xref: /reactos/sdk/include/asm/ks386.template.h (revision c2c66aff)
1 
2 HEADER("CR0 flags"),
3 CONSTANT(CR0_PE),
4 CONSTANT(CR0_MP),
5 CONSTANT(CR0_EM),
6 CONSTANT(CR0_TS),
7 CONSTANT(CR0_ET),
8 CONSTANT(CR0_NE),
9 CONSTANT(CR0_WP),
10 CONSTANT(CR0_AM), // not win 10
11 CONSTANT(CR0_NW),
12 CONSTANT(CR0_CD),
13 CONSTANT(CR0_PG),
14 
15 HEADER("CR4 flags"),
16 CONSTANT(CR4_VME),
17 CONSTANT(CR4_PVI),
18 CONSTANT(CR4_TSD),
19 CONSTANT(CR4_DE),
20 CONSTANT(CR4_PSE),
21 CONSTANT(CR4_PAE),
22 CONSTANT(CR4_MCE),
23 CONSTANT(CR4_PGE),
24 CONSTANT(CR4_FXSR),
25 CONSTANT(CR4_XMMEXCPT),
26 //CONSTANT(CR4_PGE_V),
27 //CONSTANT(CR4_XSAVE),
28 
29 HEADER("Debug Registers"),
30 CONSTANT(DR6_LEGAL),
31 CONSTANT(DR7_LEGAL),
32 CONSTANT(DR7_ACTIVE),
33 CONSTANT(DR7_RESERVED_MASK),
34 
35 HEADER("EFLAGS"),
36 CONSTANT(EFLAGS_TF),
37 CONSTANT(EFLAGS_INTERRUPT_MASK),
38 CONSTANT(EFLAGS_V86_MASK),
39 CONSTANT(EFLAGS_ALIGN_CHECK),
40 CONSTANT(EFLAGS_VIF),
41 CONSTANT(EFLAGS_VIP),
42 CONSTANT(EFLAGS_USER_SANITIZE),
43 //CONSTANT(EFLAG_SELECT),
44 
45 #if (NTDDI_VERSION >= NTDDI_VISTA)
46 HEADER("Hypervisor Enlightenment Definitions"),
47 CONSTANT(HV_MMU_USE_HYPERCALL_FOR_ADDRESS_SWITCH),
48 CONSTANT(HV_MMU_USE_HYPERCALL_FOR_LOCAL_FLUSH),
49 CONSTANT(HV_MMU_USE_HYPERCALL_FOR_REMOTE_FLUSH),
50 CONSTANT(HV_KE_USE_HYPERCALL_FOR_LONG_SPIN_WAIT),
51 #endif
52 
53 HEADER("KeFeatureBits flags"),
54 CONSTANT(KF_V86_VIS),
55 CONSTANT(KF_RDTSC),
56 CONSTANT(KF_CR4),
57 CONSTANT(KF_GLOBAL_PAGE),
58 CONSTANT(KF_LARGE_PAGE),
59 CONSTANT(KF_CMPXCHG8B),
60 CONSTANT(KF_FAST_SYSCALL),
61 //CONSTANT(KF_XSTATE),
62 
63 HEADER("KDGT selectors"),
64 CONSTANT(KGDT_R3_DATA),
65 CONSTANT(KGDT_R3_CODE),
66 CONSTANT(KGDT_R0_CODE),
67 CONSTANT(KGDT_R0_DATA),
68 CONSTANT(KGDT_R0_PCR),
69 //CONSTANT(KGDT_STACK16),// obsolete
70 //CONSTANT(KGDT_CODE16),// obsolete
71 CONSTANT(KGDT_TSS),
72 CONSTANT(KGDT_R3_TEB),
73 //CONSTANT(KGDT_R3_GS),
74 CONSTANT(KGDT_DF_TSS),
75 CONSTANT(KGDT_NMI_TSS),
76 CONSTANT(KGDT_LDT),
77 
78 HEADER("Machine type definitions"),
79 CONSTANT(MACHINE_TYPE_ISA),
80 CONSTANT(MACHINE_TYPE_EISA),
81 CONSTANT(MACHINE_TYPE_MCA),
82 
83 HEADER("MSR definitions"),
84 CONSTANT(MSR_AMD_ACCESS),
85 CONSTANT(MSR_IA32_MISC_ENABLE),
86 CONSTANT(MSR_EFER),
87 
88 HEADER("MSR values"),
89 CONSTANT(MSR_NXE),
90 CONSTANT(XHF_NOEXECUTE),
91 CONSTANT(MSR_XD_ENABLE_MASK),
92 
93 HEADER("WOW64 turbo dispatch system call types"),
94 CONSTANT(ServiceNoTurbo),
95 CONSTANT(Service0Arg),
96 CONSTANT(Service0ArgReloadState),
97 CONSTANT(Service1ArgSp),
98 CONSTANT(Service1ArgNSp),
99 CONSTANT(Service2ArgNSpNSp),
100 CONSTANT(Service2ArgNSpNSpReloadState),
101 CONSTANT(Service2ArgSpNSp),
102 CONSTANT(Service2ArgSpSp),
103 CONSTANT(Service2ArgNSpSp),
104 CONSTANT(Service3ArgNSpNSpNSp),
105 CONSTANT(Service3ArgSpSpSp),
106 CONSTANT(Service3ArgSpNSpNSp),
107 CONSTANT(Service3ArgSpNSpNSpReloadState),
108 CONSTANT(Service3ArgSpSpNSp),
109 CONSTANT(Service3ArgNSpSpNSp),
110 CONSTANT(Service3ArgSpNSpSp),
111 CONSTANT(Service4ArgNSpNSpNSpNSp),
112 CONSTANT(Service4ArgSpSpNSpNSp),
113 CONSTANT(Service4ArgSpSpNSpNSpReloadState),
114 CONSTANT(Service4ArgSpNSpNSpNSp),
115 CONSTANT(Service4ArgSpNSpNSpNSpReloadState),
116 CONSTANT(Service4ArgNSpSpNSpNSp),
117 CONSTANT(Service4ArgSpSpSpNSp),
118 CONSTANT(ServiceCpupTdQuerySystemTime),
119 CONSTANT(ServiceCpupTdGetCurrentProcessorNumber),
120 CONSTANT(ServiceCpupTdReadWriteFile),
121 CONSTANT(ServiceCpupTdDeviceIoControlFile),
122 CONSTANT(ServiceCpupTdRemoveIoCompletion),
123 CONSTANT(ServiceCpupTdWaitForMultipleObjects),
124 CONSTANT(ServiceCpupTdWaitForMultipleObjects32),
125 CONSTANT(Wow64ServiceTypesCount),
126 
127 HEADER("VDM constants"),
128 CONSTANT(VDM_INDEX_Invalid),
129 CONSTANT(VDM_INDEX_0F),
130 CONSTANT(VDM_INDEX_ESPrefix),
131 CONSTANT(VDM_INDEX_CSPrefix),
132 CONSTANT(VDM_INDEX_SSPrefix),
133 CONSTANT(VDM_INDEX_DSPrefix),
