#define EFLAGS_VIP 0x100000
#define EFLAG_SIGN 0x8000
#define EFLAG_ZERO 0x4000
+#define EFLAGS_ID 0x200000
#define EFLAG_SELECT (EFLAG_SIGN + EFLAG_ZERO)
#endif
#define EFLAGS_USER_SANITIZE 0x3F4DD7
//
// Flags in RTL_ACTIVATION_CONTEXT_STACK_FRAME (from Checked NTDLL)
//
+#define RTL_ACTIVATION_CONTEXT_STACK_FRAME_FLAG_RELEASE_ON_DEACTIVATION 0x01
#define RTL_ACTIVATION_CONTEXT_STACK_FRAME_FLAG_NO_DEACTIVATE 0x02
#define RTL_ACTIVATION_CONTEXT_STACK_FRAME_FLAG_ON_FREE_LIST 0x04
#define RTL_ACTIVATION_CONTEXT_STACK_FRAME_FLAG_HEAP_ALLOCATED 0x08
typedef RTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED RTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME;
typedef PRTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED PRTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME;
+typedef struct _RTL_HEAP_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME
+{
+ RTL_ACTIVATION_CONTEXT_STACK_FRAME Frame;
+ ULONG_PTR Cookie;
+ PVOID ActivationStackBackTrace[8];
+} RTL_HEAP_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME, *PRTL_HEAP_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME;
+
#if (NTDDI_VERSION >= NTDDI_WS03)
typedef struct _ACTIVATION_CONTEXT_STACK
{
ULONG Flags;
} ACTIVATION_CONTEXT_DATA, *PACTIVATION_CONTEXT_DATA;
+typedef struct _ACTIVATION_CONTEXT_STACK_FRAMELIST
+{
+ ULONG Magic;
+ ULONG FramesInUse;
+ LIST_ENTRY Links;
+ ULONG Flags;
+ ULONG NotFramesInUse;
+ RTL_HEAP_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME Frames[32];
+} ACTIVATION_CONTEXT_STACK_FRAMELIST, *PACTIVATION_CONTEXT_STACK_FRAMELIST;
+
#endif /* NTOS_MODE_USER */
//