📄 ntdll.h
字号:
struct _FAST_MUTEX {
int Count;
_KTHREAD* Owner;
DWORD Contention;
_KEVENT Event;
DWORD OldIrql;
};
struct _IMAGE_FILE_HEADER {
DWORD Machine;
DWORD NumberOfSections;
DWORD TimeDateStamp;
DWORD PointerToSymbolTable;
DWORD NumberOfSymbols;
DWORD SizeOfOptionalHeader;
DWORD Characteristics;
};
struct _KSPIN_LOCK_QUEUE {
_KSPIN_LOCK_QUEUE* Next;
DWORD* Lock;
};
struct _PP_LOOKASIDE_LIST {
_GENERAL_LOOKASIDE* P;
_GENERAL_LOOKASIDE* L;
};
struct _PEB_LDR_DATA {
DWORD Length;
DWORD Initialized;
void* SsHandle;
_LIST_ENTRY InLoadOrderModuleList;
_LIST_ENTRY InMemoryOrderModuleList;
_LIST_ENTRY InInitializationOrderModuleList;
void* EntryInProgress;
};
struct _RTL_USER_PROCESS_PARAMETERS {
DWORD MaximumLength;
DWORD Length;
DWORD Flags;
DWORD DebugFlags;
void* ConsoleHandle;
DWORD ConsoleFlags;
void* StandardInput;
void* StandardOutput;
void* StandardError;
_CURDIR CurrentDirectory;
_UNICODE_STRING DllPath;
_UNICODE_STRING ImagePathName;
_UNICODE_STRING CommandLine;
void* Environment;
DWORD StartingX;
DWORD StartingY;
DWORD CountX;
DWORD CountY;
DWORD CountCharsX;
DWORD CountCharsY;
DWORD FillAttribute;
DWORD WindowFlags;
DWORD ShowWindowFlags;
_UNICODE_STRING WindowTitle;
_UNICODE_STRING DesktopInfo;
_UNICODE_STRING ShellInfo;
_UNICODE_STRING RuntimeData;
_RTL_DRIVE_LETTER_CURDIR CurrentDirectores[32];
};
struct _RTL_CRITICAL_SECTION {
_RTL_CRITICAL_SECTION_DEBUG* DebugInfo;
int LockCount;
int RecursionCount;
void* OwningThread;
void* LockSemaphore;
DWORD SpinCount;
};
struct _PEB_FREE_BLOCK {
_PEB_FREE_BLOCK* Next;
DWORD Size;
};
struct _PEB {
DWORD InheritedAddressSpace;
DWORD ReadImageFileExecOptions;
DWORD BeingDebugged;
DWORD SpareBool;
void* Mutant;
void* ImageBaseAddress;
_PEB_LDR_DATA* Ldr;
_RTL_USER_PROCESS_PARAMETERS* ProcessParameters;
void* SubSystemData;
void* ProcessHeap;
_RTL_CRITICAL_SECTION* FastPebLock;
void* FastPebLockRoutine;
void* FastPebUnlockRoutine;
DWORD EnvironmentUpdateCount;
void* KernelCallbackTable;
DWORD SystemReserved[1];
DWORD ExecuteOptions:2; // bit offset: 34, len=2
DWORD SpareBits:30; // bit offset: 34, len=30
_PEB_FREE_BLOCK* FreeList;
DWORD TlsExpansionCounter;
void* TlsBitmap;
DWORD TlsBitmapBits[2];
void* ReadOnlySharedMemoryBase;
void* ReadOnlySharedMemoryHeap;
void** ReadOnlyStaticServerData;
void* AnsiCodePageData;
void* OemCodePageData;
void* UnicodeCaseTableData;
DWORD NumberOfProcessors;
DWORD NtGlobalFlag;
_LARGE_INTEGER CriticalSectionTimeout;
DWORD HeapSegmentReserve;
DWORD HeapSegmentCommit;
DWORD HeapDeCommitTotalFreeThreshold;
DWORD HeapDeCommitFreeBlockThreshold;
DWORD NumberOfHeaps;
DWORD MaximumNumberOfHeaps;
void** ProcessHeaps;
void* GdiSharedHandleTable;
void* ProcessStarterHelper;
DWORD GdiDCAttributeList;