134 CONSTANT(VDM_INDEX_FSPrefix),
135 CONSTANT(VDM_INDEX_GSPrefix),
136 CONSTANT(VDM_INDEX_OPER32Prefix),
137 CONSTANT(VDM_INDEX_ADDR32Prefix),
138 CONSTANT(VDM_INDEX_INSB),
139 CONSTANT(VDM_INDEX_INSW),
140 CONSTANT(VDM_INDEX_OUTSB),
141 CONSTANT(VDM_INDEX_OUTSW),
142 CONSTANT(VDM_INDEX_PUSHF),
143 CONSTANT(VDM_INDEX_POPF),
144 CONSTANT(VDM_INDEX_INTnn),
145 CONSTANT(VDM_INDEX_INTO),
146 CONSTANT(VDM_INDEX_IRET),
147 CONSTANT(VDM_INDEX_NPX),
148 CONSTANT(VDM_INDEX_INBimm),
149 CONSTANT(VDM_INDEX_INWimm),
150 CONSTANT(VDM_INDEX_OUTBimm),
151 CONSTANT(VDM_INDEX_OUTWimm),
152 CONSTANT(VDM_INDEX_INB),
153 CONSTANT(VDM_INDEX_INW),
154 CONSTANT(VDM_INDEX_OUTB),
155 CONSTANT(VDM_INDEX_OUTW),
156 CONSTANT(VDM_INDEX_LOCKPrefix),
157 CONSTANT(VDM_INDEX_REPNEPrefix),
158 CONSTANT(VDM_INDEX_REPPrefix),
159 CONSTANT(VDM_INDEX_CLI),
160 CONSTANT(VDM_INDEX_STI),
161 CONSTANT(VDM_INDEX_HLT),
162 CONSTANT(MAX_VDM_INDEX),
163 
164 //HEADER("VDM feature bits"),
165 //CONSTANT(V86_VIRTUAL_INT_EXTENSIONS),
166 //CONSTANT(PM_VIRTUAL_INT_EXTENSIONS),
167 
168 HEADER("XSAVE_AREA definitions"),
169 CONSTANT(XSTATE_MASK_LEGACY_FLOATING_POINT),
170 CONSTANT(XSTATE_MASK_LEGACY_SSE),
171 CONSTANT(XSTATE_MASK_LEGACY),
172 CONSTANT(XSTATE_MASK_GSSE),
173 
174 //HEADER("Interrupt vector definitions"),
175 //CONSTANT(IOMMU_VECTOR),
176 //CONSTANT(STUB_VECTOR),
177 //CONSTANT(REBOOT_VECTOR),
178 //CONSTANT(IPI_VECTOR),
179 //CONSTANT(LOCAL_ERROR_VECTOR),
180 //CONSTANT(PERF_VECTOR),
181 
182 HEADER("Miscellaneous constants"),
183 //CONSTANT(INITIAL_MXCSR),
184 //CONSTANT(IPI_FREEZE),
185 //CONSTANT(XSAVE_PRESENT),
186 SIZE(KTIMER_TABLE_SIZE, KTIMER_TABLE),
187 //CONSTANT(TRAP_FRAME_MARKER),
188 CONSTANT(FRAME_EDITED),
189 //CONSTANT(INTERRUPT_FRAME),
190 //CONSTANT(EXCEPTION_FRAME),
191 //CONSTANT(SYSCALL_FRAME),
192 //CONSTANT(KXMM_FRAME_SIZE),
193 //CONSTANT(KI_SLIST_FAULT_COUNT_MAXIMUM),
194 CONSTANT(PF_XMMI_INSTRUCTIONS_AVAILABLE),
195 CONSTANT(CPU_AMD),
196 CONSTANT(CPU_INTEL),
197 //CONSTANT(DEBUG_ACTIVE_MASK),
198 //CONSTANT(DEBUG_ACTIVE_MINIMAL_THREAD),
199 //CONSTANT(THREAD_LOCK_FLAGS_DBG_INSTRUMENTED),
200 //CONSTANT(X86AMD64_R3_LONG_MODE_CODE),
201 //CONSTANT(SEL_TYPE_NP),
202 //CONSTANT(TEB_FLAGS_SAFE_THUNK_CALL),
203 //CONSTANT(TEB_FLAGS_FIBER_SWAPPED),
204 //CONSTANT(KI_SPINLOCK_ORDER_PRCB_LOCK),
205 //CONSTANT(PROCESSOR_START_FLAG_FORCE_ENABLE_NX),
206 
207 HEADER("** FIELD OFFSETS ***************"),
208 
209 //HEADER("RtlBackoff offsets"),
210 //OFFSET(BoDelay, ????, Delay),
211 //SIZE(RtlBackoffLength, ????),
212 
213 HEADER("CONTEXT offsets"),
214 OFFSET(CsContextFlags, CONTEXT, ContextFlags),
215 OFFSET(CsDr0, CONTEXT, Dr0),
216 OFFSET(CsDr1, CONTEXT, Dr1),
217 OFFSET(CsDr2, CONTEXT, Dr2),
218 OFFSET(CsDr3, CONTEXT, Dr3),
219 OFFSET(CsDr6, CONTEXT, Dr6),
220 OFFSET(CsDr7, CONTEXT, Dr7),
221 OFFSET(CsFloatSave, CONTEXT, FloatSave),
222 OFFSET(CsSegGs, CONTEXT, SegGs),
223 OFFSET(CsSegFs, CONTEXT, SegFs),
224 OFFSET(CsSegEs, CONTEXT, SegEs),
225 OFFSET(CsSegDs, CONTEXT, SegDs),
226 OFFSET(CsEdi, CONTEXT, Edi),
227 OFFSET(CsEsi, CONTEXT, Esi),
228 OFFSET(CsEbx, CONTEXT, Ebx),
229 OFFSET(CsEdx, CONTEXT, Edx),
230 OFFSET(CsEcx, CONTEXT, Ecx),
231 OFFSET(CsEax, CONTEXT, Eax),
232 OFFSET(CsEbp, CONTEXT, Ebp),
233 OFFSET(CsEip, CONTEXT, Eip),
234 OFFSET(CsSegCs, CONTEXT, SegCs),
235 OFFSET(CsEflags, CONTEXT, EFlags),
236 OFFSET(CsEsp, CONTEXT, Esp),
237 OFFSET(CsSegSs, CONTEXT, SegSs),
238 OFFSET(CsExtendedRegisters, CONTEXT, ExtendedRegisters),
239 //OFFSET(CsMxCsr, CONTEXT, MxCsr),
240 SIZE(ContextFrameLength, CONTEXT),
241 SIZE(CONTEXT_LENGTH, CONTEXT),
242 
243 HEADER("KCALLOUT_FRAME offsets"),
244 OFFSET(CuInStk, KCALLOUT_FRAME, InitialStack), // 00000H
245 OFFSET(CuTrFr, KCALLOUT_FRAME, TrapFrame), // 00004H
246 OFFSET(CuCbStk, KCALLOUT_FRAME, CallbackStack), // 00008H
247 OFFSET(CuEdi, KCALLOUT_FRAME, Edi), // 0000CH
248 OFFSET(CuEsi, KCALLOUT_FRAME, Esi), // 00010H
