET(CxContextFlags, CONTEXT, ContextFlags),
+OFFSET(CxMxCsr, CONTEXT, MxCsr),
+OFFSET(CxSegCs, CONTEXT, SegCs),
+OFFSET(CxSegDs, CONTEXT, SegDs),
+OFFSET(CxSegEs, CONTEXT, SegEs),
+OFFSET(CxSegFs, CONTEXT, SegFs),
+OFFSET(CxSegGs, CONTEXT, SegGs),
+OFFSET(CxSegSs, CONTEXT, SegSs),
+OFFSET(CxEFlags, CONTEXT, EFlags),
+OFFSET(CxDr0, CONTEXT, Dr0),
+OFFSET(CxDr1, CONTEXT, Dr1),
+OFFSET(CxDr2, CONTEXT, Dr2),
+OFFSET(CxDr3, CONTEXT, Dr3),
+OFFSET(CxDr6, CONTEXT, Dr6),
+OFFSET(CxDr7, CONTEXT, Dr7),
+OFFSET(CxRax, CONTEXT, Rax),
+OFFSET(CxRcx, CONTEXT, Rcx),
+OFFSET(CxRdx, CONTEXT, Rdx),
+OFFSET(CxRbx, CONTEXT, Rbx),
+OFFSET(CxRsp, CONTEXT, Rsp),
+OFFSET(CxRbp, CONTEXT, Rbp),
+OFFSET(CxRsi, CONTEXT, Rsi),
+OFFSET(CxRdi, CONTEXT, Rdi),
+OFFSET(CxR8, CONTEXT, R8),
+OFFSET(CxR9, CONTEXT, R9),
+OFFSET(CxR10, CONTEXT, R10),
+OFFSET(CxR11, CONTEXT, R11),
+OFFSET(CxR12, CONTEXT, R12),
+OFFSET(CxR13, CONTEXT, R13),
+OFFSET(CxR14, CONTEXT, R14),
+OFFSET(CxR15, CONTEXT, R15),
+OFFSET(CxRip, CONTEXT, Rip),
+OFFSET(CxFltSave, CONTEXT, FltSave),
+OFFSET(CxXmm0, CONTEXT, Xmm0),
+OFFSET(CxXmm1, CONTEXT, Xmm1),
+OFFSET(CxXmm2, CONTEXT, Xmm2),
+OFFSET(CxXmm3, CONTEXT, Xmm3),
+OFFSET(CxXmm4, CONTEXT, Xmm4),
+OFFSET(CxXmm5, CONTEXT, Xmm5),
+OFFSET(CxXmm6, CONTEXT, Xmm6),
+OFFSET(CxXmm7, CONTEXT, Xmm7),
+OFFSET(CxXmm8, CONTEXT, Xmm8),
+OFFSET(CxXmm9, CONTEXT, Xmm9),
+OFFSET(CxXmm10, CONTEXT, Xmm10),
+OFFSET(CxXmm11, CONTEXT, Xmm11),
+OFFSET(CxXmm12, CONTEXT, Xmm12),
+OFFSET(CxXmm13, CONTEXT, Xmm13),
+OFFSET(CxXmm14, CONTEXT, Xmm14),
+OFFSET(CxXmm15, CONTEXT, Xmm15),
+OFFSET(CxDebugControl, CONTEXT, DebugControl),
+OFFSET(CxLastBranchToRip, CONTEXT, LastBranchToRip),
+OFFSET(CxLastBranchFromRip, CONTEXT, LastBranchFromRip),
+OFFSET(CxLastExceptionToRip, CONTEXT, LastExceptionToRip),
+OFFSET(CxLastExceptionFromRip, CONTEXT, LastExceptionFromRip),
+OFFSET(CxVectorControl, CONTEXT, VectorControl),
+OFFSET(CxVectorRegister, CONTEXT, VectorRegister),
+SIZE(CONTEXT_FRAME_LENGTH, CONTEXT),
+
+HEADER("DISPATCHER_CONTEXT"),
+OFFSET(DcControlPc, TYPE, ControlPc),
+OFFSET(DcImageBase, TYPE, ImageBase),
+OFFSET(DcFunctionEntry, TYPE, FunctionEntry),
+OFFSET(DcEstablisherFrame, TYPE, EstablisherFrame),
+OFFSET(DcTargetIp, TYPE, TargetIp),
+OFFSET(DcContextRecord, TYPE, ContextRecord),
+OFFSET(DcLanguageHandler, TYPE, LanguageHandler),
+OFFSET(DcHandlerData, TYPE, HandlerData),
+OFFSET(DcHistoryTable, TYPE, HistoryTable),
+OFFSET(DcScopeIndex, TYPE, ScopeIndex),
+
+HEADER("KEXCEPTION_FRAME"),
+OFFSET(ExP1Home, KEXCEPTION_FRAME, P1Home),
+OFFSET(ExP2Home, KEXCEPTION_FRAME, P2Home),
+OFFSET(ExP3Home, KEXCEPTION_FRAME, P3Home),
+OFFSET(ExP4Home, KEXCEPTION_FRAME, P4Home),
+OFFSET(ExP5, KEXCEPTION_FRAME, P5),
+OFFSET(ExXmm6, KEXCEPTION_FRAME, Xmm6),
+OFFSET(ExXmm7, KEXCEPTION_FRAME, Xmm7),
+OFFSET(ExXmm8, KEXCEPTION_FRAME, Xmm8),
+OFFSET(ExXmm9, KEXCEPTION_FRAME, Xmm9),
+OFFSET(ExXmm10, KEXCEPTION_FRAME, Xmm10),
+OFFSET(ExXmm11, KEXCEPTION_FRAME, Xmm11),
+OFFSET(ExXmm12, KEXCEPTION_FRAME, Xmm12),
+OFFSET(ExXmm13, KEXCEPTION_FRAME, Xmm13),
+OFFSET(ExXmm14, KEXCEPTION_FRAME, Xmm14),
+OFFSET(ExXmm15, KEXCEPTION_FRAME, Xmm15),
+OFFSET(ExMxCsr, KEXCEPTION_FRAME, MxCsr),
+OFFSET(ExRbp, KEXCEPTION_FRAME, Rbp),
+OFFSET(ExRbx, KEXCEPTION_FRAME, Rbx),
+OFFSET(ExRdi, KEXCEPTION_FRAME, Rdi),
+OFFSET(ExRsi, KEXCEPTION_FRAME, Rsi),
+OFFSET(ExR12, KEXCEPTION_FRAME, R12),
+OFFSET(ExR13, KEXCEPTION_FRAME, R13),
+OFFSET(ExR14, KEXCEPTION_FRAME, R14),
+OFFSET(ExR15, KEXCEPTION_FRAME, R15),
+OFFSET(ExReturn, KEXCEPTION_FRAME, Return),
+OFFSET(CuInitialStack, KEXCEPTION_FRAME, InitialStack),
+OFFSET(CuTrapFrame, KEXCEPTION_FRAME, TrapFrame),
+OFFSET(CuCallbackStack, KEXCEPTION_FRAME, CallbackStack),
+OFFSET(CuOutputBuffer, KEXCEPTION_FRAME, OutputBuffer),
+OFFSET(CuOutputLength, KEXCEPTION_FRAME, OutputLength),
+SIZE(KEXCEPTION_FRAME_LENGTH, KEXCEPTION_FRAME),
+
+HEADER("JUMP_BUFFER"),
+OFFSET(JbFrame, JUMP_BUFFER, Frame),
+OFFSET(JbRbx, JUMP_BUFFER, Rbx),
+OFFSET(JbRsp, JUMP_BUFFER, Rsp),
+OFFSET(JbRbp, JUMP_BUFFER, Rbp),
+OFFSET(JbRsi, JUMP_BUFFER, Rsi),
+OFFSET(JbRdi, JUMP_BUFFER, Rdi),
+OFFSET(JbR12, JUMP_BUFFER, R12),
+OFFSET(JbR13, JUMP_BUFFER, R13),
+OFFSET(JbR14, JUMP_BUFFER, R14),
+OFFSET(JbR15, JUMP_BUFFER, R15),
+OFFSET(JbRip, JUMP_BUFFER, Rip),
+OFFSET(JbMxCsr, JUMP_BUFFER, MxCsr),
+OFFSET(JbFpCsr, JUMP_BUFFER, FpCsr),
+OFFSET(JbXmm6, JUMP_BUFFER, Xmm6),
+OFFSET(JbXmm7, JUMP_BUFFER, Xmm7),
+OFFSET(JbXmm8, JUMP_BUFFER, Xmm8),
+OFFSET(JbXmm9, JUMP_BUFFER, Xmm9),
+OFFSET(JbXmm10, JUMP_BUFFER, Xmm10),
+OFFSET(JbXmm11, JUMP_BUFFER, Xmm11),
+OFFSET(JbXmm12, JUMP_BUFFER, Xmm12),
+OFFSET(JbXmm13, JUMP_BUFFER, Xmm13),
+OFFSET(JbXmm14, JUMP_BUFFER, Xmm14),
+OFFSET(JbXmm15, JUMP_BUFFER, Xmm15),
+
+HEADER("KGDT64"),
+OFFSET(KgdtBaseLow, KGDT64, BaseLow),
+OFFSET(KgdtBaseMiddle, KGDT64, BaseMiddle),
+OFFSET(KgdtBaseHigh, KGDT64, BaseHigh),
+OFFSET(KgdtBaseUpper, KGDT64, BaseUpper),
+OFFSET(KgdtLimitHigh, KGDT64, LimitHigh),
+OFFSET(KgdtLimitLow, KGDT64, LimitLow),
+CONSTANT(KGDT_LIMIT_ENCODE_MASK),
+
+HEADER("KPRCB"),
+OFFSET(PbMxCsr, KPRCB, MxCsr),
+OFFSET(PbNumber, KPRCB, Number),
+OFFSET(PbInterruptRequest, KPRCB, InterruptRequest),
+OFFSET(PbIdleHalt, KPRCB, IdleHalt),
+OFFSET(PbCurrentThread, KPRCB, CurrentThread),
+OFFSET(PbNextThread, KPRCB, NextThread),
+OFFSET(PbIdleThread, KPRCB, IdleThread),
+OFFSET(PbNestingLevel, KPRCB, NestingLevel),
+OFFSET(PbRspBase, KPRCB, RspBase),
+OFFSET(PbPrcbLock, KPRCB, PrcbLock),
+OFFSET(PbSetMember, KPRCB, SetMember),
+OFFSET(PbProcessorState, KPRCB, ProcessorState),
+OFFSET(PbCpuType, KPRCB, CpuType),
+OFFSET(PbCpuID, KPRCB, CpuID),
+OFFSET(PbCpuStep, KPRCB, CpuStep),
+OFFSET(PbHalReserved, KPRCB, HalReserved),
+OFFSET(PbMinorVersion, KPRCB, MinorVersion),
+OFFSET(PbMajorVersion, KPRCB, MajorVersion),
+OFFSET(PbBuildType, KPRCB, BuildType),
+OFFSET(PbCpuVendor, KPRCB, CpuVendor),
+OFFSET(PbCoresPerPhysicalProcessor, KPRCB, CoresPerPhysicalProcessor),
+OFFSET(PbLogicalProcessorsPerCore, KPRCB, LogicalProcessorsPerCore),
+OFFSET(PbApicMask, KPRCB, ApicMask),
+OFFSET(PbCFlushSize, KPRCB, CFlushSize),
+OFFSET(PbAcpiReserved, KPRCB, AcpiReserved),
+OFFSET(PbInitialApicId, KPRCB, InitialApicId),