void* LoaderLock;
DWORD OSMajorVersion;
DWORD OSMinorVersion;
DWORD OSBuildNumber;
DWORD OSCSDVersion;
DWORD OSPlatformId;
DWORD ImageSubsystem;
DWORD ImageSubsystemMajorVersion;
DWORD ImageSubsystemMinorVersion;
DWORD ImageProcessAffinityMask;
DWORD GdiHandleBuffer[34];
void (*PostProcessInitRoutine)();
void* TlsExpansionBitmap;
DWORD TlsExpansionBitmapBits[32];
DWORD SessionId;
_ULARGE_INTEGER AppCompatFlags;
_ULARGE_INTEGER AppCompatFlagsUser;
void* pShimData;
void* AppCompatInfo;
_UNICODE_STRING CSDVersion;
void* ActivationContextData;
void* ProcessAssemblyStorageMap;
void* SystemDefaultActivationContextData;
void* SystemAssemblyStorageMap;
DWORD MinimumStackCommit;
};
enum _SECURITY_IMPERSONATION_LEVEL {
SecurityAnonymous,
SecurityIdentification,
SecurityImpersonation,
SecurityDelegation,
};
struct _PS_IMPERSONATION_INFORMATION {
void* Token;
DWORD CopyOnOpen;
DWORD EffectiveOnly;
enum _SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
};
struct _EPROCESS_QUOTA_ENTRY {
DWORD Usage;
DWORD Limit;
DWORD Peak;
DWORD Return;
};
struct _FNSAVE_FORMAT {
DWORD ControlWord;
DWORD StatusWord;
DWORD TagWord;
DWORD ErrorOffset;
DWORD ErrorSelector;
DWORD DataOffset;
DWORD DataSelector;
DWORD RegisterArea[80];
};
struct _FXSAVE_FORMAT {
DWORD ControlWord;
DWORD StatusWord;
DWORD TagWord;
DWORD ErrorOpcode;
DWORD ErrorOffset;
DWORD ErrorSelector;
DWORD DataOffset;
DWORD DataSelector;
DWORD MXCsr;
DWORD MXCsrMask;
DWORD RegisterArea[128];
DWORD Reserved3[128];
DWORD Reserved4[224];
DWORD Align16Byte[8];
};
struct __unnamed {
_FNSAVE_FORMAT FnArea;
_FXSAVE_FORMAT FxArea;
};
struct _FX_SAVE_AREA {
__unnamed U;
DWORD NpxSavedCpu;
DWORD Cr0NpxState;
};
struct PROCESSOR_IDLE_TIMES {
DWORD StartTime;
DWORD EndTime;
DWORD IdleHandlerReserved[4];
};
struct _KTIMER {
_DISPATCHER_HEADER Header;
_ULARGE_INTEGER DueTime;
_LIST_ENTRY TimerListEntry;
_KDPC* Dpc;
int Period;
};
struct _KDPC {
int Type;
DWORD Number;
DWORD Importance;
_LIST_ENTRY DpcListEntry;
void (*DeferredRoutine)(_KDPC*, void*, void*, void*);
void* DeferredContext;
void* SystemArgument1;
void* SystemArgument2;
DWORD* Lock;
};
struct PROCESSOR_PERF_STATE {
DWORD PercentFrequency;
DWORD MinCapacity;
DWORD Power;
DWORD IncreaseLevel;
DWORD DecreaseLevel;
DWORD Flags;
DWORD IncreaseTime;
DWORD DecreaseTime;
DWORD IncreaseCount;
DWORD DecreaseCount;
DWORD PerformanceTime;
};
struct _PROCESSOR_POWER_STATE {
void (*IdleFunction)(_PROCESSOR_POWER_STATE*);
DWORD Idle0KernelTimeLimit;
DWORD Idle0LastTime;
void* IdleHandlers;
void* IdleState;
DWORD IdleHandlersCount;
DWORD LastCheck;
PROCESSOR_IDLE_TIMES IdleTimes;
DWORD IdleTime1;
DWORD PromotionCheck;
DWORD IdleTime2;
DWORD CurrentThrottle;
DWORD ThermalThrottleLimit;
DWORD CurrentThrottleIndex;