249 OFFSET(CuEbx, KCALLOUT_FRAME, Ebx), // 00014H
250 OFFSET(CuEbp, KCALLOUT_FRAME, Ebp), // 00018H
251 OFFSET(CuRet, KCALLOUT_FRAME, ReturnAddress), // 0001CH
252 OFFSET(CuOutBf, KCALLOUT_FRAME, Result), // 00020H
253 OFFSET(CuOutLn, KCALLOUT_FRAME, ResultLength), // 00024H
254 
255 //HEADER("??? offsets"),
256 //OFFSET(ErrHandler, ???, Handler),
257 //OFFSET(ErrNext, ???, Next),
258 //OFFSET(ErrLength, ???, Length),
259 
260 HEADER("FLOATING_SAVE_AREA offsets"),
261 OFFSET(FpControlWord, FLOATING_SAVE_AREA, ControlWord),
262 OFFSET(FpStatusWord, FLOATING_SAVE_AREA, StatusWord),
263 OFFSET(FpTagWord, FLOATING_SAVE_AREA, TagWord),
264 OFFSET(FpErrorOffset, FLOATING_SAVE_AREA, ErrorOffset),
265 OFFSET(FpErrorSelector, FLOATING_SAVE_AREA, ErrorSelector),
266 OFFSET(FpDataOffset, FLOATING_SAVE_AREA, DataOffset),
267 OFFSET(FpDataSelector, FLOATING_SAVE_AREA, DataSelector),
268 OFFSET(FpRegisterArea, FLOATING_SAVE_AREA, RegisterArea),
269 
270 HEADER("XSAVE_FORMAT offsets"),
271 OFFSET(FxControlWord, XSAVE_FORMAT, ControlWord),
272 OFFSET(FxStatusWord, XSAVE_FORMAT, StatusWord),
273 OFFSET(FxTagWord, XSAVE_FORMAT, TagWord),
274 OFFSET(FxErrorOpcode, XSAVE_FORMAT, ErrorOpcode),
275 OFFSET(FxErrorOffset, XSAVE_FORMAT, ErrorOffset),
276 OFFSET(FxErrorSelector, XSAVE_FORMAT, ErrorSelector),
277 OFFSET(FxDataOffset, XSAVE_FORMAT, DataOffset),
278 OFFSET(FxDataSelector, XSAVE_FORMAT, DataSelector),
279 OFFSET(FxMxCsr, XSAVE_FORMAT, MxCsr),
280 SIZE(XSAVE_FORMAT_SIZE, XSAVE_FORMAT),
281 
282 HEADER("KGDTENTRY offsets"),
283 OFFSET(KgdtLimitLow, KGDTENTRY, LimitLow),
284 OFFSET(KgdtBaseLow, KGDTENTRY, BaseLow),
285 OFFSET(KgdtHighWord, KGDTENTRY, HighWord),
286 OFFSET(KgdtBaseMid, KGDTENTRY, HighWord.Bytes.BaseMid),
287 OFFSET(KgdtLimitHi, KGDTENTRY, HighWord.Bytes.Flags2),
288 OFFSET(KgdtBaseHi, KGDTENTRY, HighWord.Bytes.BaseHi),
289 
290 HEADER("KPRCB offsets"),
291 OFFSET(PbCurrentThread, KPRCB, CurrentThread),
292 OFFSET(PbNextThread, KPRCB, NextThread),
293 OFFSET(PbIdleThread, KPRCB, IdleThread),
294 //OFFSET(PbNestingLevel, KPRCB, NestingLevel),
295 OFFSET(PbCpuType, KPRCB, CpuType),
296 OFFSET(PbCpuID, KPRCB, CpuID),
297 OFFSET(PbCpuStep, KPRCB, CpuStep),
298 OFFSET(PbProcessorState, KPRCB, ProcessorState),
299 OFFSET(PbParentNode, KPRCB, ParentNode),
300 //OFFSET(PbPriorityState, KPRCB, PriorityState),
301 OFFSET(PbHalReserved, KPRCB, HalReserved),
302 //OFFSET(PbCFlushSize, KPRCB, CFlushSize),
303 //OFFSET(PbCpuVendor, KPRCB, CpuVendor),
304 //OFFSET(PbGroupSetMember, KPRCB, GroupSetMember),
305 OFFSET(PbNumber, KPRCB, Number),
306 //OFFSET(PbClockOwner, KPRCB, ClockOwner),
307 OFFSET(PbLockQueue, KPRCB, LockQueue),
308 OFFSET(PbInterruptCount, KPRCB, InterruptCount),
309 OFFSET(PbKernelTime, KPRCB, KernelTime),
310 OFFSET(PbUserTime, KPRCB, UserTime),
311 OFFSET(PbDpcTime, KPRCB, DpcTime),
312 OFFSET(PbInterruptTime, KPRCB, InterruptTime),
313 OFFSET(PbAdjustDpcThreshold, KPRCB, AdjustDpcThreshold),
314 OFFSET(PbPageColor, KPRCB, PageColor),
315 OFFSET(PbDebuggerSavedIRQL, KPRCB, DebuggerSavedIRQL),
316 OFFSET(PbNodeShiftedColor, KPRCB, NodeShiftedColor),
317 OFFSET(PbSecondaryColorMask, KPRCB, SecondaryColorMask),
318 //OFFSET(PbAlignmentFixupCount, KPRCB, AlignmentFixupCount),
319 //OFFSET(PbExceptionDispatchCount, KPRCB, ExceptionDispatchCount),
320 OFFSET(PbSystemCalls, KPRCB, KeSystemCalls),
321 OFFSET(PbPPLookasideList, KPRCB, PPLookasideList),
322 OFFSET(PbPPNPagedLookasideList, KPRCB, PPNPagedLookasideList),
323 OFFSET(PbPPPagedLookasideList, KPRCB, PPPagedLookasideList),
324 OFFSET(PbPacketBarrier, KPRCB, PacketBarrier),
325 OFFSET(PbReverseStall, KPRCB, ReverseStall),
326 OFFSET(PbIpiFrame, KPRCB, IpiFrame),
327 OFFSET(PbCurrentPacket, KPRCB, CurrentPacket),
328 OFFSET(PbTargetSet, KPRCB, TargetSet),
329 OFFSET(PbWorkerRoutine, KPRCB, WorkerRoutine),
330 OFFSET(PbIpiFrozen, KPRCB, IpiFrozen),
331 OFFSET(PbRequestSummary, KPRCB, RequestSummary),
