1 /* Version definitions */ 2 #undef NTDDI_VERSION 3 #define NTDDI_VERSION NTDDI_WS03SP1 4 #undef _WIN32_WINNT 5 #define _WIN32_WINNT _WIN32_WINNT_WS03 6 7 #include <ntifs.h> 8 #include <ndk/ntndk.h> 9 10 #define C_ASSERT_FIELD(Type, Offset, MemberType, MemberName) \ 11 C_ASSERT(FIELD_OFFSET(Type, MemberName) == Offset); \ 12 C_ASSERT(FIELD_SIZE(Type, MemberName) == sizeof(MemberType)); 13 14 /* KTHREAD */ 15 C_ASSERT_FIELD(KTHREAD, 0x000, DISPATCHER_HEADER, Header) 16 C_ASSERT_FIELD(KTHREAD, 0x018, LIST_ENTRY, MutantListHead) 17 C_ASSERT_FIELD(KTHREAD, 0x028, PVOID, InitialStack) 18 C_ASSERT_FIELD(KTHREAD, 0x030, PVOID, StackLimit) 19 C_ASSERT_FIELD(KTHREAD, 0x038, PVOID, KernelStack) 20 C_ASSERT_FIELD(KTHREAD, 0x040, ULONG64, ThreadLock) 21 C_ASSERT_FIELD(KTHREAD, 0x048, KAPC_STATE, ApcState) 22 C_ASSERT_FIELD(KTHREAD, 0x048, UCHAR[43], ApcStateFill) 23 C_ASSERT_FIELD(KTHREAD, 0x073, UCHAR, ApcQueueable) 24 C_ASSERT_FIELD(KTHREAD, 0x074, UCHAR, NextProcessor) 25 C_ASSERT_FIELD(KTHREAD, 0x075, UCHAR, DeferredProcessor) 26 C_ASSERT_FIELD(KTHREAD, 0x076, UCHAR, AdjustReason) 27 C_ASSERT_FIELD(KTHREAD, 0x077, CHAR, AdjustIncrement) 28 C_ASSERT_FIELD(KTHREAD, 0x078, ULONG64, ApcQueueLock) 29 C_ASSERT_FIELD(KTHREAD, 0x080, LONG64, WaitStatus) 30 C_ASSERT_FIELD(KTHREAD, 0x088, PKWAIT_BLOCK, WaitBlockList) 31 C_ASSERT_FIELD(KTHREAD, 0x088, PKGATE, GateObject) 32 C_ASSERT_FIELD(KTHREAD, 0x090, UCHAR, Alertable) 33 C_ASSERT_FIELD(KTHREAD, 0x091, UCHAR, WaitNext) 34 C_ASSERT_FIELD(KTHREAD, 0x092, UCHAR, WaitReason) 35 C_ASSERT_FIELD(KTHREAD, 0x093, CHAR, Priority) 36 C_ASSERT_FIELD(KTHREAD, 0x094, UCHAR, EnableStackSwap) 37 C_ASSERT_FIELD(KTHREAD, 0x095, UCHAR, SwapBusy) 38 C_ASSERT_FIELD(KTHREAD, 0x096, UCHAR[2], Alerted) 39 C_ASSERT_FIELD(KTHREAD, 0x098, LIST_ENTRY, WaitListEntry) 40 C_ASSERT_FIELD(KTHREAD, 0x098, SINGLE_LIST_ENTRY, SwapListEntry) 41 C_ASSERT_FIELD(KTHREAD, 0x0A8, PKQUEUE, Queue) 42 C_ASSERT_FIELD(KTHREAD, 0x0B0, PVOID, Teb) 43 C_ASSERT_FIELD(KTHREAD, 0x0B8, KTIMER, Timer) 44 C_ASSERT_FIELD(KTHREAD, 0x0B8, UCHAR[60], TimerFill) 45 C_ASSERT_FIELD(KTHREAD, 0x0F4, LONG, ThreadFlags) 