+OFFSET(PbStride, KPRCB, Stride),
+OFFSET(PbLockQueue, KPRCB, LockQueue),
+OFFSET(PbPPLookasideList, KPRCB, PPLookasideList),
+OFFSET(PbPPNPagedLookasideList, KPRCB, PPNPagedLookasideList),
+OFFSET(PbPPPagedLookasideList, KPRCB, PPPagedLookasideList),
+OFFSET(PbPacketBarrier, KPRCB, PacketBarrier),
+OFFSET(PbDeferredReadyListHead, KPRCB, DeferredReadyListHead),
+OFFSET(PbLookasideIrpFloat, KPRCB, LookasideIrpFloat),
+OFFSET(PbSystemCalls, KPRCB, SystemCalls),
+OFFSET(PbReadOperationCount, KPRCB, ReadOperationCount),
+OFFSET(PbWriteOperationCount, KPRCB, WriteOperationCount),
+OFFSET(PbOtherOperationCount, KPRCB, OtherOperationCount),
+OFFSET(PbReadTransferCount, KPRCB, ReadTransferCount),
+OFFSET(PbWriteTransferCount, KPRCB, WriteTransferCount),
+OFFSET(PbOtherTransferCount, KPRCB, OtherTransferCount),
+OFFSET(PbContextSwitches, KPRCB, ContextSwitches),
+OFFSET(PbTargetSet, KPRCB, TargetSet),
+OFFSET(PbIpiFrozen, KPRCB, IpiFrozen),
+OFFSET(PbRequestMailbox, KPRCB, RequestMailbox),
+OFFSET(PbSenderSummary, KPRCB, SenderSummary),
+OFFSET(PbDpcListHead, KPRCB, DpcListHead),
+OFFSET(PbDpcLock, KPRCB, DpcLock),
+OFFSET(PbDpcQueueDepth, KPRCB, DpcQueueDepth),
+OFFSET(PbDpcCount, KPRCB, DpcCount),
+OFFSET(PbDpcStack, KPRCB, DpcStack),
+OFFSET(PbMaximumDpcQueueDepth, KPRCB, MaximumDpcQueueDepth),
+OFFSET(PbDpcRequestRate, KPRCB, DpcRequestRate),
+OFFSET(PbMinimumDpcRate, KPRCB, MinimumDpcRate),
+OFFSET(PbDpcInterruptRequested, KPRCB, DpcInterruptRequested),
+OFFSET(PbDpcThreadRequested, KPRCB, DpcThreadRequested),
+OFFSET(PbDpcRoutineActive, KPRCB, DpcRoutineActive),
+OFFSET(PbDpcThreadActive, KPRCB, DpcThreadActive),
+OFFSET(PbTimerHand, KPRCB, TimerHand),
+OFFSET(PbTimerRequest, KPRCB, TimerRequest),
+OFFSET(PbTickOffset, KPRCB, TickOffset),
+OFFSET(PbMasterOffset, KPRCB, MasterOffset),
+OFFSET(PbDpcLastCount, KPRCB, DpcLastCount),
+OFFSET(PbQuantumEnd, KPRCB, QuantumEnd),
+OFFSET(PbDpcSetEventRequest, KPRCB, DpcSetEventRequest),
+OFFSET(PbIdleSchedule, KPRCB, IdleSchedule),
+OFFSET(PbReadySummary, KPRCB, ReadySummary),
+OFFSET(PbDispatcherReadyListHead, KPRCB, DispatcherReadyListHead),
+OFFSET(PbInterruptCount, KPRCB, InterruptCount),
+OFFSET(PbKernelTime, KPRCB, KernelTime),
+OFFSET(PbUserTime, KPRCB, UserTime),
+OFFSET(PbDpcTime, KPRCB, DpcTime),
+OFFSET(PbInterruptTime, KPRCB, InterruptTime),
+OFFSET(PbAdjustDpcThreshold, KPRCB, AdjustDpcThreshold),
+OFFSET(PbSkipTick, KPRCB, SkipTick),
+OFFSET(PbPollSlot, KPRCB, PollSlot),
+OFFSET(PbParentNode, KPRCB, ParentNode),
+OFFSET(PbMultiThreadProcessorSet, KPRCB, MultiThreadProcessorSet),
+OFFSET(PbMultiThreadSetMaster, KPRCB, MultiThreadSetMaster),
+OFFSET(PbStartCycles, KPRCB, StartCycles),
+OFFSET(PbPageColor, KPRCB, PageColor),
+OFFSET(PbNodeColor, KPRCB, NodeColor),
+OFFSET(PbNodeShiftedColor, KPRCB,NodeShiftedColor),
+OFFSET(PbSecondaryColorMask, KPRCB, SecondaryColorMask),
+OFFSET(PbSleeping, KPRCB, Sleeping),
+OFFSET(PbCycleTime, KPRCB, CycleTime),
+OFFSET(PbFastReadNoWait, KPRCB, FastReadNoWait),
+OFFSET(PbFastReadWait, KPRCB, FastReadWait),
+OFFSET(PbFastReadNotPossible, KPRCB, FastReadNotPossible),
+OFFSET(PbCopyReadNoWait, KPRCB, CopyReadNoWait),
+OFFSET(PbCopyReadWait, KPRCB, CopyReadWait),
+OFFSET(PbCopyReadNoWaitMiss, KPRCB, CopyReadNoWaitMiss),
+OFFSET(PbAlignmentFixupCount, KPRCB, AlignmentFixupCount),
+OFFSET(PbExceptionDispatchCount, KPRCB, ExceptionDispatchCount),
+OFFSET(PbVendorString, KPRCB, VendorString),
+OFFSET(PbPowerState, KPRCB, PowerState),
+SIZE(ProcessorBlockLength, KPRCB),
+
+HEADER("KPCR"),
+OFFSET(PcGdt, KPCR, Gdt),
+OFFSET(PcTss, KPCR, Tss),
+OFFSET(PcUserRsp, KPCR, UserRsp),
+OFFSET(PcSelf, KPCR, Self),
+OFFSET(PcCurrentPrcb, KPCR, CurrentPrcb),
+OFFSET(PcLockArray, KPCR, LockArray),
+OFFSET(PcTeb, KPCR, Teb),
+OFFSET(PcIdt, KPCR, Idt),
+OFFSET(PcIrql, KPCR, Irql),
+OFFSET(PcStallScaleFactor, KPCR, StallScaleFactor),
+OFFSET(PcHalReserved, KPCR, HalReserved),
+OFFSET(PcPrcb, KPCR, Prcb),
+OFFSET(PcMxCsr, KPCR, MxCsr),
+OFFSET(PcNumber, KPCR, Number),
+OFFSET(PcInterruptRequest, KPCR, InterruptRequest),
+OFFSET(PcIdleHalt, KPCR, IdleHalt),
+OFFSET(PcCurrentThread, KPCR, CurrentThread),
+OFFSET(PcNextThread, KPCR, NextThread),
+OFFSET(PcIdleThread, KPCR, IdleThread),
+OFFSET(PcIpiFrozen, KPCR, IpiFrozen),
+OFFSET(PcNestingLevel, KPCR, NestingLevel),
+OFFSET(PcRspBase, KPCR, RspBase),
+OFFSET(PcPrcbLock, KPCR, PrcbLock),
+OFFSET(PcSetMember, KPCR, SetMember),
+OFFSET(PcCr0, KPCR, Cr0),
+OFFSET(PcCr2, KPCR, Cr2),
+OFFSET(PcCr3, KPCR, Cr3),
+OFFSET(PcCr4, KPCR, Cr4),
+OFFSET(PcKernelDr0, KPCR, KernelDr0),
+OFFSET(PcKernelDr1, KPCR, KernelDr1),
+OFFSET(PcKernelDr2, KPCR, KernelDr2),
+OFFSET(PcKernelDr3, KPCR, KernelDr3),
+OFFSET(PcKernelDr7, KPCR, KernelDr7),
+OFFSET(PcGdtrLimit, KPCR, GdtrLimit),
+OFFSET(PcGdtrBase, KPCR, GdtrBase),
+OFFSET(PcIdtrLimit, KPCR, IdtrLimit),
+OFFSET(PcIdtrBase, KPCR, IdtrBase),
+OFFSET(PcTr, KPCR, Tr),
+OFFSET(PcLdtr, KPCR, Ldtr),
+OFFSET(PcDebugControl, KPCR, DebugControl),
+OFFSET(PcLastBranchToRip, KPCR, LastBranchToRip),
+OFFSET(PcLastBranchFromRip, KPCR, LastBranchFromRip),
+OFFSET(PcLastExceptionToRip, KPCR, LastExceptionToRip),
+OFFSET(PcLastExceptionFromRip, KPCR, LastExceptionFromRip),
+OFFSET(PcCr8, KPCR, Cr8),
+OFFSET(PcCpuType, KPCR, CpuType),
+OFFSET(PcCpuID, KPCR, CpuID),
+OFFSET(PcCpuStep, KPCR, CpuStep),
+OFFSET(PcCpuVendor, KPCR, CpuVendor),
+OFFSET(PcVirtualApicAssist, KPCR, VirtualApicAssist),
+OFFSET(PcCFlushSize, KPCR, CFlushSize),
+OFFSET(PcDeferredReadyListHead, KPCR, DeferredReadyListHead),
+OFFSET(PcSystemCalls, KPCR, SystemCalls),
+OFFSET(PcDpcRoutineActive, KPCR, DpcRoutineActive),
+OFFSET(PcInterruptCount, KPCR, InterruptCount),
+OFFSET(PcDebuggerSavedIRQL, KPCR, DebuggerSavedIRQL),
+OFFSET(PcTickOffset, KPCR, TickOffset),
+OFFSET(PcMasterOffset, KPCR, MasterOffset),
+OFFSET(PcSkipTick, KPCR, SkipTick),
+OFFSET(PcStartCycles, KPCR, StartCycles),
+SIZE(ProcessorControlRegisterLength, KPCR),
+
+HEADER("KPROCESSOR_STATE"),
+OFFSET(PsSpecialRegisters, KPROCESSOR_STATE, SpecialRegisters),
+OFFSET(PsCr0, KPROCESSOR_STATE, Cr0),
+OFFSET(PsCr2, KPROCESSOR_STATE, Cr2),
+OFFSET(PsCr3, KPROCESSOR_STATE, Cr3),