332 //OFFSET(PbDpcList, KPRCB, DpcList),
333 //OFFSET(PbDpcLock, KPRCB, DpcLock),
334 //OFFSET(PbDpcCount, KPRCB, DpcCount),
335 OFFSET(PbDpcStack, KPRCB, DpcStack),
336 OFFSET(PbMaximumDpcQueueDepth, KPRCB, MaximumDpcQueueDepth),
337 OFFSET(PbDpcRequestRate, KPRCB, DpcRequestRate),
338 OFFSET(PbMinimumDpcRate, KPRCB, MinimumDpcRate),
339 OFFSET(PbDpcLastCount, KPRCB, DpcLastCount),
340 OFFSET(PbPrcbLock, KPRCB, PrcbLock),
341 OFFSET(PbQuantumEnd, KPRCB, QuantumEnd),
342 OFFSET(PbDpcRoutineActive, KPRCB, DpcRoutineActive),
343 OFFSET(PbIdleSchedule, KPRCB, IdleSchedule),
344 //OFFSET(PbNormalDpcState, KPRCB, NormalDpcState),
345 //OFFSET(PbKeSpinLockOrdering, KPRCB, KeSpinLockOrdering),
346 OFFSET(PbDeferredReadyListHead, KPRCB, DeferredReadyListHead),
347 OFFSET(PbReadySummary, KPRCB, ReadySummary),
348 OFFSET(PbWaitListHead, KPRCB, WaitListHead),
349 //OFFSET(PbStartCycle, KPRCB, StartCycle),
350 //OFFSET(PbCycleTime, KPRCB, CycleTime),
351 //OFFSET(PbHighCycleTime, KPRCB, HighCycleTime),
352 OFFSET(PbDispatcherReadyListHead, KPRCB, DispatcherReadyListHead),
353 OFFSET(PbChainedInterruptList, KPRCB, ChainedInterruptList),
354 //OFFSET(PbSpinLockAcquireCount, KPRCB, SpinLockAcquireCount),
355 //OFFSET(PbSpinLockContentionCount, KPRCB, SpinLockContentionCount),
356 //OFFSET(PbSpinLockSpinCount, KPRCB, SpinLockSpinCount),
357 //OFFSET(PbContext, KPRCB, Context),
358 //OFFSET(PbIsrStack, KPRCB, IsrStack),
359 //OFFSET(PbVectorToInterruptObject, KPRCB, VectorToInterruptObject),
360 //OFFSET(PbEntropyBuffer, KPRCB, EntropyTimingState.Buffer),
361 //OFFSET(PbMailbox, KPRCB, Mailbox),
362 SIZE(ProcessorBlockLength, KPRCB),
363 
364 HEADER("KPCR offsets"),
365 OFFSET(PcExceptionList, KIPCR, NtTib.ExceptionList),
366 //OFFSET(PcInitialStack, KIPCR, InitialStack),
367 //OFFSET(PcMxCsr, KIPCR, MxCsr),
368 OFFSET(PcTssCopy, KIPCR, TssCopy),
369 OFFSET(PcContextSwitches, KIPCR, ContextSwitches),
370 OFFSET(PcSetMemberCopy, KIPCR, SetMemberCopy),
371 OFFSET(PcTeb, KIPCR, NtTib.Self),
372 OFFSET(PcSelfPcr, KIPCR, Self),
373 OFFSET(PcPrcb, KIPCR, Prcb),
374 OFFSET(PcIrql, KIPCR, Irql),
375 OFFSET(PcIRR, KIPCR, IRR),
376 OFFSET(PcIrrActive, KIPCR, IrrActive),
377 OFFSET(PcIDR, KIPCR, IDR),
378 OFFSET(PcIdt, KIPCR, IDT),
379 OFFSET(PcGdt, KIPCR, GDT),
380 OFFSET(PcTss, KIPCR, TSS),
381 OFFSET(PcSetMember, KIPCR, SetMember),
382 OFFSET(PcStallScaleFactor, KIPCR, StallScaleFactor),
383 OFFSET(PcNumber, KIPCR, Number),
384 OFFSET(PcVdmAlert, KIPCR, VdmAlert),
385 OFFSET(PcHal, KIPCR, HalReserved),
386 OFFSET(PcPrcbData, KIPCR, PrcbData),
387 OFFSET(PcCurrentThread, KIPCR, PrcbData.CurrentThread),
388 //OFFSET(PcNestingLevel, KIPCR, PrcbData.NestingLevel),
389 OFFSET(PcParentNode, KIPCR, PrcbData.ParentNode),
390 OFFSET(PcInterruptCount, KIPCR, PrcbData.InterruptCount),
391 //OFFSET(PcDpcRequestSummary, KIPCR, PrcbData.DpcRequestSummary),
392 //OFFSET(PcStartCycles, KIPCR, PrcbData.StartCycles),
393 //OFFSET(PcCycleTime, KIPCR, PrcbData.CycleTime),
394 //OFFSET(PcHighCycleTime, KIPCR, PrcbData.HighCycleTime),
395 SIZE(ProcessorControlRegisterLength, KIPCR),
396 
397 // Processor Start Block Offset Definitions
398 //HEADER("??? offsets"),
399 //OFFSET(PsbCompletionFlag, ???, PsbCompletionFlag),
400 //OFFSET(PsbFlags, ???, PsbCompletionFlag),
401 //OFFSET(PsbTiledMemoryMap, ???, PsbCompletionFlag),
402 //OFFSET(PsbSelfMap, ???, PsbCompletionFlag),
403 //OFFSET(PsbProcessorState, ???, PsbCompletionFlag),
404 //SIZE(ProcessorStartBlockLength, ???, PsbCompletionFlag),
405 
406 HEADER("PEB offsets"),
407 OFFSET(PebBeingDebugged, PEB, BeingDebugged),
408 OFFSET(PebKernelCallbackTable, PEB, KernelCallbackTable),
409 
410 HEADER("KPROCESSOR_STATE offsets"),
411 OFFSET(PsContextFrame, KPROCESSOR_STATE, ContextFrame),
412 OFFSET(PsSpecialRegisters, KPROCESSOR_STATE, SpecialRegisters),
413 SIZE(ProcessorStateLength, KPROCESSOR_STATE),
414 