46 C_ASSERT_FIELD(KTHREAD, 0x0F8, KWAIT_BLOCK[4], WaitBlock) 47 C_ASSERT_FIELD(KTHREAD, 0x0F8, UCHAR[43], WaitBlockFill0) 48 C_ASSERT_FIELD(KTHREAD, 0x123, UCHAR, SystemAffinityActive) 49 C_ASSERT_FIELD(KTHREAD, 0x0F8, UCHAR[91], WaitBlockFill1) 50 C_ASSERT_FIELD(KTHREAD, 0x153, CHAR, PreviousMode) 51 C_ASSERT_FIELD(KTHREAD, 0x0F8, UCHAR[139], WaitBlockFill2) 52 C_ASSERT_FIELD(KTHREAD, 0x183, UCHAR, ResourceIndex) 53 C_ASSERT_FIELD(KTHREAD, 0x0F8, UCHAR[187], WaitBlockFill3) 54 C_ASSERT_FIELD(KTHREAD, 0x1B3, UCHAR, LargeStack) 55 C_ASSERT_FIELD(KTHREAD, 0x0F8, UCHAR[44], WaitBlockFill4) 56 C_ASSERT_FIELD(KTHREAD, 0x124, ULONG, ContextSwitches) 57 C_ASSERT_FIELD(KTHREAD, 0x0F8, UCHAR[92], WaitBlockFill5) 58 C_ASSERT_FIELD(KTHREAD, 0x154, UCHAR, State) 59 C_ASSERT_FIELD(KTHREAD, 0x155, UCHAR, NpxState) 60 C_ASSERT_FIELD(KTHREAD, 0x156, UCHAR, WaitIrql) 61 C_ASSERT_FIELD(KTHREAD, 0x157, CHAR, WaitMode) 62 C_ASSERT_FIELD(KTHREAD, 0x0F8, UCHAR[140], WaitBlockFill6) 63 C_ASSERT_FIELD(KTHREAD, 0x184, ULONG, WaitTime) 64 C_ASSERT_FIELD(KTHREAD, 0x0F8, UCHAR[188], WaitBlockFill7) 65 C_ASSERT_FIELD(KTHREAD, 0x1B4, SHORT, KernelApcDisable) 66 C_ASSERT_FIELD(KTHREAD, 0x1B6, SHORT, SpecialApcDisable) 67 C_ASSERT_FIELD(KTHREAD, 0x1B4, ULONG, CombinedApcDisable) 68 C_ASSERT_FIELD(KTHREAD, 0x1B8, LIST_ENTRY, QueueListEntry) 69 C_ASSERT_FIELD(KTHREAD, 0x1C8, PKTRAP_FRAME, TrapFrame) 70 C_ASSERT_FIELD(KTHREAD, 0x1D0, PVOID, CallbackStack) 71 C_ASSERT_FIELD(KTHREAD, 0x1D8, PVOID, ServiceTable) 72 C_ASSERT_FIELD(KTHREAD, 0x1E0, ULONG, KernelLimit) 73 C_ASSERT_FIELD(KTHREAD, 0x1E4, UCHAR, ApcStateIndex) 74 C_ASSERT_FIELD(KTHREAD, 0x1E5, UCHAR, IdealProcessor) 75 C_ASSERT_FIELD(KTHREAD, 0x1E6, UCHAR, Preempted) 76 C_ASSERT_FIELD(KTHREAD, 0x1E7, UCHAR, ProcessReadyQueue) 77 C_ASSERT_FIELD(KTHREAD, 0x1E8, PVOID, Win32kTable) 78 C_ASSERT_FIELD(KTHREAD, 0x1F0, ULONG, Win32kLimit) 79 C_ASSERT_FIELD(KTHREAD, 0x1F4, UCHAR, KernelStackResident) 80 C_ASSERT_FIELD(KTHREAD, 0x1F5, CHAR, BasePriority) 81 C_ASSERT_FIELD(KTHREAD, 0x1F6, CHAR, PriorityDecrement) 82 C_ASSERT_FIELD(KTHREAD, 0x1F7, CHAR, Saturation) 83 