+OFFSET(PsCr4, KPROCESSOR_STATE, Cr4),
+OFFSET(PsKernelDr0, KPROCESSOR_STATE, KernelDr0),
+OFFSET(PsKernelDr1, KPROCESSOR_STATE, KernelDr1),
+OFFSET(PsKernelDr2, KPROCESSOR_STATE, KernelDr2),
+OFFSET(PsKernelDr3, KPROCESSOR_STATE, KernelDr3),
+OFFSET(PsKernelDr6, KPROCESSOR_STATE, KernelDr6),
+OFFSET(PsKernelDr7, KPROCESSOR_STATE, KernelDr7),
+OFFSET(PsGdtr, KPROCESSOR_STATE, Gdtr),
+OFFSET(PsIdtr, KPROCESSOR_STATE, Idtr),
+OFFSET(PsTr, KPROCESSOR_STATE, Tr),
+OFFSET(PsLdtr, KPROCESSOR_STATE, Ldtr),
+OFFSET(PsMxCsr, KPROCESSOR_STATE, MxCsr),
+OFFSET(PsContextFrame, KPROCESSOR_STATE, ContextFrame),
+OFFSET(PsDebugControl, KPROCESSOR_STATE, DebugControl),
+OFFSET(PsLastBranchToRip, KPROCESSOR_STATE, LastBranchToRip),
+OFFSET(PsLastBranchFromRip, KPROCESSOR_STATE, LastBranchFromRip),
+OFFSET(PsLastExceptionToRip, KPROCESSOR_STATE, LastExceptionToRip),
+OFFSET(PsLastExceptionFromRip, KPROCESSOR_STATE, LastExceptionFromRip),
+OFFSET(PsCr8, KPROCESSOR_STATE, Cr8),
+SIZE(ProcessorStateLength, KPROCESSOR_STATE),
+
+HEADER("KSTART_FRAME"),
+OFFSET(SfP1Home, KSTART_FRAME, P1Home),
+OFFSET(SfP2Home, KSTART_FRAME, P2Home),
+OFFSET(SfP3Home, KSTART_FRAME, P3Home),
+OFFSET(SfP4Home, KSTART_FRAME, P4Home),
+OFFSET(SfReturn, KSTART_FRAME, Return),
+SIZE(KSTART_FRAME_LENGTH, KSTART_FRAME),
+
+HEADER("KSPECIAL_REGISTERS"),
+OFFSET(SrKernelDr0, KSPECIAL_REGISTERS, KernelDr0),
+OFFSET(SrKernelDr1, KSPECIAL_REGISTERS, KernelDr1),
+OFFSET(SrKernelDr2, KSPECIAL_REGISTERS, KernelDr2),
+OFFSET(SrKernelDr3, KSPECIAL_REGISTERS, KernelDr3),
+OFFSET(SrKernelDr6, KSPECIAL_REGISTERS, KernelDr6),
+OFFSET(SrKernelDr7, KSPECIAL_REGISTERS, KernelDr7),
+OFFSET(SrGdtr, KSPECIAL_REGISTERS, Gdtr),
+OFFSET(SrIdtr, KSPECIAL_REGISTERS, Idtr),
+OFFSET(SrTr, KSPECIAL_REGISTERS, Tr),
+OFFSET(SrMxCsr, KSPECIAL_REGISTERS, MxCsr),
+OFFSET(SrMsrGsBase, KSPECIAL_REGISTERS, MsrGsBase),
+OFFSET(SrMsrGsSwap, KSPECIAL_REGISTERS, MsrGsSwap),
+OFFSET(SrMsrStar, KSPECIAL_REGISTERS, MsrStar),
+OFFSET(SrMsrLStar, KSPECIAL_REGISTERS, MsrLStar),
+OFFSET(SrMsrCStar, KSPECIAL_REGISTERS, MsrCStar),
+OFFSET(SrMsrSyscallMask, KSPECIAL_REGISTERS, MsrSyscallMask),
+
+HEADER("KSYSTEM_TIME"),
+OFFSET(StLowTime, KSYSTEM_TIME, LowTime),
+OFFSET(StHigh1Time, KSYSTEM_TIME, High1Time),
+OFFSET(StHigh2Time, KSYSTEM_TIME, High2Time),
+
+HEADER("KSWITCH_FRAME"),
+OFFSET(SwP5Home, KSWITCH_FRAME, P5Home),
+OFFSET(SwApcBypass, KSWITCH_FRAME, ApcBypass),
+OFFSET(SwRbp, KSWITCH_FRAME, Rbp),
+OFFSET(SwReturn, KSWITCH_FRAME, Return),
+SIZE(SwitchFrameLength, KSWITCH_FRAME),
+SIZE(KSWITCH_FRAME_LENGTH, KSWITCH_FRAME),
+
+HEADER("KTRAP_FRAME"),
+OFFSET(TrP1Home, KTRAP_FRAME, P1Home),
+OFFSET(TrP2Home, KTRAP_FRAME, P2Home),
+OFFSET(TrP3Home, KTRAP_FRAME, P3Home),
+OFFSET(TrP4Home, KTRAP_FRAME, P4Home),
+OFFSET(TrP5, KTRAP_FRAME, P5),
+OFFSET(TrPreviousMode, KTRAP_FRAME, PreviousMode),
+OFFSET(TrPreviousIrql, KTRAP_FRAME, PreviousIrql),
+OFFSET(TrFaultIndicator, KTRAP_FRAME, FaultIndicator),
+OFFSET(TrExceptionActive, KTRAP_FRAME, ExceptionActive),
+OFFSET(TrMxCsr, KTRAP_FRAME, MxCsr),
+OFFSET(TrRax, KTRAP_FRAME, Rax),
+OFFSET(TrRcx, KTRAP_FRAME, Rcx),
+OFFSET(TrRdx, KTRAP_FRAME, Rdx),
+OFFSET(TrR8, KTRAP_FRAME, R8),
+OFFSET(TrR9, KTRAP_FRAME, R9),
+OFFSET(TrR10, KTRAP_FRAME, R10),
+OFFSET(TrR11, KTRAP_FRAME, R11),
+OFFSET(TrGsBase, KTRAP_FRAME, GsBase),
+OFFSET(TrGsSwap, KTRAP_FRAME,GsSwap),
+OFFSET(TrXmm0, KTRAP_FRAME, Xmm0),
+OFFSET(TrXmm1, KTRAP_FRAME, Xmm1),
+OFFSET(TrXmm2, KTRAP_FRAME, Xmm2),
+OFFSET(TrXmm3, KTRAP_FRAME, Xmm3),
+OFFSET(TrXmm4, KTRAP_FRAME, Xmm4),
+OFFSET(TrXmm5, KTRAP_FRAME, Xmm5),
+OFFSET(TrFaultAddress, KTRAP_FRAME, FaultAddress),
+OFFSET(TrTimeStampCKCL, KTRAP_FRAME, TimeStampCKCL),
+OFFSET(TrDr0, KTRAP_FRAME, Dr0),
+OFFSET(TrDr1, KTRAP_FRAME, Dr1),
+OFFSET(TrDr2, KTRAP_FRAME, Dr2),
+OFFSET(TrDr3, KTRAP_FRAME, Dr3),
+OFFSET(TrDr6, KTRAP_FRAME, Dr6),
+OFFSET(TrDr7, KTRAP_FRAME, Dr7),
+OFFSET(TrDebugControl, KTRAP_FRAME, DebugControl),
+OFFSET(TrLastBranchToRip, KTRAP_FRAME, LastBranchToRip),
+OFFSET(TrLastBranchFromRip, KTRAP_FRAME, LastBranchFromRip),
+OFFSET(TrLastExceptionToRip, KTRAP_FRAME, LastExceptionToRip),
+OFFSET(TrLastExceptionFromRip, KTRAP_FRAME, LastExceptionFromRip),
+OFFSET(TrLastBranchControl, KTRAP_FRAME, LastBranchControl),
+OFFSET(TrLastBranchMSR, KTRAP_FRAME, LastBranchMSR),
+OFFSET(TrSegDs, KTRAP_FRAME, SegDs),
+OFFSET(TrSegEs, KTRAP_FRAME, SegEs),
+OFFSET(TrSegFs, KTRAP_FRAME, SegFs),
+OFFSET(TrSegGs, KTRAP_FRAME, SegGs),
+OFFSET(TrTrapFrame, KTRAP_FRAME, TrapFrame),
+OFFSET(TrRbx, KTRAP_FRAME, Rbx),
+OFFSET(TrRdi, KTRAP_FRAME, Rdi),
+OFFSET(TrRsi, KTRAP_FRAME, Rsi),
+OFFSET(TrRbp, KTRAP_FRAME, Rbp),
+OFFSET(TrErrorCode, KTRAP_FRAME, ErrorCode),
+OFFSET(TrTimeStampKlog, KTRAP_FRAME, TimeStampKlog),
+OFFSET(TrRip, KTRAP_FRAME, Rip),
+OFFSET(TrSegCs, KTRAP_FRAME, SegCs),
+OFFSET(TrLogging, KTRAP_FRAME, Logging),
+OFFSET(TrEFlags, KTRAP_FRAME, EFlags),
+OFFSET(TrRsp, KTRAP_FRAME, Rsp),
+OFFSET(TrSegSs, KTRAP_FRAME, SegSs),
+OFFSET(TrCodePatchCycle, KTRAP_FRAME, CodePatchCycle),
+SIZE(KTRAP_FRAME_LENGTH, KTRAP_FRAME),
+
+HEADER("KTIMER_TABLE"),
+OFFSET(TtEntry, KTIMER_TABLE, TimerEntries),
+OFFSET(TtTime, KTIMER_TABLE, Time),
+SIZE(TIMER_ENTRY_SIZE, KTIMER_ENTRY),
+SIZE(TIMER_TABLE_SIZE, KTIMER_TABLE),
+SIZE(KTIMER_TABLE_SIZE, KTIMER_TABLE),
+
+HEADER("KTSS"),
+OFFSET(TssRsp0, TYPE, Rsp0),
+OFFSET(TssRsp1, TYPE, Rsp1),
+OFFSET(TssRsp2, TYPE, Rsp2),
+OFFSET(TssPanicStack, TYPE, PanicStack),
+OFFSET(TssMcaStack, TYPE, McaStack),
+OFFSET(TssNmiStack, TYPE, NmiStack),
+OFFSET(TssIoMapBase, TYPE, IoMapBase),
+SIZE(TssLength, TYPE),
+
--- /dev/null
+
+
+HEADER("Pointer size"),
+SIZE(SizeofPointer, PVOID),
+
+HEADER("Breakpoints"),
+CONSTANT(BREAKPOINT_BREAK),
+CONSTANT(BREAKPOINT_PRINT),
+CONSTANT(BREAKPOINT_PROMPT),
+CONSTANT(BREAKPOINT_LOAD_SYMBOLS),
+CONSTANT(BREAKPOINT_UNLOAD_SYMBOLS),
+CONSTANT(BREAKPOINT_COMMAND_STRING),
+
+HEADER("Context Frame Flags"),
+CONSTANT(CONTEXT_FULL),
+CONSTANT(CONTEXT_CONTROL),
+CONSTANT(CONTEXT_INTEGER),
+CONSTANT(CONTEXT_SEGMENTS),
+CONSTANT(CONTEXT_FLOATING_POINT),
+CONSTANT(CONTEXT_DEBUG_REGISTERS),
+
+HEADER("Exception flags"),
+CONSTANT(EXCEPTION_NONCONTINUABLE),