415 HEADER("KSPECIAL_REGISTERS offsets"),
416 OFFSET(SrCr0, KSPECIAL_REGISTERS, Cr0),
417 OFFSET(SrCr2, KSPECIAL_REGISTERS, Cr2),
418 OFFSET(SrCr3, KSPECIAL_REGISTERS, Cr3),
419 OFFSET(SrCr4, KSPECIAL_REGISTERS, Cr4),
420 OFFSET(SrKernelDr0, KSPECIAL_REGISTERS, KernelDr0),
421 OFFSET(SrKernelDr1, KSPECIAL_REGISTERS, KernelDr1),
422 OFFSET(SrKernelDr2, KSPECIAL_REGISTERS, KernelDr2),
423 OFFSET(SrKernelDr3, KSPECIAL_REGISTERS, KernelDr3),
424 OFFSET(SrKernelDr6, KSPECIAL_REGISTERS, KernelDr6),
425 OFFSET(SrKernelDr7, KSPECIAL_REGISTERS, KernelDr7),
426 OFFSET(SrGdtr, KSPECIAL_REGISTERS, Gdtr),
427 OFFSET(SrIdtr, KSPECIAL_REGISTERS, Idtr),
428 OFFSET(SrTr, KSPECIAL_REGISTERS, Tr),
429 OFFSET(SrLdtr, KSPECIAL_REGISTERS, Ldtr),
430 //OFFSET(SrXcr0, KSPECIAL_REGISTERS, Xcr0),
431 //OFFSET(SrExceptionList, KSPECIAL_REGISTERS, ExceptionList),
432 
433 HEADER("KSYSTEM_TIME offsets"),
434 OFFSET(StLowTime, KSYSTEM_TIME, LowTime),
435 OFFSET(StHigh1Time, KSYSTEM_TIME, High1Time),
436 OFFSET(StHigh2Time, KSYSTEM_TIME, High2Time),
437 
438 //HEADER("KSWITCH_FRAME offsets"),
439 //SIZE(SwitchFrameLength, KSWITCH_FRAME),
440 
441 HEADER("TEB offsets (duplicates Te* definitions!)"),
442 OFFSET(TbExceptionList, TEB, NtTib.ExceptionList),
443 OFFSET(TbStackBase, TEB, NtTib.StackBase),
444 OFFSET(TbStackLimit, TEB, NtTib.StackLimit),
445 OFFSET(TbVersion, TEB, NtTib.Version),
446 OFFSET(TbFiberData, TEB, NtTib.FiberData),
447 OFFSET(TbArbitraryUserPointer, TEB, NtTib.ArbitraryUserPointer),
448 OFFSET(TbEnvironmentPointer, TEB, EnvironmentPointer),
449 OFFSET(TbClientId, TEB, ClientId),
450 OFFSET(TbThreadLocalStoragePointer, TEB, ThreadLocalStoragePointer),
451 OFFSET(TbCountOfOwnedCriticalSections, TEB, CountOfOwnedCriticalSections),
452 OFFSET(TbCsrClientThread, TEB, CsrClientThread),
453 OFFSET(TbWOW32Reserved, TEB, WOW32Reserved),
454 OFFSET(TbSystemReserved1, TEB, SystemReserved1),
455 OFFSET(TbExceptionCode, TEB, ExceptionCode),
456 OFFSET(TbGdiThreadLocalInfo, TEB, GdiThreadLocalInfo),
457 OFFSET(TbglDispatchTable, TEB, glDispatchTable),
458 OFFSET(TbglSectionInfo, TEB, glSectionInfo),
459 OFFSET(TbglSection, TEB, glSection),
460 OFFSET(TbglTable, TEB, glTable),
461 OFFSET(TbglCurrentRC, TEB, glCurrentRC),
462 OFFSET(TbglContext, TEB, glContext),
463 OFFSET(TbDeallocationStack, TEB, DeallocationStack),
464 OFFSET(TbVdm, TEB, Vdm),
465 OFFSET(TbGdiBatchCount, TEB, GdiBatchCount),
466 //OFFSET(TeSameTebFlags, TEB, SameTebFlags),
467 OFFSET(TebPeb, TEB, ProcessEnvironmentBlock),
468 
469 HEADER("KTRAP_FRAME"),
470 OFFSET(TsDbgEbp, KTRAP_FRAME, DbgEbp),
471 OFFSET(TsDbgEip, KTRAP_FRAME, DbgEip),
472 OFFSET(TsDbgArgMark, KTRAP_FRAME, DbgArgMark),
473 OFFSET(TsTempSegCs, KTRAP_FRAME, TempSegCs),
474 //OFFSET(TsLogging, KTRAP_FRAME, Logging),
475 //OFFSET(TsFrameType, KTRAP_FRAME, FrameType),
476 OFFSET(TsTempEsp, KTRAP_FRAME, TempEsp),
477 OFFSET(TsDr0, KTRAP_FRAME, Dr0),
478 OFFSET(TsDr1, KTRAP_FRAME, Dr1),
479 OFFSET(TsDr2, KTRAP_FRAME, Dr2),
480 OFFSET(TsDr3, KTRAP_FRAME, Dr3),
481 OFFSET(TsDr6, KTRAP_FRAME, Dr6),
482 OFFSET(TsDr7, KTRAP_FRAME, Dr7),
483 OFFSET(TsSegGs, KTRAP_FRAME, SegGs),
484 OFFSET(TsSegEs, KTRAP_FRAME, SegEs),
485 OFFSET(TsSegDs, KTRAP_FRAME, SegDs),
486 OFFSET(TsEdx, KTRAP_FRAME, Edx),
487 OFFSET(TsEcx, KTRAP_FRAME, Ecx),
488 OFFSET(TsEax, KTRAP_FRAME, Eax),
489 OFFSET(TsPreviousPreviousMode, KTRAP_FRAME, PreviousPreviousMode),
490 //OFFSET(TsMxCsr, KTRAP_FRAME, MxCsr),
491 OFFSET(TsExceptionList, KTRAP_FRAME, ExceptionList),
492 //OFFSET(TsEntropyQueueDpc, KTRAP_FRAME, EntropyQueueDpc),
493 OFFSET(TsSegFs, KTRAP_FRAME, SegFs),
494 OFFSET(TsEdi, KTRAP_FRAME, Edi),
495 OFFSET(TsEsi, KTRAP_FRAME, Esi),
496 OFFSET(TsEbx, KTRAP_FRAME, Ebx),
497 OFFSET(TsEbp, KTRAP_FRAME, Ebp),
498 OFFSET(TsErrCode, KTRAP_FRAME, ErrCode),
499 OFFSET(TsEip, KTRAP_FRAME, Eip),
500 OFFSET(TsSegCs, KTRAP_FRAME, SegCs),
501 OFFSET(TsEflags, KTRAP_FRAME, EFlags),