C_ASSERT_FIELD(KTHREAD, 0x1F8, ULONG64, UserAffinity) 84 C_ASSERT_FIELD(KTHREAD, 0x200, PKPROCESS, Process) 85 C_ASSERT_FIELD(KTHREAD, 0x208, ULONG64, Affinity) 86 C_ASSERT_FIELD(KTHREAD, 0x210, PKAPC_STATE[2], ApcStatePointer) 87 C_ASSERT_FIELD(KTHREAD, 0x220, KAPC_STATE, SavedApcState) 88 C_ASSERT_FIELD(KTHREAD, 0x220, UCHAR[43], SavedApcStateFill) 89 C_ASSERT_FIELD(KTHREAD, 0x24B, CHAR, FreezeCount) 90 C_ASSERT_FIELD(KTHREAD, 0x24C, CHAR, SuspendCount) 91 C_ASSERT_FIELD(KTHREAD, 0x24D, UCHAR, UserIdealProcessor) 92 C_ASSERT_FIELD(KTHREAD, 0x24E, UCHAR, CalloutActive) 93 C_ASSERT_FIELD(KTHREAD, 0x24F, UCHAR, CodePatchInProgress) 94 C_ASSERT_FIELD(KTHREAD, 0x250, PVOID, Win32Thread) 95 C_ASSERT_FIELD(KTHREAD, 0x258, PVOID, StackBase) 96 C_ASSERT_FIELD(KTHREAD, 0x260, KAPC, SuspendApc) 97 C_ASSERT_FIELD(KTHREAD, 0x260, UCHAR, SuspendApcFill0) 98 C_ASSERT_FIELD(KTHREAD, 0x261, CHAR, Quantum) 99 C_ASSERT_FIELD(KTHREAD, 0x260, UCHAR[3], SuspendApcFill1) 100 C_ASSERT_FIELD(KTHREAD, 0x263, UCHAR, QuantumReset) 101 C_ASSERT_FIELD(KTHREAD, 0x260, UCHAR[4], SuspendApcFill2) 102 C_ASSERT_FIELD(KTHREAD, 0x264, ULONG, KernelTime) 103 C_ASSERT_FIELD(KTHREAD, 0x260, UCHAR[64], SuspendApcFill3) 104 C_ASSERT_FIELD(KTHREAD, 0x2A0, PVOID, TlsArray) 105 C_ASSERT_FIELD(KTHREAD, 0x260, UCHAR[72], SuspendApcFill4) 106 C_ASSERT_FIELD(KTHREAD, 0x2A8, PVOID, LegoData) 107 C_ASSERT_FIELD(KTHREAD, 0x260, UCHAR[83], SuspendApcFill5) 108 C_ASSERT_FIELD(KTHREAD, 0x2B3, UCHAR, PowerState) 109 C_ASSERT_FIELD(KTHREAD, 0x2B4, ULONG, UserTime) 110 C_ASSERT_FIELD(KTHREAD, 0x2B8, KSEMAPHORE, SuspendSemaphore) 111 C_ASSERT_FIELD(KTHREAD, 0x2B8, UCHAR[28], SuspendSemaphorefill) 112 C_ASSERT_FIELD(KTHREAD, 0x2D4, ULONG, SListFaultCount) 113 C_ASSERT_FIELD(KTHREAD, 0x2D8, LIST_ENTRY, ThreadListEntry) 114 C_ASSERT_FIELD(KTHREAD, 0x2E8, PVOID, SListFaultAddress) 115 C_ASSERT_FIELD(KTHREAD, 0x2F0, LONG64, ReadOperationCount) 116 C_ASSERT_FIELD(KTHREAD, 0x2F8, LONG64, WriteOperationCount) 117 C_ASSERT_FIELD(KTHREAD, 0x300, LONG64, OtherOperationCount) 118 C_ASSERT_FIELD(KTHREAD, 0x308, LONG64, ReadTransferCount) 119 C_ASSERT_FIELD(KTHREAD, 