+CONSTANT(EXCEPTION_UNWINDING),
+CONSTANT(EXCEPTION_EXIT_UNWIND),
+CONSTANT(EXCEPTION_STACK_INVALID),
+CONSTANT(EXCEPTION_NESTED_CALL),
+CONSTANT(EXCEPTION_TARGET_UNWIND),
+CONSTANT(EXCEPTION_COLLIDED_UNWIND),
+CONSTANT(EXCEPTION_UNWIND),
+CONSTANT(EXCEPTION_EXECUTE_HANDLER),
+CONSTANT(EXCEPTION_CONTINUE_SEARCH),
+CONSTANT(EXCEPTION_CONTINUE_EXECUTION),
+#ifdef _X86_
+//CONSTANT(EXCEPTION_CHAIN_END),
+//CONSTANT(FIXED_NTVDMSTATE_LINEAR),
+#endif
+
+HEADER("Exception types"),
+CONSTANT(ExceptionContinueExecution),
+CONSTANT(ExceptionContinueSearch),
+CONSTANT(ExceptionNestedException),
+CONSTANT(ExceptionCollidedUnwind),
+
+HEADER("Lock Queue"),
+CONSTANT(LOCK_QUEUE_WAIT),
+CONSTANT(LOCK_QUEUE_OWNER),
+CONSTANT(LockQueueDispatcherLock),
+
+HEADER("Performance Definitions"),
+//CONSTANT(PERF_CONTEXTSWAP_OFFSET),
+//CONSTANT(PERF_CONTEXTSWAP_FLAG),
+//CONSTANT(PERF_INTERRUPT_OFFSET),
+//CONSTANT(PERF_INTERRUPT_FLAG),
+//CONSTANT(PERF_PROFILE_OFFSET),
+//CONSTANT(PERF_PROFILE_FLAG),
+//CONSTANT(PERF_SYSCALL_OFFSET),
+//CONSTANT(PERF_SYSCALL_FLAG),
+//CONSTANT(PERF_SPINLOCK_OFFSET),
+//CONSTANT(PERF_SPINLOCK_FLAG),
+//CONSTANT(NTOS_YIELD_MACRO),
+
+HEADER("Process states"),
+CONSTANT(ProcessInMemory),
+CONSTANT(ProcessOutOfMemory),
+CONSTANT(ProcessInTransition),
+
+HEADER("Processor mode"),
+CONSTANT(KernelMode),
+CONSTANT(UserMode),
+
+HEADER("Status codes"),
+CONSTANT(STATUS_ACCESS_VIOLATION),
+CONSTANT(STATUS_ASSERTION_FAILURE),
+CONSTANT(STATUS_ARRAY_BOUNDS_EXCEEDED),
+CONSTANT(STATUS_BAD_COMPRESSION_BUFFER),
+CONSTANT(STATUS_BREAKPOINT),
+CONSTANT(STATUS_CALLBACK_POP_STACK),
+CONSTANT(STATUS_DATATYPE_MISALIGNMENT),
+CONSTANT(STATUS_FLOAT_DENORMAL_OPERAND),
+CONSTANT(STATUS_FLOAT_DIVIDE_BY_ZERO),
+CONSTANT(STATUS_FLOAT_INEXACT_RESULT),
+CONSTANT(STATUS_FLOAT_INVALID_OPERATION),
+CONSTANT(STATUS_FLOAT_OVERFLOW),
+CONSTANT(STATUS_FLOAT_STACK_CHECK),
+CONSTANT(STATUS_FLOAT_UNDERFLOW),
+CONSTANT(STATUS_FLOAT_MULTIPLE_FAULTS),
+CONSTANT(STATUS_FLOAT_MULTIPLE_TRAPS),
+CONSTANT(STATUS_GUARD_PAGE_VIOLATION),
+CONSTANT(STATUS_ILLEGAL_FLOAT_CONTEXT),
+CONSTANT(STATUS_ILLEGAL_INSTRUCTION),
+CONSTANT(STATUS_INSTRUCTION_MISALIGNMENT),
+CONSTANT(STATUS_INVALID_HANDLE),
+CONSTANT(STATUS_INVALID_LOCK_SEQUENCE),
+CONSTANT(STATUS_INVALID_OWNER),
+CONSTANT(STATUS_INVALID_PARAMETER),
+CONSTANT(STATUS_INVALID_PARAMETER_1),
+CONSTANT(STATUS_INVALID_SYSTEM_SERVICE),
+//CONSTANT(STATUS_INVALID_THREAD),
+CONSTANT(STATUS_INTEGER_DIVIDE_BY_ZERO),
+CONSTANT(STATUS_INTEGER_OVERFLOW),
+CONSTANT(STATUS_IN_PAGE_ERROR),
+CONSTANT(STATUS_KERNEL_APC),
+CONSTANT(STATUS_LONGJUMP),
+CONSTANT(STATUS_NO_CALLBACK_ACTIVE),
+CONSTANT(STATUS_NO_EVENT_PAIR),
+CONSTANT(STATUS_PRIVILEGED_INSTRUCTION),
+CONSTANT(STATUS_SINGLE_STEP),
+CONSTANT(STATUS_STACK_BUFFER_OVERRUN),
+CONSTANT(STATUS_STACK_OVERFLOW),
+CONSTANT(STATUS_SUCCESS),
+CONSTANT(STATUS_THREAD_IS_TERMINATING),
+CONSTANT(STATUS_TIMEOUT),
+CONSTANT(STATUS_UNWIND),
+CONSTANT(STATUS_UNWIND_CONSOLIDATE),
+CONSTANT(STATUS_USER_APC),
+CONSTANT(STATUS_WAKE_SYSTEM_DEBUGGER),
+
+HEADER("TLS defines"),
+CONSTANT(TLS_MINIMUM_AVAILABLE),
+CONSTANT(TLS_EXPANSION_SLOTS),
+
+HEADER("Thread states"),
+CONSTANT(Initialized),
+CONSTANT(Ready),
+CONSTANT(Running),
+CONSTANT(Standby),
+CONSTANT(Terminated),
+CONSTANT(Waiting),
+
+HEADER("Wait type / reason"),
+CONSTANT(WrExecutive),
+CONSTANT(WrMutex),
+CONSTANT(WrDispatchInt),
+CONSTANT(WrQuantumEnd),
+CONSTANT(WrEventPair),
+CONSTANT(WaitAny),
+CONSTANT(WaitAll),
+
+HEADER("Interrupt object types"),
+//CONSTANT(InLevelSensitive),
+//CONSTANT(InLatched),
+
+HEADER("Bug Check Codes"),
+CONSTANT(APC_INDEX_MISMATCH),
+CONSTANT(INVALID_AFFINITY_SET),
+CONSTANT(INVALID_DATA_ACCESS_TRAP),
+CONSTANT(IRQL_NOT_GREATER_OR_EQUAL),
+CONSTANT(IRQL_NOT_LESS_OR_EQUAL),
+CONSTANT(NO_USER_MODE_CONTEXT),
+CONSTANT(SPIN_LOCK_ALREADY_OWNED),
+CONSTANT(SPIN_LOCK_NOT_OWNED),
+CONSTANT(THREAD_NOT_MUTEX_OWNER),
+CONSTANT(TRAP_CAUSE_UNKNOWN),
+CONSTANT(KMODE_EXCEPTION_NOT_HANDLED),
+CONSTANT(KERNEL_APC_PENDING_DURING_EXIT),
+CONSTANT(PANIC_STACK_SWITCH),
+CONSTANT(DATA_BUS_ERROR),
+CONSTANT(INSTRUCTION_BUS_ERROR),
+CONSTANT(SYSTEM_EXIT_OWNED_MUTEX),
+//CONSTANT(SYSTEM_UNWIND_PREVIOUS_USER),
+//CONSTANT(SYSTEM_SERVICE_EXCEPTION),
+//CONSTANT(INTERRUPT_UNWIND_ATTEMPTED),
+//CONSTANT(INTERRUPT_EXCEPTION_NOT_HANDLED),
+CONSTANT(PAGE_FAULT_WITH_INTERRUPTS_OFF),
+CONSTANT(IRQL_GT_ZERO_AT_SYSTEM_SERVICE),
+CONSTANT(DATA_COHERENCY_EXCEPTION),
+CONSTANT(INSTRUCTION_COHERENCY_EXCEPTION),
+CONSTANT(HAL1_INITIALIZATION_FAILED),
+CONSTANT(UNEXPECTED_KERNEL_MODE_TRAP),
+CONSTANT(NMI_HARDWARE_FAILURE),
+CONSTANT(SPIN_LOCK_INIT_FAILURE),
+CONSTANT(ATTEMPTED_SWITCH_FROM_DPC),
+//CONSTANT(MUTEX_ALREADY_OWNED),
+//CONSTANT(HARDWARE_INTERRUPT_STORM),
+//CONSTANT(RECURSIVE_MACHINE_CHECK),
+//CONSTANT(RECURSIVE_NMI),
+
+HEADER("IRQL"),
+CONSTANT(PASSIVE_LEVEL),
+CONSTANT(APC_LEVEL),
+CONSTANT(DISPATCH_LEVEL),
+#ifdef _M_AMD64
+CONSTANT(CLOCK_LEVEL),
+#else
+CONSTANT(CLOCK1_LEVEL),
+CONSTANT(CLOCK2_LEVEL),
+#endif
+CONSTANT(IPI_LEVEL),
+CONSTANT(POWER_LEVEL),
+CONSTANT(PROFILE_LEVEL),
+CONSTANT(HIGH_LEVEL),
+RAW("#ifdef NT_UP"),
+{TYPE_CONSTANT, "SYNCH_LEVEL", DISPATCH_LEVEL},
+RAW("#else"),
+{TYPE_CONSTANT, "SYNCH_LEVEL", (IPI_LEVEL - 2)},
+RAW("#endif"),
+
+HEADER("Stack sizes"),
+CONSTANT(KERNEL_STACK_SIZE),
+CONSTANT(KERNEL_LARGE_STACK_SIZE),
+CONSTANT(KERNEL_LARGE_STACK_COMMIT),
+//CONSTANT(DOUBLE_FAULT_STACK_SIZE),
+#ifdef _M_AMD64
+CONSTANT(KERNEL_MCA_EXCEPTION_STACK_SIZE),
+CONSTANT(NMI_STACK_SIZE),
+#endif
+
+HEADER("Thread flags"),
+//CONSTANT(THREAD_FLAGS_CYCLE_PROFILING),
+//CONSTANT(THREAD_FLAGS_CYCLE_PROFILING_LOCK_BIT),
+//CONSTANT(THREAD_FLAGS_CYCLE_PROFILING_LOCK),
+//CONSTANT(THREAD_FLAGS_COUNTER_PROFILING),
+//CONSTANT(THREAD_FLAGS_COUNTER_PROFILING_LOCK_BIT),
+//CONSTANT(THREAD_FLAGS_COUNTER_PROFILING_LOCK),
+//CONSTANT(THREAD_FLAGS_CPU_THROTTLED),
+//CONSTANT(THREAD_FLAGS_CPU_THROTTLED_BIT),
+//CONSTANT(THREAD_FLAGS_ACCOUNTING_ANY),
+
+HEADER("Miscellaneous Definitions"),
+//CONSTANT(BASE_PRIORITY_THRESHOLD),
+//CONSTANT(EVENT_PAIR_INCREMENT),
+CONSTANT(LOW_REALTIME_PRIORITY),
+CONSTANT(CLOCK_QUANTUM_DECREMENT),