502 OFFSET(TsHardwareEsp, KTRAP_FRAME, HardwareEsp),
503 OFFSET(TsHardwareSegSs, KTRAP_FRAME, HardwareSegSs),
504 OFFSET(TsDbgArgPointer, KTRAP_FRAME, DbgArgPointer), // not in win10
505 OFFSET(TsV86Es, KTRAP_FRAME, V86Es),
506 OFFSET(TsV86Ds, KTRAP_FRAME, V86Ds),
507 OFFSET(TsV86Fs, KTRAP_FRAME, V86Fs),
508 OFFSET(TsV86Gs, KTRAP_FRAME, V86Gs),
509 SIZE(KTRAP_FRAME_LENGTH, KTRAP_FRAME),
510 CONSTANT(KTRAP_FRAME_ALIGN),
511 
512 HEADER("KTSS offsets"),
513 OFFSET(TssEsp0, KTSS, Esp0),
514 OFFSET(TssCR3, KTSS, CR3),
515 OFFSET(TssEip, KTSS, Eip),
516 OFFSET(TssEFlags, KTSS, EFlags),
517 OFFSET(TssEax, KTSS, Eax),
518 OFFSET(TssEbx, KTSS, Ebx),
519 OFFSET(TssEcx, KTSS, Ecx),
520 OFFSET(TssEdx, KTSS, Edx),
521 OFFSET(TssEsp, KTSS, Esp),
522 OFFSET(TssEbp, KTSS, Ebp),
523 OFFSET(TssEsi, KTSS, Esi),
524 OFFSET(TssEdi, KTSS, Edi),
525 OFFSET(TssEs, KTSS, Es),
526 OFFSET(TssCs, KTSS, Cs),
527 OFFSET(TssSs, KTSS, Ss),
528 OFFSET(TssDs, KTSS, Ds),
529 OFFSET(TssFs, KTSS, Fs),
530 OFFSET(TssGs, KTSS, Gs),
531 OFFSET(TssLDT, KTSS, LDT),
532 OFFSET(TssIoMapBase, KTSS, IoMapBase),
533 OFFSET(TssIoMaps, KTSS, IoMaps),
534 SIZE(TssLength, KTSS),
535 
536 //HEADER("VDM_PROCESS_OBJECTS??? offsets"),
537 //VpVdmTib equ 00098H
538 
539 HEADER("XSTATE_CONFIGURATION offsets"),
540 OFFSET(XcfgEnabledFeatures, XSTATE_CONFIGURATION, EnabledFeatures),
541 #if (NTDDI_VERSION >= NTDDI_WIN10)
542 OFFSET(XcfgEnabledVolatileFeatures, XSTATE_CONFIGURATION, EnabledFeatures),
543 #endif
544 
545 HEADER("XSTATE_CONTEXT offsets"),
546 OFFSET(XctxMask, XSTATE_CONTEXT, Mask),
547 OFFSET(XctxLength, XSTATE_CONTEXT, Length),
548 OFFSET(XctxArea, XSTATE_CONTEXT, Area),
549 
550 HEADER("XSAVE_AREA offsets"),
551 OFFSET(XsaHeader, XSAVE_AREA, Header),
552 SIZE(XsaHeaderLength, XSAVE_AREA_HEADER),
553 //CONSTANTX(XSAVE_ALIGN, _alignof(XSAVE_AREA)),
554 
555 HEADER("Data access macros"),
556 RAW("#define USERDATA ds:[HEX(0FFDF0000)]"),
557 RAW("#define PCR fs:"),
558 
559 #if (NTDDI_VERSION >= NTDDI_VISTA)
560 HEADER("KNODE offsets"),
561 OFFSET(NdIdleCpuSet, KNODE, IdleCpuSet),
562 #endif
563 
564 //HEADER("ETW definitions for interrupt tracing"),
565 //SIZE(EtwTSLength, ???, TSLength),
566 
567 //HEADER("WOW64 shared information block definitions"),
568 //OFFSET(PwWow64Info, ???, IdleCpuSet),
569 //OFFSET(WiCpuFlags, ???, IdleCpuSet),
570 //CONSTANT(WOW64_CPUFLAGS_SOFTWARE),
571 
572 
573 /// Unknown stuff:
574 
575 CONSTANT(NPX_STATE_NOT_LOADED),
576 CONSTANT(NPX_STATE_LOADED),
577 //CONSTANT(NPX_MASK_LAZY),
578 
579 // ReactOS stuff here
580 HEADER("KPCR"),
581 OFFSET(KPCR_EXCEPTION_LIST, KPCR, NtTib.ExceptionList),
582 OFFSET(KPCR_PERF_GLOBAL_GROUP_MASK, KIPCR, PerfGlobalGroupMask),
583 OFFSET(KPCR_CONTEXT_SWITCHES, KPCR, ContextSwitches),
584 OFFSET(KPCR_TEB, KIPCR, Used_Self),
585 OFFSET(KPCR_SELF, KIPCR, Self),
586 OFFSET(KPCR_PRCB, KPCR, Prcb),
587 OFFSET(KPCR_IDT, KIPCR, IDT),
588 OFFSET(KPCR_GDT, KIPCR, GDT),
589 OFFSET(KPCR_TSS, KPCR, TSS),
590 OFFSET(KPCR_STALL_SCALE_FACTOR, KPCR, StallScaleFactor),
591 OFFSET(KPCR_PRCB_DATA, KIPCR, PrcbData),
592 OFFSET(KPCR_CURRENT_THREAD, KIPCR, PrcbData.CurrentThread),
593 OFFSET(KPCR_PRCB_NEXT_THREAD, KIPCR, PrcbData.NextThread),
594 OFFSET(KPCR_PRCB_DPC_QUEUE_DEPTH, KIPCR, PrcbData.DpcData[0].DpcQueueDepth),
595 OFFSET(KPCR_PRCB_DPC_STACK, KIPCR, PrcbData.DpcStack),
596 OFFSET(KPCR_PRCB_MAXIMUM_DPC_QUEUE_DEPTH, KIPCR, PrcbData.MaximumDpcQueueDepth),
597 OFFSET(KPCR_PRCB_DPC_ROUTINE_ACTIVE, KIPCR, PrcbData.DpcRoutineActive),
598 OFFSET(KPCR_PRCB_TIMER_REQUEST, KIPCR, PrcbData.TimerRequest),
599 OFFSET(KPCR_PRCB_QUANTUM_END, KIPCR, PrcbData.QuantumEnd),
600 OFFSET(KPCR_PRCB_DEFERRED_READY_LIST_HEAD, KIPCR, PrcbData.DeferredReadyListHead),
601 OFFSET(KPCR_PRCB_POWER_STATE_IDLE_FUNCTION, KIPCR, PrcbData.PowerState.IdleFunction),
602 
603 HEADER("KTRAP_FRAME"),
604 OFFSET(KTRAP_FRAME_DEBUGEBP, KTRAP_FRAME, DbgEbp),