0x310, LONG64, WriteTransferCount) 120 C_ASSERT_FIELD(KTHREAD, 0x318, LONG64, OtherTransferCount) 121 122 /* TEB */ 123 C_ASSERT_FIELD(TEB, 0x000, NT_TIB, NtTib) 124 C_ASSERT_FIELD(TEB, 0x038, PVOID, EnvironmentPointer) 125 C_ASSERT_FIELD(TEB, 0x040, CLIENT_ID, ClientId) 126 C_ASSERT_FIELD(TEB, 0x050, PVOID, ActiveRpcHandle) 127 C_ASSERT_FIELD(TEB, 0x058, PVOID, ThreadLocalStoragePointer) 128 C_ASSERT_FIELD(TEB, 0x060, PPEB, ProcessEnvironmentBlock) 129 C_ASSERT_FIELD(TEB, 0x068, ULONG, LastErrorValue) 130 C_ASSERT_FIELD(TEB, 0x06C, ULONG, CountOfOwnedCriticalSections) 131 C_ASSERT_FIELD(TEB, 0x070, PVOID, CsrClientThread) 132 C_ASSERT_FIELD(TEB, 0x078, PVOID, Win32ThreadInfo) 133 C_ASSERT_FIELD(TEB, 0x080, ULONG[26], User32Reserved) 134 C_ASSERT_FIELD(TEB, 0x0E8, ULONG[5], UserReserved) 135 C_ASSERT_FIELD(TEB, 0x100, PVOID, WOW32Reserved) 136 C_ASSERT_FIELD(TEB, 0x108, ULONG, CurrentLocale) 137 C_ASSERT_FIELD(TEB, 0x10C, ULONG, FpSoftwareStatusRegister) 138 C_ASSERT_FIELD(TEB, 0x110, PVOID[54], SystemReserved1) 139 C_ASSERT_FIELD(TEB, 0x2C0, LONG, ExceptionCode) 140 C_ASSERT_FIELD(TEB, 0x2C8, PACTIVATION_CONTEXT_STACK, ActivationContextStackPointer) 141 C_ASSERT_FIELD(TEB, 0x2D0, UCHAR[28], SpareBytes1) 142 C_ASSERT_FIELD(TEB, 0x2F0, GDI_TEB_BATCH, GdiTebBatch) 143 C_ASSERT_FIELD(TEB, 0x7D8, CLIENT_ID, RealClientId) 144 C_ASSERT_FIELD(TEB, 0x7E8, PVOID, GdiCachedProcessHandle) 145 C_ASSERT_FIELD(TEB, 0x7F0, ULONG, GdiClientPID) 146 C_ASSERT_FIELD(TEB, 0x7F4, ULONG, GdiClientTID) 147 C_ASSERT_FIELD(TEB, 0x7F8, PVOID, GdiThreadLocalInfo) 148 C_ASSERT_FIELD(TEB, 0x800, ULONG64[62], Win32ClientInfo) 149 C_ASSERT_FIELD(TEB, 0x9F0, PVOID[233], glDispatchTable) 150 C_ASSERT_FIELD(TEB, 0x1138, ULONG64[29], glReserved1) 151 C_ASSERT_FIELD(TEB, 0x1220, PVOID, glReserved2) 152 C_ASSERT_FIELD(TEB, 0x1228, PVOID, glSectionInfo) 153 C_ASSERT_FIELD(TEB, 0x1230, PVOID, glSection) 154 C_ASSERT_FIELD(TEB, 0x1238, PVOID, glTable) 155 C_ASSERT_FIELD(TEB, 0x1240, PVOID, glCurrentRC) 156 C_ASSERT_FIELD(TEB, 0x1248, PVOID, glContext) 157 C_ASSERT_FIELD(TEB, 0x1250, ULONG, LastStatusValue) 158 C_ASSERT_FIELD(TEB, 