+//CONSTANT(READY_SKIP_QUANTUM),
+//CONSTANT(THREAD_QUANTUM),
+CONSTANT(WAIT_QUANTUM_DECREMENT),
+//CONSTANT(ROUND_TRIP_DECREMENT_COUNT),
+CONSTANT(MAXIMUM_PROCESSORS),
+CONSTANT(INITIAL_STALL_COUNT),
+//CONSTANT(EXCEPTION_EXECUTE_FAULT),
+//CONSTANT(KCACHE_ERRATA_MONITOR_FLAGS),
+//CONSTANT(KI_EXCEPTION_GP_FAULT),
+//CONSTANT(KI_EXCEPTION_INVALID_OP),
+//CONSTANT(KI_EXCEPTION_INTEGER_DIVIDE_BY_ZERO),
+CONSTANT(KI_EXCEPTION_ACCESS_VIOLATION),
+//CONSTANT(TARGET_FREEZE),
+//CONSTANT(BlackHole),
+CONSTANT(Executive),
+CONSTANT(FALSE),
+CONSTANT(TRUE),
+CONSTANT(DBG_STATUS_CONTROL_C),
+CONSTANT(USER_SHARED_DATA),
+//CONSTANT(MM_SHARED_USER_DATA_VA),
+CONSTANT(PAGE_SIZE),
+//CONSTANT(KERNEL_STACK_CONTROL_LARGE_STACK),
+//CONSTANT(KI_DPC_ALL_FLAGS),
+//CONSTANT(DISPATCH_LENGTH),
+CONSTANT(MAXIMUM_IDTVECTOR),
+//CONSTANT(MAXIMUM_PRIMARY_VECTOR),
+CONSTANT(PRIMARY_VECTOR_BASE),
+CONSTANT(RPL_MASK),
+CONSTANT(MODE_MASK),
+//CONSTANT(KTHREAD_AUTO_ALIGNMENT_BIT),
+//CONSTANT(KTHREAD_GUI_THREAD_MASK),
+//CONSTANT(KI_SLIST_FAULT_COUNT_MAXIMUM),
+CONSTANT(NUMBER_SERVICE_TABLES),
+CONSTANT(SERVICE_NUMBER_MASK),
+CONSTANT(SERVICE_TABLE_SHIFT),
+CONSTANT(SERVICE_TABLE_MASK),
+CONSTANT(SERVICE_TABLE_TEST),
+
+
+
+/* STRUCTURE OFFSETS *********************************************************/
+
+HEADER("KAFFINITY_EX"),
+//OFFSET(AfBitmap, KAFFINITY_EX, Bitmap),
+
+HEADER("Aligned Affinity"),
+//OFFSET(AfsCpuSet, ???, CpuSet),
+
+HEADER("KAPC"),
+OFFSET(ApType, KAPC, Type),
+OFFSET(ApSize, KAPC, Size),
+OFFSET(ApThread, KAPC, Thread),
+OFFSET(ApApcListEntry, KAPC, ApcListEntry),
+OFFSET(ApKernelRoutine, KAPC, KernelRoutine),
+OFFSET(ApRundownRoutine, KAPC, RundownRoutine),
+OFFSET(ApNormalRoutine, KAPC, NormalRoutine),
+OFFSET(ApNormalContext, KAPC, NormalContext),
+OFFSET(ApSystemArgument1, KAPC, SystemArgument1),
+OFFSET(ApSystemArgument2, KAPC, SystemArgument2),
+OFFSET(ApApcStateIndex, KAPC, ApcStateIndex),
+OFFSET(ApApcMode, KAPC, ApcMode),
+OFFSET(ApInserted, KAPC, Inserted),
+SIZE(ApcObjectLength, KAPC),
+
+HEADER("KAPC_STATE"),
+OFFSET(AsApcListHead, KAPC_STATE, ApcListHead),
+OFFSET(AsProcess, KAPC_STATE, Process),
+OFFSET(AsKernelApcInProgress, KAPC_STATE, KernelApcInProgress),
+OFFSET(AsKernelApcPending, KAPC_STATE, KernelApcPending),
+OFFSET(AsUserApcPending, KAPC_STATE, UserApcPending),
+
+HEADER("CLIENT_ID"),
+OFFSET(CidUniqueProcess, CLIENT_ID, UniqueProcess),
+OFFSET(CidUniqueThread, CLIENT_ID, UniqueThread),
+
+HEADER("RTL_CRITICAL_SECTION"),
+OFFSET(CsDebugInfo, RTL_CRITICAL_SECTION, DebugInfo),
+OFFSET(CsLockCount, RTL_CRITICAL_SECTION, LockCount),
+OFFSET(CsRecursionCount, RTL_CRITICAL_SECTION, RecursionCount),
+OFFSET(CsOwningThread, RTL_CRITICAL_SECTION, OwningThread),
+OFFSET(CsLockSemaphore, RTL_CRITICAL_SECTION, LockSemaphore),
+OFFSET(CsSpinCount, RTL_CRITICAL_SECTION, SpinCount),
+
+HEADER("RTL_CRITICAL_SECTION_DEBUG"),
+OFFSET(CsType, RTL_CRITICAL_SECTION_DEBUG, Type),
+OFFSET(CsCreatorBackTraceIndex, RTL_CRITICAL_SECTION_DEBUG, CreatorBackTraceIndex),
+OFFSET(CsCriticalSection, RTL_CRITICAL_SECTION_DEBUG, CriticalSection),
+OFFSET(CsProcessLocksList, RTL_CRITICAL_SECTION_DEBUG, ProcessLocksList),
+OFFSET(CsEntryCount, RTL_CRITICAL_SECTION_DEBUG, EntryCount),
+OFFSET(CsContentionCount, RTL_CRITICAL_SECTION_DEBUG, ContentionCount),
+
+HEADER("KDEVICE_QUEUE_ENTRY"),
+OFFSET(DeDeviceListEntry, KDEVICE_QUEUE_ENTRY, DeviceListEntry),
+OFFSET(DeSortKey, KDEVICE_QUEUE_ENTRY, SortKey),
+OFFSET(DeInserted, KDEVICE_QUEUE_ENTRY, Inserted),
+SIZE(DeviceQueueEntryLength, KDEVICE_QUEUE_ENTRY),
+
+HEADER("KDPC"),
+OFFSET(DpType, KDPC, Type),
+OFFSET(DpImportance, KDPC, Importance),
+OFFSET(DpNumber, KDPC, Number),
+OFFSET(DpDpcListEntry, KDPC, DpcListEntry),
+OFFSET(DpDeferredRoutine, KDPC, DeferredRoutine),
+OFFSET(DpDeferredContext, KDPC, DeferredContext),
+OFFSET(DpSystemArgument1, KDPC, SystemArgument1),
+OFFSET(DpSystemArgument2, KDPC, SystemArgument2),
+OFFSET(DpDpcData, KDPC, DpcData),
+SIZE(DpcObjectLength, KDPC),
+
+HEADER("KDEVICE_QUEUE"),
+OFFSET(DvType, KDEVICE_QUEUE, Type),
+OFFSET(DvSize, KDEVICE_QUEUE, Size),
+OFFSET(DvDeviceListHead, KDEVICE_QUEUE, DeviceListHead),
+OFFSET(DvSpinLock, KDEVICE_QUEUE, Lock),
+OFFSET(DvBusy, KDEVICE_QUEUE, Busy),
+SIZE(DeviceQueueObjectLength, KDEVICE_QUEUE),
+
+HEADER("EXCEPTION_RECORD"),
+OFFSET(ErExceptionCode, EXCEPTION_RECORD, ExceptionCode),
+OFFSET(ErExceptionFlags, EXCEPTION_RECORD, ExceptionFlags),
+OFFSET(ErExceptionRecord, EXCEPTION_RECORD, ExceptionRecord),
+OFFSET(ErExceptionAddress, EXCEPTION_RECORD, ExceptionAddress),
+OFFSET(ErNumberParameters, EXCEPTION_RECORD, NumberParameters),
+OFFSET(ErExceptionInformation, EXCEPTION_RECORD, ExceptionInformation),
+SIZE(ExceptionRecordLength, EXCEPTION_RECORD),
+SIZE(EXCEPTION_RECORD_LENGTH, EXCEPTION_RECORD),
+
+HEADER("EPROCESS"),
+OFFSET(EpDebugPort, EPROCESS, DebugPort),
+OFFSET(EpVdmObjects, EPROCESS, VdmObjects),
+SIZE(ExecutiveProcessObjectLength, EPROCESS),
+
+HEADER("KEVENT"),
+OFFSET(EvType, KEVENT, Header.Type),
+OFFSET(EvSize, KEVENT, Header.Size),
+OFFSET(EvSignalState, KEVENT, Header.SignalState),
+OFFSET(EvWaitListHead, KEVENT, Header.WaitListHead),
+SIZE(EventObjectLength, KEVENT),
+
+HEADER("FAST_MUTEX"),
+OFFSET(FmCount, FAST_MUTEX, Count),
+OFFSET(FmOwner, FAST_MUTEX, Owner),
+OFFSET(FmContention, FAST_MUTEX, Contention),
+//OFFSET(FmGate, FAST_MUTEX, Gate),
+OFFSET(FmOldIrql, FAST_MUTEX, OldIrql),
+
+HEADER("KINTERRUPT"),
+OFFSET(InType, KINTERRUPT, Type),
+OFFSET(InSize, KINTERRUPT, Size),
+OFFSET(InInterruptListEntry, KINTERRUPT, InterruptListEntry),
+OFFSET(InServiceRoutine, KINTERRUPT, ServiceRoutine),
+OFFSET(InServiceContext, KINTERRUPT, ServiceContext),
+OFFSET(InSpinLock, KINTERRUPT, SpinLock),
+OFFSET(InTickCount, KINTERRUPT, TickCount),
+OFFSET(InActualLock, KINTERRUPT, ActualLock),
+OFFSET(InDispatchAddress, KINTERRUPT, DispatchAddress),
+OFFSET(InVector, KINTERRUPT, Vector),
+OFFSET(InIrql, KINTERRUPT, Irql),
+OFFSET(InSynchronizeIrql, KINTERRUPT, SynchronizeIrql),
+OFFSET(InFloatingSave, KINTERRUPT, FloatingSave),
+OFFSET(InConnected, KINTERRUPT, Connected),
+OFFSET(InNumber, KINTERRUPT, Number),