605 OFFSET(KTRAP_FRAME_DEBUGEIP, KTRAP_FRAME, DbgEip),
606 OFFSET(KTRAP_FRAME_TEMPESP, KTRAP_FRAME, TempEsp),
607 OFFSET(KTRAP_FRAME_DR0, KTRAP_FRAME, Dr0),
608 OFFSET(KTRAP_FRAME_DR1, KTRAP_FRAME, Dr1),
609 OFFSET(KTRAP_FRAME_DR2, KTRAP_FRAME, Dr2),
610 OFFSET(KTRAP_FRAME_DR3, KTRAP_FRAME, Dr3),
611 OFFSET(KTRAP_FRAME_DR6, KTRAP_FRAME, Dr6),
612 OFFSET(KTRAP_FRAME_DR7, KTRAP_FRAME, Dr7),
613 OFFSET(KTRAP_FRAME_GS, KTRAP_FRAME, SegGs),
614 OFFSET(KTRAP_FRAME_ES, KTRAP_FRAME, SegEs),
615 OFFSET(KTRAP_FRAME_DS, KTRAP_FRAME, SegDs),
616 OFFSET(KTRAP_FRAME_EDX, KTRAP_FRAME, Edx),
617 OFFSET(KTRAP_FRAME_ECX, KTRAP_FRAME, Ecx),
618 OFFSET(KTRAP_FRAME_EAX, KTRAP_FRAME, Eax),
619 OFFSET(KTRAP_FRAME_PREVIOUS_MODE, KTRAP_FRAME, PreviousPreviousMode),
620 OFFSET(KTRAP_FRAME_EXCEPTION_LIST, KTRAP_FRAME, ExceptionList),
621 OFFSET(KTRAP_FRAME_FS, KTRAP_FRAME, SegFs),
622 OFFSET(KTRAP_FRAME_EDI, KTRAP_FRAME, Edi),
623 OFFSET(KTRAP_FRAME_ESI, KTRAP_FRAME, Esi),
624 OFFSET(KTRAP_FRAME_EBX, KTRAP_FRAME, Ebx),
625 OFFSET(KTRAP_FRAME_EBP, KTRAP_FRAME, Ebp),
626 OFFSET(KTRAP_FRAME_ERROR_CODE, KTRAP_FRAME, ErrCode),
627 OFFSET(KTRAP_FRAME_EIP, KTRAP_FRAME, Eip),
628 OFFSET(KTRAP_FRAME_EFLAGS, KTRAP_FRAME, EFlags),
629 OFFSET(KTRAP_FRAME_ESP, KTRAP_FRAME, HardwareEsp),
630 OFFSET(KTRAP_FRAME_SS, KTRAP_FRAME, HardwareSegSs),
631 OFFSET(KTRAP_FRAME_V86_ES, KTRAP_FRAME, V86Es),
632 OFFSET(KTRAP_FRAME_V86_DS, KTRAP_FRAME, V86Ds),
633 OFFSET(KTRAP_FRAME_V86_FS, KTRAP_FRAME, V86Fs),
634 OFFSET(KTRAP_FRAME_V86_GS, KTRAP_FRAME, V86Gs),
635 SIZE(KTRAP_FRAME_SIZE, KTRAP_FRAME),
636 
637 HEADER("CONTEXT"),
638 OFFSET(CONTEXT_FLAGS, CONTEXT, ContextFlags),
639 OFFSET(CONTEXT_SEGGS, CONTEXT, SegGs),
640 OFFSET(CONTEXT_SEGFS, CONTEXT, SegFs),
641 OFFSET(CONTEXT_SEGES, CONTEXT, SegEs),
642 OFFSET(CONTEXT_SEGDS, CONTEXT, SegDs),
643 OFFSET(CONTEXT_EDI, CONTEXT, Edi),
644 OFFSET(CONTEXT_ESI, CONTEXT, Esi),
645 OFFSET(CONTEXT_EBX, CONTEXT, Ebx),
646 OFFSET(CONTEXT_EDX, CONTEXT, Edx),
647 OFFSET(CONTEXT_ECX, CONTEXT, Ecx),
648 OFFSET(CONTEXT_EAX, CONTEXT, Eax),
649 OFFSET(CONTEXT_EBP, CONTEXT, Ebp),
650 OFFSET(CONTEXT_EIP, CONTEXT, Eip),
651 OFFSET(CONTEXT_SEGCS, CONTEXT, SegCs),
652 OFFSET(CONTEXT_EFLAGS, CONTEXT, EFlags),
653 OFFSET(CONTEXT_ESP, CONTEXT, Esp),
654 OFFSET(CONTEXT_SEGSS, CONTEXT, SegSs),
655 SIZE(CONTEXT_FRAME_LENGTH, CONTEXT),
656 
657 HEADER("FIBER"),
658 OFFSET(FIBER_PARAMETER, FIBER, FiberData),
659 OFFSET(FIBER_EXCEPTION_LIST, FIBER, ExceptionList),
660 OFFSET(FIBER_STACK_BASE, FIBER, StackBase),
661 OFFSET(FIBER_STACK_LIMIT, FIBER, StackLimit),
662 OFFSET(FIBER_DEALLOCATION_STACK, FIBER, DeallocationStack),
663 OFFSET(FIBER_CONTEXT, FIBER, FiberContext),
664 OFFSET(FIBER_CONTEXT_FLAGS, FIBER, FiberContext.ContextFlags),
665 OFFSET(FIBER_CONTEXT_EAX, FIBER, FiberContext.Eax),
666 OFFSET(FIBER_CONTEXT_EBX, FIBER, FiberContext.Ebx),
667 OFFSET(FIBER_CONTEXT_ECX, FIBER, FiberContext.Ecx),
668 OFFSET(FIBER_CONTEXT_EDX, FIBER, FiberContext.Edx),
669 OFFSET(FIBER_CONTEXT_ESI, FIBER, FiberContext.Esi),
670 OFFSET(FIBER_CONTEXT_EDI, FIBER, FiberContext.Edi),
671 OFFSET(FIBER_CONTEXT_EBP, FIBER, FiberContext.Ebp),
672 OFFSET(FIBER_CONTEXT_EIP, FIBER, FiberContext.Eip),
673 OFFSET(FIBER_CONTEXT_ESP, FIBER, FiberContext.Esp),
674 OFFSET(FIBER_CONTEXT_DR6, FIBER, FiberContext.Dr6),
675 OFFSET(FIBER_CONTEXT_FLOAT_SAVE_CONTROL_WORD, FIBER, FiberContext.FloatSave.ControlWord),
676 OFFSET(FIBER_CONTEXT_FLOAT_SAVE_STATUS_WORD, FIBER, FiberContext.FloatSave.StatusWord),
677 OFFSET(FIBER_CONTEXT_FLOAT_SAVE_TAG_WORD, FIBER, FiberContext.FloatSave.TagWord),
678 OFFSET(FIBER_GUARANTEED_STACK_BYTES, FIBER, GuaranteedStackBytes),
679 OFFSET(FIBER_FLS_DATA, FIBER, FlsData),
680 OFFSET(FIBER_ACTIVATION_CONTEXT_STACK, FIBER, ActivationContextStackPointer),
681 
682 HEADER("KTSS"),
683 OFFSET(KTSS_IOMAPBASE, KTSS, IoMapBase),
684 OFFSET(KTSS_ESP0, KTSS, Esp0),
685 
686 HEADER("EXCEPTION_RECORD"),