0x1258, UNICODE_STRING, StaticUnicodeString) 159 C_ASSERT_FIELD(TEB, 0x1268, WCHAR[261], StaticUnicodeBuffer) 160 C_ASSERT_FIELD(TEB, 0x1478, PVOID, DeallocationStack) 161 C_ASSERT_FIELD(TEB, 0x1480, PVOID[64], TlsSlots) 162 C_ASSERT_FIELD(TEB, 0x1680, LIST_ENTRY, TlsLinks) 163 C_ASSERT_FIELD(TEB, 0x1690, PVOID, Vdm) 164 C_ASSERT_FIELD(TEB, 0x1698, PVOID, ReservedForNtRpc) 165 C_ASSERT_FIELD(TEB, 0x16A0, PVOID[2], DbgSsReserved) 166 C_ASSERT_FIELD(TEB, 0x16B0, ULONG, HardErrorMode) 167 C_ASSERT_FIELD(TEB, 0x16B8, PVOID[14], Instrumentation) 168 C_ASSERT_FIELD(TEB, 0x1728, PVOID, SubProcessTag) 169 C_ASSERT_FIELD(TEB, 0x1730, PVOID, EtwTraceData) 170 C_ASSERT_FIELD(TEB, 0x1738, PVOID, WinSockData) 171 C_ASSERT_FIELD(TEB, 0x1740, ULONG, GdiBatchCount) 172 C_ASSERT_FIELD(TEB, 0x1744, UCHAR, InDbgPrint) 173 C_ASSERT_FIELD(TEB, 0x1745, UCHAR, FreeStackOnTermination) 174 C_ASSERT_FIELD(TEB, 0x1746, UCHAR, HasFiberData) 175 C_ASSERT_FIELD(TEB, 0x1747, UCHAR, IdealProcessor) 176 C_ASSERT_FIELD(TEB, 0x1748, ULONG, GuaranteedStackBytes) 177 C_ASSERT_FIELD(TEB, 0x1750, PVOID, ReservedForPerf) 178 C_ASSERT_FIELD(TEB, 0x1758, PVOID, ReservedForOle) 179 C_ASSERT_FIELD(TEB, 0x1760, ULONG, WaitingOnLoaderLock) 180 C_ASSERT_FIELD(TEB, 0x1768, ULONG64, SparePointer1) 181 C_ASSERT_FIELD(TEB, 0x1770, ULONG64, SoftPatchPtr1) 182 C_ASSERT_FIELD(TEB, 0x1778, ULONG64, SoftPatchPtr2) 183 C_ASSERT_FIELD(TEB, 0x1780, PVOID*, TlsExpansionSlots) 184 C_ASSERT_FIELD(TEB, 0x1788, PVOID, DeallocationBStore) 185 C_ASSERT_FIELD(TEB, 0x1790, PVOID, BStoreLimit) 186 C_ASSERT_FIELD(TEB, 0x1798, ULONG, ImpersonationLocale) 187 C_ASSERT_FIELD(TEB, 0x179C, ULONG, IsImpersonating) 188 C_ASSERT_FIELD(TEB, 0x17A0, PVOID, NlsCache) 189 C_ASSERT_FIELD(TEB, 0x17A8, PVOID, pShimData) 190 C_ASSERT_FIELD(TEB, 0x17B0, ULONG, HeapVirtualAffinity) 191 C_ASSERT_FIELD(TEB, 0x17B8, PVOID, CurrentTransactionHandle) 192 C_ASSERT_FIELD(TEB, 0x17C0, PTEB_ACTIVE_FRAME, ActiveFrame) 193 C_ASSERT_FIELD(TEB, 0x17C8, PVOID, FlsData) 194 C_ASSERT_FIELD(TEB, 0x17D0, UCHAR, SafeThunkCall) 195 C_ASSERT_FIELD(TEB, 0x17D1, UCHAR[3], BooleanSpare) 196