+OFFSET(InShareVector, KINTERRUPT, ShareVector),
+OFFSET(InMode, KINTERRUPT, Mode),
+OFFSET(InServiceCount, KINTERRUPT, ServiceCount),
+OFFSET(InDispatchCount, KINTERRUPT, DispatchCount),
+//OFFSET(InTrapFrame, KINTERRUPT, TrapFrame),
+OFFSET(InDispatchCode, KINTERRUPT, DispatchCode),
+SIZE(InterruptObjectLength, KINTERRUPT),
+
+HEADER("IO_STATUS_BLOCK"),
+OFFSET(IoStatus, IO_STATUS_BLOCK, Status),
+OFFSET(IoPointer, IO_STATUS_BLOCK, Pointer),
+OFFSET(IoInformation, IO_STATUS_BLOCK, Information),
+
+#ifdef _M_IX86
+// Kernel Stack Control Structure Offset (relative to initial stack pointer) Definitions
+//RELOFFSET(KcPreviousBase, KERNEL_STACK_CONTROL, PreviousBase, ???),
+//RELOFFSET(KcPreviousLimit, KERNEL_STACK_CONTROL, PreviousBase, ???),
+//RELOFFSET(KcPreviousKernel, KERNEL_STACK_CONTROL, PreviousBase, ???),
+//RELOFFSET(KcPreviousInitial, KERNEL_STACK_CONTROL, PreviousBase, ???),
+#else
+HEADER("KERNEL_STACK_CONTROL"),
+//OFFSET(KcPreviousBase, KERNEL_STACK_CONTROL, PreviousBase),
+//OFFSET(KcPreviousLimit, KERNEL_STACK_CONTROL, PreviousLimit),
+//OFFSET(KcPreviousKernel, KERNEL_STACK_CONTROL, PreviousKernel),
+//OFFSET(KcPreviousInitial, KERNEL_STACK_CONTROL, PreviousInitial),
+//SIZE(KERNEL_STACK_CONTROL_LENGTH, KERNEL_STACK_CONTROL),
+#endif
+
+HEADER("KNODE"),
+//OFFSET(KnRight, KNODE, Right),
+//OFFSET(KnLeft, KNODE, Left),
+OFFSET(KnPfnDereferenceSListHead, KNODE, PfnDereferenceSListHead),
+OFFSET(KnProcessorMask, KNODE, ProcessorMask),
+OFFSET(KnColor, KNODE, Color),
+OFFSET(KnSeed, KNODE, Seed),
+OFFSET(KnNodeNumber, KNODE, NodeNumber),
+OFFSET(KnFlags, KNODE, Flags),
+OFFSET(knMmShiftedColor, KNODE, MmShiftedColor),
+OFFSET(KnFreeCount, KNODE, FreeCount),
+OFFSET(KnPfnDeferredList, KNODE, PfnDeferredList),
+SIZE(KNODE_SIZE, KNODE),
+
+HEADER("KSPIN_LOCK_QUEUE"),
+OFFSET(LqNext, KSPIN_LOCK_QUEUE, Next),
+OFFSET(LqLock, KSPIN_LOCK_QUEUE, Lock),
+
+HEADER("KLOCK_QUEUE_HANDLE"),
+OFFSET(LqhNext, KLOCK_QUEUE_HANDLE, LockQueue.Next),
+OFFSET(LqhLock, KLOCK_QUEUE_HANDLE, LockQueue.Lock),
+OFFSET(LqhOldIrql, KLOCK_QUEUE_HANDLE, OldIrql),
+SIZE(LOCK_QUEUE_HEADER_SIZE, KLOCK_QUEUE_HANDLE),
+
+HEADER("LARGE_INTEGER"),
+OFFSET(LiLowPart, LARGE_INTEGER, LowPart),
+OFFSET(LiHighPart, LARGE_INTEGER, HighPart),
+#if 0
+HEADER("LOADER_PARAMETER_BLOCK (rel. to LoadOrderListHead)"),
+RELOFFSET(LpbLoadOrderListHead, LOADER_PARAMETER_BLOCK, LoadOrderListHead, LoadOrderListHead),
+RELOFFSET(LpbMemoryDescriptorListHead, LOADER_PARAMETER_BLOCK, MemoryDescriptorListHead, LoadOrderListHead),
+RELOFFSET(LpbKernelStack, LOADER_PARAMETER_BLOCK, KernelStack, LoadOrderListHead),
+RELOFFSET(LpbPrcb, LOADER_PARAMETER_BLOCK, Prcb, LoadOrderListHead),
+RELOFFSET(LpbProcess, LOADER_PARAMETER_BLOCK, Process, LoadOrderListHead),
+RELOFFSET(LpbThread, LOADER_PARAMETER_BLOCK, Thread, LoadOrderListHead),
+RELOFFSET(LpbI386, LOADER_PARAMETER_BLOCK, u.I386, LoadOrderListHead),
+RELOFFSET(LpbRegistryLength, LOADER_PARAMETER_BLOCK, RegistryLength, LoadOrderListHead),
+RELOFFSET(LpbRegistryBase, LOADER_PARAMETER_BLOCK, RegistryBase, LoadOrderListHead),
+RELOFFSET(LpbConfigurationRoot, LOADER_PARAMETER_BLOCK, ConfigurationRoot, LoadOrderListHead),
+RELOFFSET(LpbArcBootDeviceName, LOADER_PARAMETER_BLOCK, ArcBootDeviceName, LoadOrderListHead),
+RELOFFSET(LpbArcHalDeviceName, LOADER_PARAMETER_BLOCK, ArcHalDeviceName, LoadOrderListHead),
+RELOFFSET(LpbLoadOptions, LOADER_PARAMETER_BLOCK, LoadOptions, LoadOrderListHead),
+RELOFFSET(LpbExtension, LOADER_PARAMETER_BLOCK, Extension, LoadOrderListHead),
+#endif
+
+HEADER("LIST_ENTRY"),
+OFFSET(LsFlink, LIST_ENTRY, Flink),
+OFFSET(LsBlink, LIST_ENTRY, Blink),
+
+HEADER("PEB"),
+OFFSET(PeKernelCallbackTable, PEB, KernelCallbackTable),
+SIZE(ProcessEnvironmentBlockLength, PEB),
+
+HEADER("KPROFILE"),
+OFFSET(PfType, KPROFILE, Type),
+OFFSET(PfSize, KPROFILE, Size),
+OFFSET(PfProfileListEntry, KPROFILE, ProfileListEntry),
+OFFSET(PfProcess, KPROFILE, Process),
+OFFSET(PfRangeBase, KPROFILE, RangeBase),
+OFFSET(PfRangeLimit, KPROFILE, RangeLimit),
+OFFSET(PfBucketShift, KPROFILE, BucketShift),
+OFFSET(PfBuffer, KPROFILE, Buffer),
+OFFSET(PfSegment, KPROFILE, Segment),
+OFFSET(PfAffinity, KPROFILE, Affinity),
+OFFSET(PfSource, KPROFILE, Source),
+OFFSET(PfStarted, KPROFILE, Started),
+SIZE(ProfileObjectLength, KPROFILE),
+
+HEADER("PORT_MESSAGE"),
+OFFSET(PmLength, PORT_MESSAGE, u1.Length),
+OFFSET(PmZeroInit, PORT_MESSAGE, u2.ZeroInit),
+OFFSET(PmClientId, PORT_MESSAGE, ClientId),
+OFFSET(PmProcess, PORT_MESSAGE, ClientId.UniqueProcess),
+OFFSET(PmThread, PORT_MESSAGE, ClientId.UniqueThread),
+OFFSET(PmMessageId, PORT_MESSAGE, MessageId),
+OFFSET(PmClientViewSize, PORT_MESSAGE, ClientViewSize),
+SIZE(PortMessageLength, PORT_MESSAGE),
+
+HEADER("KPROCESS"),
+OFFSET(PrType, KPROCESS, Header.Type),
+OFFSET(PrSize, KPROCESS, Header.Size),
+OFFSET(PrSignalState, KPROCESS, Header.SignalState),
+OFFSET(PrProfileListHead, KPROCESS, ProfileListHead),
+OFFSET(PrDirectoryTableBase, KPROCESS, DirectoryTableBase),
+#ifdef _M_IX86
+OFFSET(PrLdtDescriptor, KPROCESS, LdtDescriptor),
+#endif
+OFFSET(PrIopmOffset, KPROCESS, IopmOffset),
+#ifdef _M_IX86
+OFFSET(PrInt21Descriptor, KPROCESS, Int21Descriptor),
+OFFSET(PrVdmTrapcHandler, KPROCESS, VdmTrapcHandler),
+//OFFSET(PrVdmObjects, KPROCESS, VdmObjects),
+OFFSET(PrFlags, KPROCESS, Flags),
+#endif
+//OFFSET(PrInstrumentationCallback, KPROCESS, InstrumentationCallback),
+OFFSET(PrActiveProcessors, KPROCESS, ActiveProcessors),
+OFFSET(PrKernelTime, KPROCESS, KernelTime),
+OFFSET(PrUserTime, KPROCESS, UserTime),
+OFFSET(PrReadyListHead, KPROCESS, ReadyListHead),
+OFFSET(PrSwapListEntry, KPROCESS, SwapListEntry),
+OFFSET(PrThreadListHead, KPROCESS, ThreadListHead),
+OFFSET(PrProcessLock, KPROCESS, ProcessLock),
+OFFSET(PrAffinity, KPROCESS, Affinity),
+OFFSET(PrProcessFlags, KPROCESS, ProcessFlags),
+OFFSET(PrBasePriority, KPROCESS, BasePriority),
+OFFSET(PrQuantumReset, KPROCESS, QuantumReset),
+OFFSET(PrState, KPROCESS, State),
+OFFSET(PrStackCount, KPROCESS, StackCount),
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+OFFSET(PrCycleTime, KPROCESS, CycleTime),
+#endif
+SIZE(KernelProcessObjectLength, KPROCESS),
+