687 OFFSET(EXCEPTION_RECORD_EXCEPTION_CODE, EXCEPTION_RECORD, ExceptionCode),
688 OFFSET(EXCEPTION_RECORD_EXCEPTION_FLAGS, EXCEPTION_RECORD, ExceptionFlags),
689 OFFSET(EXCEPTION_RECORD_EXCEPTION_RECORD, EXCEPTION_RECORD, ExceptionRecord),
690 OFFSET(EXCEPTION_RECORD_EXCEPTION_ADDRESS, EXCEPTION_RECORD, ExceptionAddress),
691 OFFSET(EXCEPTION_RECORD_NUMBER_PARAMETERS, EXCEPTION_RECORD, NumberParameters),
692 OFFSET(EXCEPTION_RECORD_EXCEPTION_ADDRESS, EXCEPTION_RECORD, ExceptionAddress),
693 SIZE(SIZEOF_EXCEPTION_RECORD, EXCEPTION_RECORD),
694 CONSTANT(EXCEPTION_RECORD_LENGTH),
695 
696 HEADER("EXCEPTION_POINTERS"),
697 OFFSET(EXCEPTION_POINTERS_EXCEPTION_RECORD, EXCEPTION_POINTERS, ExceptionRecord),
698 OFFSET(EXCEPTION_POINTERS_CONTEXT_RECORD, EXCEPTION_POINTERS, ContextRecord),
699 SIZE(SIZEOF_EXCEPTION_POINTERS, EXCEPTION_POINTERS),
700 
701 HEADER("KTHREAD"),
702 OFFSET(KTHREAD_DEBUG_ACTIVE, KTHREAD, Header.DebugActive),
703 OFFSET(KTHREAD_INITIAL_STACK, KTHREAD, InitialStack),
704 OFFSET(KTHREAD_STACK_LIMIT, KTHREAD, StackLimit),
705 OFFSET(KTHREAD_TEB, KTHREAD, Teb),
706 OFFSET(KTHREAD_KERNEL_STACK, KTHREAD, KernelStack),
707 OFFSET(KTHREAD_APCSTATE_PROCESS, KTHREAD, ApcState.Process),
708 OFFSET(KTHREAD_PENDING_KERNEL_APC, KTHREAD, ApcState.KernelApcPending),
709 OFFSET(KTHREAD_CONTEXT_SWITCHES, KTHREAD, ContextSwitches),
710 OFFSET(KTHREAD_STATE_, KTHREAD, State),
711 OFFSET(KTHREAD_NPX_STATE, KTHREAD, NpxState),
712 OFFSET(KTHREAD_WAIT_IRQL, KTHREAD, WaitIrql),
713 OFFSET(KTHREAD_WAIT_REASON, KTHREAD, WaitReason),
714 OFFSET(KTHREAD_COMBINED_APC_DISABLE, KTHREAD, CombinedApcDisable),
715 OFFSET(KTHREAD_SPECIAL_APC_DISABLE, KTHREAD, SpecialApcDisable),
716 OFFSET(KTHREAD_LARGE_STACK, KTHREAD, LargeStack),
717 OFFSET(KTHREAD_TRAP_FRAME, KTHREAD, TrapFrame),
718 OFFSET(KTHREAD_CALLBACK_STACK, KTHREAD, CallbackStack),
719 OFFSET(KTHREAD_APC_STATE_INDEX, KTHREAD, ApcStateIndex),
720 OFFSET(KTHREAD_STACK_BASE, KTHREAD, StackBase),
721 
722 HEADER("KPROCESS"),
723 OFFSET(KPROCESS_DIRECTORY_TABLE_BASE, KPROCESS, DirectoryTableBase),
724 OFFSET(KPROCESS_LDT_DESCRIPTOR0, KPROCESS, LdtDescriptor),
725 OFFSET(KPROCESS_LDT_DESCRIPTOR1, KPROCESS, LdtDescriptor.HighWord),
726 OFFSET(KPROCESS_INT21_DESCRIPTOR0, KPROCESS, Int21Descriptor),
727 OFFSET(KPROCESS_INT21_DESCRIPTOR1, KPROCESS, Int21Descriptor.Access),
728 OFFSET(KPROCESS_IOPM_OFFSET, KPROCESS, IopmOffset),
729 
730 HEADER("TEB"),
731 OFFSET(TEB_EXCEPTION_LIST, TEB, NtTib.ExceptionList),
732 OFFSET(TEB_STACK_BASE, TEB, NtTib.StackBase),
733 OFFSET(TEB_STACK_LIMIT, TEB, NtTib.StackLimit),
734 OFFSET(TEB_FIBER_DATA, TEB, NtTib.FiberData),
735 OFFSET(TEB_SELF, TEB, NtTib.Self),
736 OFFSET(TEB_PEB, TEB, ProcessEnvironmentBlock),
737 OFFSET(TEB_EXCEPTION_CODE, TEB, ExceptionCode),
738 OFFSET(TEB_ACTIVATION_CONTEXT_STACK_POINTER, TEB, ActivationContextStackPointer),
739 OFFSET(TEB_DEALLOCATION_STACK, TEB, DeallocationStack),
740 OFFSET(TEB_GDI_BATCH_COUNT, TEB, GdiBatchCount),
741 OFFSET(TEB_GUARANTEED_STACK_BYTES, TEB, GuaranteedStackBytes),
742 OFFSET(TEB_FLS_DATA, TEB, FlsData),
743 
744 HEADER("PEB"),
745 OFFSET(PEB_KERNEL_CALLBACK_TABLE, PEB, KernelCallbackTable),
746 
747 HEADER("Misc"),
748 CONSTANT(NPX_FRAME_LENGTH),
749 CONSTANT(FN_CR0_NPX_STATE),
750 CONSTANT(FP_CONTROL_WORD),
751 CONSTANT(FP_STATUS_WORD),
752 CONSTANT(FP_TAG_WORD),
753 CONSTANT(FP_DATA_SELECTOR),
754 CONSTANT(CBSTACK_RESULT),
755 CONSTANT(CBSTACK_RESULT_LENGTH),
756 CONSTANT(CBSTACK_TRAP_FRAME),
757 CONSTANT(CBSTACK_CALLBACK_STACK),
758 SIZE(SIZEOF_FX_SAVE_AREA, FX_SAVE_AREA),
759 CONSTANT(KUSER_SHARED_SYSCALL),
760 CONSTANT(EXCEPTION_EXECUTE_HANDLER),
761 CONSTANT(STATUS_CALLBACK_POP_STACK),
762 CONSTANT(CONTEXT_ALIGNED_SIZE),
763 CONSTANT(PROCESSOR_FEATURE_FXSR),
764 CONSTANT(KUSER_SHARED_SYSCALL_RET),
765 CONSTANT(USER_SHARED_DATA),
766 CONSTANT(USER_SHARED_DATA_PROCESSOR_FEATURES),
767 
768