+HEADER("KQUEUE"),
+OFFSET(QuType, KQUEUE, Header.Type),
+OFFSET(QuSize, KQUEUE, Header.Size),
+OFFSET(QuSignalState, KQUEUE, Header.SignalState),
+OFFSET(QuEntryListHead, KQUEUE, EntryListHead),
+OFFSET(QuCurrentCount, KQUEUE, CurrentCount),
+OFFSET(QuMaximumCount, KQUEUE, MaximumCount),
+OFFSET(QuThreadListHead, KQUEUE, ThreadListHead),
+SIZE(QueueObjectLength, KQUEUE),
+
+HEADER("STRING"),
+OFFSET(StrLength, STRING, Length),
+OFFSET(StrMaximumLength, STRING, MaximumLength),
+OFFSET(StrBuffer, STRING, Buffer),
+
+HEADER("TEB"),
+OFFSET(TeCmTeb, TEB, NtTib),
+#ifdef _M_IX86
+OFFSET(TeExceptionList, TEB, NtTib.ExceptionList),
+#endif
+OFFSET(TeStackBase, TEB, NtTib.StackBase),
+OFFSET(TeStackLimit, TEB, NtTib.StackLimit),
+OFFSET(TeFiberData, TEB, NtTib.FiberData),
+OFFSET(TeSelf, TEB, NtTib.Self),
+OFFSET(TeEnvironmentPointer, TEB, EnvironmentPointer),
+OFFSET(TeClientId, TEB, ClientId),
+OFFSET(TeActiveRpcHandle, TEB, ActiveRpcHandle),
+OFFSET(TeThreadLocalStoragePointer, TEB, ThreadLocalStoragePointer),
+OFFSET(TeCountOfOwnedCriticalSections, TEB, CountOfOwnedCriticalSections),
+OFFSET(TePeb, TEB, ProcessEnvironmentBlock),
+OFFSET(TeCsrClientThread, TEB, CsrClientThread),
+OFFSET(TeWOW32Reserved, TEB, WOW32Reserved),
+//OFFSET(TeSoftFpcr, TEB, SoftFpcr),
+OFFSET(TeExceptionCode, TEB, ExceptionCode),
+OFFSET(TeActivationContextStackPointer, TEB, ActivationContextStackPointer),
+OFFSET(TeGdiClientPID, TEB, GdiClientPID),
+OFFSET(TeGdiClientTID, TEB, GdiClientTID),
+OFFSET(TeGdiThreadLocalInfo, TEB, GdiThreadLocalInfo),
+OFFSET(TeglDispatchTable, TEB, glDispatchTable),
+OFFSET(TeglReserved1, TEB, glReserved1),
+OFFSET(TeglReserved2, TEB, glReserved2),
+OFFSET(TeglSectionInfo, TEB, glSectionInfo),
+OFFSET(TeglSection, TEB, glSection),
+OFFSET(TeglTable, TEB, glTable),
+OFFSET(TeglCurrentRC, TEB, glCurrentRC),
+OFFSET(TeglContext, TEB, glContext),
+OFFSET(TeDeallocationStack, TEB, DeallocationStack),
+OFFSET(TeTlsSlots, TEB, TlsSlots),
+OFFSET(TeTlsExpansionSlots, TEB, TlsExpansionSlots),
+OFFSET(TeLastErrorValue, TEB, LastErrorValue),
+OFFSET(TeVdm, TEB, Vdm),
+OFFSET(TeInstrumentation, TEB, Instrumentation),
+OFFSET(TeGdiBatchCount, TEB, GdiBatchCount),
+OFFSET(TeGuaranteedStackBytes, TEB, GuaranteedStackBytes),
+OFFSET(TeFlsData, TEB, FlsData),
+//OFFSET(TeProcessRundown, TEB, ProcessRundown),
+SIZE(ThreadEnvironmentBlockLength, TEB),
+
+HEADER("TIME_FIELDS"),
+OFFSET(TfSecond, TIME_FIELDS, Second),
+OFFSET(TfMinute, TIME_FIELDS, Minute),
+OFFSET(TfHour, TIME_FIELDS, Hour),
+OFFSET(TfWeekday, TIME_FIELDS, Weekday),
+OFFSET(TfDay, TIME_FIELDS, Day),
+OFFSET(TfMonth, TIME_FIELDS, Month),
+OFFSET(TfYear, TIME_FIELDS, Year),
+OFFSET(TfMilliseconds, TIME_FIELDS, Milliseconds),
+
+HEADER("KTHREAD"),
+OFFSET(ThType, KTHREAD, DispatcherHeader.Type),
+//OFFSET(ThNpxIrql, KTHREAD, NpxIrql),
+OFFSET(ThSize, KTHREAD, DispatcherHeader.Size),
+OFFSET(ThLock, KTHREAD, DispatcherHeader.Lock),
+OFFSET(ThDebugActive, KTHREAD, DispatcherHeader.DebugActive),
+//OFFSET(ThThreadControlFlags, KTHREAD, DispatcherHeader.ThreadControlFlags),
+OFFSET(ThSignalState, KTHREAD, DispatcherHeader.SignalState),
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+OFFSET(ThCycleTime, KTHREAD, CycleTime),
+OFFSET(ThHighCycleTime, KTHREAD, HighCycleTime),
+#endif
+OFFSET(ThInitialStack, KTHREAD, InitialStack),
+OFFSET(ThStackLimit, KTHREAD, StackLimit),
+OFFSET(ThKernelStack, KTHREAD, KernelStack),
+OFFSET(ThThreadLock, KTHREAD, ThreadLock),
+//OFFSET(ThRunning, KTHREAD, Running),
+OFFSET(ThAlerted, KTHREAD, Alerted),
+//OFFSET(ThMiscFlags, KTHREAD, MiscFlags),
+OFFSET(ThApcState, KTHREAD, ApcState),
+OFFSET(ThPriority, KTHREAD, Priority),
+OFFSET(ThSwapBusy, KTHREAD, SwapBusy),
+OFFSET(ThNextProcessor, KTHREAD, NextProcessor),
+OFFSET(ThDeferredProcessor, KTHREAD, DeferredProcessor),
+OFFSET(ThApcQueueLock, KTHREAD, ApcQueueLock),
+OFFSET(ThContextSwitches, KTHREAD, ContextSwitches),
+OFFSET(ThState, KTHREAD, State),
+OFFSET(ThNpxState, KTHREAD, NpxState),
+OFFSET(ThWaitIrql, KTHREAD, WaitIrql),
+OFFSET(ThWaitMode, KTHREAD, WaitMode),
+OFFSET(ThWaitStatus, KTHREAD, WaitStatus),
+OFFSET(ThWaitBlockList, KTHREAD, WaitBlockList),
+OFFSET(ThGateObject, KTHREAD, GateObject),
+OFFSET(ThWaitListEntry, KTHREAD, WaitListEntry),
+OFFSET(ThSwapListEntry, KTHREAD, SwapListEntry),
+OFFSET(ThQueue, KTHREAD, Queue),
+OFFSET(ThWaitTime, KTHREAD, WaitTime),
+OFFSET(ThCombinedApcDisable, KTHREAD, CombinedApcDisable),
+OFFSET(ThKernelApcDisable, KTHREAD, KernelApcDisable),
+OFFSET(ThSpecialApcDisable, KTHREAD, SpecialApcDisable),
+OFFSET(ThTeb, KTHREAD, Teb),
+OFFSET(ThTimer, KTHREAD, Timer),
+OFFSET(ThThreadFlags, KTHREAD, ThreadFlags),
+OFFSET(ThServiceTable, KTHREAD, ServiceTable),
+OFFSET(ThWaitBlock, KTHREAD, WaitBlock),
+OFFSET(ThResourceIndex, KTHREAD, ResourceIndex),
+OFFSET(ThQueueListEntry, KTHREAD, QueueListEntry),
+OFFSET(ThTrapFrame, KTHREAD, TrapFrame),
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+OFFSET(ThFirstArgument, KTHREAD, FirstArgument),
+#endif
+OFFSET(ThCallbackStack, KTHREAD, CallbackStack),
+//OFFSET(ThCallbackDepth, KTHREAD, CallbackDepth),
+OFFSET(ThApcStateIndex, KTHREAD, ApcStateIndex),
+OFFSET(ThIdealProcessor, KTHREAD, IdealProcessor),
+OFFSET(ThBasePriority, KTHREAD, BasePriority),
+OFFSET(ThPriorityDecrement, KTHREAD, PriorityDecrement),
+OFFSET(ThAdjustReason, KTHREAD, AdjustReason),
+OFFSET(ThAdjustIncrement, KTHREAD, AdjustIncrement),
+OFFSET(ThPreviousMode, KTHREAD, PreviousMode),
+OFFSET(ThSaturation, KTHREAD, Saturation),
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+OFFSET(ThSystemCallNumber, KTHREAD, SystemCallNumber),
+#endif
+OFFSET(ThFreezeCount, KTHREAD, FreezeCount),
+OFFSET(ThUserAffinity, KTHREAD, UserAffinity),
+OFFSET(ThProcess, KTHREAD, Process),
+OFFSET(ThAffinity, KTHREAD, Affinity),
+OFFSET(ThUserIdealProcessor, KTHREAD, UserIdealProcessor),
+OFFSET(ThApcStatePointer, KTHREAD, ApcStatePointer),
+OFFSET(ThSavedApcState, KTHREAD, SavedApcState),
+OFFSET(ThWaitReason, KTHREAD, WaitReason),
+OFFSET(ThSuspendCount, KTHREAD, SuspendCount),
+//OFFSET(ThCodePatchInProgress, KTHREAD, CodePatchInProgress),
+OFFSET(ThWin32Thread, KTHREAD, Win32Thread),
+OFFSET(ThStackBase, KTHREAD, StackBase),
+OFFSET(ThSuspendApc, KTHREAD, SuspendApc),
+OFFSET(ThPowerState, KTHREAD, PowerState),
+OFFSET(ThKernelTime, KTHREAD, KernelTime),
+OFFSET(ThLegoData, KTHREAD, LegoData),
+OFFSET(ThLargeStack, KTHREAD, LargeStack),
+OFFSET(ThUserTime, KTHREAD, UserTime),
+OFFSET(ThSuspendSemaphore, KTHREAD, SuspendSemaphore),
+OFFSET(ThSListFaultCount, KTHREAD, SListFaultCount),
+OFFSET(ThThreadListEntry, KTHREAD, ThreadListEntry),
+OFFSET(ThMutantListHead, KTHREAD, MutantListHead),
+OFFSET(ThSListFaultAddress, KTHREAD, SListFaultAddress),
+SIZE(KernelThreadObjectLength, KTHREAD),
+SIZE(ExecutiveThreadObjectLength, ETHREAD),
+
+HEADER("KTIMER"),
+OFFSET(TiType, KTIMER, Header.Type),
+OFFSET(TiSize, KTIMER, Header.Size),
+OFFSET(TiInserted, KTIMER, Header.Inserted),
+OFFSET(TiSignalState, KTIMER, Header.SignalState),
+OFFSET(TiDueTime, KTIMER, DueTime),
+OFFSET(TiTimerListEntry, KTIMER, TimerListEntry),
+OFFSET(TiDpc, KTIMER, Dpc),
+OFFSET(TiPeriod, KTIMER, Period),
+SIZE(TimerObjectLength, KTIMER),
+
+HEADER("TIME"),
+//OFFSET(TmLowTime, TIME, LowTime),
+//OFFSET(TmHighTime, TIME, HighTime),
+
+#if 0
+HEADER("SYSTEM_CONTEXT_SWITCH_INFORMATION (relative to FindAny)"),
+RELOFFSET(TwFindAny, SYSTEM_CONTEXT_SWITCH_INFORMATION, FindAny, FindAny),
+RELOFFSET(TwFindIdeal, SYSTEM_CONTEXT_SWITCH_INFORMATION, FindIdeal, FindAny),
+RELOFFSET(TwFindLast, SYSTEM_CONTEXT_SWITCH_INFORMATION, FindLast, FindAny),
+RELOFFSET(TwIdleAny, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleAny, FindAny),
+RELOFFSET(TwIdleCurrent, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleCurrent, FindAny),
+RELOFFSET(TwIdleIdeal, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleIdeal, FindAny),
+RELOFFSET(TwIdleLast, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleLast, FindAny),
+RELOFFSET(TwPreemptAny, SYSTEM_CONTEXT_SWITCH_INFORMATION, PreemptAny, FindAny),
+RELOFFSET(TwPreemptCurrent, SYSTEM_CONTEXT_SWITCH_INFORMATION, PreemptCurrent, FindAny),
+RELOFFSET(TwPreemptLast, SYSTEM_CONTEXT_SWITCH_INFORMATION, PreemptLast, FindAny),
+RELOFFSET(TwSwitchToIdle, SYSTEM_CONTEXT_SWITCH_INFORMATION, SwitchToIdle, FindAny),
+#endif
+
+HEADER("KUSER_SHARED_DATA"),
+OFFSET(UsTickCountMultiplier, KUSER_SHARED_DATA, TickCountMultiplier),
+OFFSET(UsInterruptTime, KUSER_SHARED_DATA, InterruptTime),
+OFFSET(UsSystemTime, KUSER_SHARED_DATA, SystemTime),
+OFFSET(UsTimeZoneBias, KUSER_SHARED_DATA, TimeZoneBias),
+OFFSET(UsImageNumberLow, KUSER_SHARED_DATA, ImageNumberLow),
+OFFSET(UsImageNumberHigh, KUSER_SHARED_DATA, ImageNumberHigh),
+OFFSET(UsNtSystemRoot, KUSER_SHARED_DATA, NtSystemRoot),
+OFFSET(UsMaxStackTraceDepth, KUSER_SHARED_DATA, MaxStackTraceDepth),
+OFFSET(UsCryptoExponent, KUSER_SHARED_DATA, CryptoExponent),
+OFFSET(UsTimeZoneId, KUSER_SHARED_DATA, TimeZoneId),
+OFFSET(UsLargePageMinimum, KUSER_SHARED_DATA, LargePageMinimum),
+OFFSET(UsReserved2, KUSER_SHARED_DATA, Reserved2),
+OFFSET(UsNtProductType, KUSER_SHARED_DATA, NtProductType),
+OFFSET(UsProductTypeIsValid, KUSER_SHARED_DATA, ProductTypeIsValid),
+OFFSET(UsNtMajorVersion, KUSER_SHARED_DATA, NtMajorVersion),
+OFFSET(UsNtMinorVersion, KUSER_SHARED_DATA, NtMinorVersion),
+OFFSET(UsProcessorFeatures, KUSER_SHARED_DATA, ProcessorFeatures),
+OFFSET(UsReserved1, KUSER_SHARED_DATA, Reserved1),
+OFFSET(UsReserved3, KUSER_SHARED_DATA, Reserved3),
+OFFSET(UsTimeSlip, KUSER_SHARED_DATA, TimeSlip),
+OFFSET(UsAlternativeArchitecture, KUSER_SHARED_DATA, AlternativeArchitecture),
+OFFSET(UsSystemExpirationDate, KUSER_SHARED_DATA, SystemExpirationDate),
+OFFSET(UsSuiteMask, KUSER_SHARED_DATA, SuiteMask),
+OFFSET(UsKdDebuggerEnabled, KUSER_SHARED_DATA, KdDebuggerEnabled),
+OFFSET(UsActiveConsoleId, KUSER_SHARED_DATA, ActiveConsoleId),
+OFFSET(UsDismountCount, KUSER_SHARED_DATA, DismountCount),
+OFFSET(UsComPlusPackage, KUSER_SHARED_DATA, ComPlusPackage),
+OFFSET(UsLastSystemRITEventTickCount, KUSER_SHARED_DATA, LastSystemRITEventTickCount),
+OFFSET(UsNumberOfPhysicalPages, KUSER_SHARED_DATA, NumberOfPhysicalPages),
+OFFSET(UsSafeBootMode, KUSER_SHARED_DATA, SafeBootMode),
+//OFFSET(UsTscQpcData, KUSER_SHARED_DATA, TscQpcData),
+OFFSET(UsTestRetInstruction, KUSER_SHARED_DATA, TestRetInstruction),
+OFFSET(UsSystemCall, KUSER_SHARED_DATA, SystemCall),
+OFFSET(UsSystemCallReturn, KUSER_SHARED_DATA, SystemCallReturn),
+OFFSET(UsSystemCallPad, KUSER_SHARED_DATA, SystemCallPad),
+OFFSET(UsTickCount, KUSER_SHARED_DATA, TickCount),
+OFFSET(UsTickCountQuad, KUSER_SHARED_DATA, TickCountQuad),
+OFFSET(UsWow64SharedInformation, KUSER_SHARED_DATA, Wow64SharedInformation),
+
+HEADER("KWAIT_BLOCK"),
+OFFSET(WbWaitListEntry, KWAIT_BLOCK, WaitListEntry),
+OFFSET(WbThread, KWAIT_BLOCK, Thread),
+OFFSET(WbObject, KWAIT_BLOCK, Object),
+OFFSET(WbNextWaitBlock, KWAIT_BLOCK, NextWaitBlock),
+OFFSET(WbWaitKey, KWAIT_BLOCK, WaitKey),
+OFFSET(WbWaitType, KWAIT_BLOCK, WaitType),
+
+// ReactOS stuff here
+HEADER("KPCR"),
+OFFSET(KPCR_STALL_SCALE_FACTOR, KPCR, StallScaleFactor),
+
+OFFSET(TEB_EXCEPTION_LIST, TEB, NtTib.ExceptionList),
+OFFSET(CONTEXT_EAX, CONTEXT, Eax),
+OFFSET(CONTEXT_ECX, CONTEXT, Ecx),
+OFFSET(CONTEXT_EDX, CONTEXT, Edx),
+//CONTEXT.Edx
+OFFSET(CONTEXT_EBX, CONTEXT, Ebx),
+OFFSET(CONTEXT_ESI, CONTEXT, Esi),
+OFFSET(CONTEXT_EDI, CONTEXT, Edi),
+OFFSET(CONTEXT_SEGCS, CONTEXT, SegCs),
+OFFSET(CONTEXT_SEGDS, CONTEXT, SegDs),
+OFFSET(CONTEXT_SEGES, CONTEXT, SegEs),
+OFFSET(CONTEXT_SEGFS, CONTEXT, SegFs),
+OFFSET(CONTEXT_SEGGS, CONTEXT, SegGs),
+OFFSET(CONTEXT_SEGSS, CONTEXT, SegSs),
+OFFSET(CONTEXT_EFLAGS, CONTEXT, EFlags),
+OFFSET(CONTEXT_EIP, CONTEXT, Eip),
+OFFSET(CONTEXT_EBP, CONTEXT, Ebp),
+OFFSET(CONTEXT_ESP, CONTEXT, Esp),
+OFFSET(CONTEXT_FLAGS, CONTEXT, ContextFlags),
+SIZE(CONTEXT_FRAME_LENGTH, CONTEXT),
+
+OFFSET(EXCEPTION_RECORD_EXCEPTION_ADDRESS, EXCEPTION_RECORD, ExceptionAddress),
+OFFSET(EXCEPTION_RECORD_EXCEPTION_FLAGS, EXCEPTION_RECORD, ExceptionFlags),
+OFFSET(EXCEPTION_RECORD_EXCEPTION_CODE, EXCEPTION_RECORD, ExceptionCode),
+OFFSET(EXCEPTION_RECORD_EXCEPTION_RECORD, EXCEPTION_RECORD, ExceptionRecord),
+OFFSET(EXCEPTION_RECORD_NUMBER_PARAMETERS, EXCEPTION_RECORD, NumberParameters),
+