DWORD ThermalThrottleIndex;
DWORD PerfSystemTime;
DWORD PerfIdleTime;
DWORD DebugDelta;
DWORD DebugCount;
DWORD LastSysTime;
DWORD TotalIdleStateTime[3];
DWORD TotalIdleTransitions[3];
DWORD PreviousC3StateTime;
DWORD KneeThrottleIndex;
DWORD ThrottleLimitIndex;
DWORD PerfStatesCount;
DWORD ProcessorMinThrottle;
DWORD ProcessorMaxThrottle;
DWORD LastBusyPercentage;
DWORD LastC3Percentage;
DWORD LastAdjustedBusyPercentage;
DWORD PromotionCount;
DWORD DemotionCount;
DWORD ErrorCount;
DWORD RetryCount;
DWORD Flags;
_LARGE_INTEGER PerfCounterFrequency;
DWORD PerfTickCount;
_KTIMER PerfTimer;
_KDPC PerfDpc;
PROCESSOR_PERF_STATE* PerfStates;
int (*PerfSetThrottle)(DWORD);
DWORD Spare1[2];
};
struct _IO_COUNTERS {
DWORD ReadOperationCount;
DWORD WriteOperationCount;
DWORD OtherOperationCount;
DWORD ReadTransferCount;
DWORD WriteTransferCount;
DWORD OtherTransferCount;
};
struct _DISPATCHER_HEADER {
DWORD Type;
DWORD Absolute;
DWORD Size;
DWORD Inserted;
int SignalState;
_LIST_ENTRY WaitListHead;
};
struct _KAPC_STATE {
_LIST_ENTRY ApcListHead[2];
_KPROCESS* Process;
DWORD KernelApcInProgress;
DWORD KernelApcPending;
DWORD UserApcPending;
};
struct _KWAIT_BLOCK {
_LIST_ENTRY WaitListEntry;
_KTHREAD* Thread;
void* Object;
_KWAIT_BLOCK* NextWaitBlock;
DWORD WaitKey;
DWORD WaitType;
};
struct _KQUEUE {
_DISPATCHER_HEADER Header;
_LIST_ENTRY EntryListHead;
DWORD CurrentCount;
DWORD MaximumCount;
_LIST_ENTRY ThreadListHead;
};
struct _KTRAP_FRAME {
DWORD DbgEbp;
DWORD DbgEip;
DWORD DbgArgMark;
DWORD DbgArgPointer;
DWORD TempSegCs;
DWORD TempEsp;
DWORD Dr0;
DWORD Dr1;
DWORD Dr2;
DWORD Dr3;
DWORD Dr6;
DWORD Dr7;
DWORD SegGs;
DWORD SegEs;
DWORD SegDs;
DWORD Edx;
DWORD Ecx;
DWORD Eax;
DWORD PreviousPreviousMode;
_EXCEPTION_REGISTRATION_RECORD* ExceptionList;
DWORD SegFs;
DWORD Edi;
DWORD Esi;
DWORD Ebx;
DWORD Ebp;
DWORD ErrCode;
DWORD Eip;
DWORD SegCs;
DWORD EFlags;
DWORD HardwareEsp;
DWORD HardwareSegSs;
DWORD V86Es;
DWORD V86Ds;
DWORD V86Fs;
DWORD V86Gs;
};
struct _KTHREAD {
_DISPATCHER_HEADER Header;
_LIST_ENTRY MutantListHead;
void* InitialStack;
void* StackLimit;
void* Teb;
void* TlsArray;
void* KernelStack;
DWORD DebugActive;
DWORD State;
DWORD Alerted[2];
DWORD Iopl;
DWORD NpxState;
char Saturation;
char Priority;
_KAPC_STATE ApcState;
DWORD ContextSwitches;
DWORD IdleSwapBlock;
DWORD Spare0[3];
int WaitStatus;
DWORD WaitIrql;
char WaitMode;
DWORD WaitNext;
DWORD WaitReason;
_KWAIT_BLOCK* WaitBlockList;
_LIST_ENTRY WaitListEntry;
_SINGLE_LIST_ENTRY SwapListEntry;
DWORD WaitTime;
char BasePriority;
DWORD DecrementCount;
char PriorityDecrement;
char Quantum;
_KWAIT_BLOCK WaitBlock[4];
void* LegoData;
DWORD KernelApcDisable;
DWORD UserAffinity;
DWORD SystemAffinityActive;
DWORD PowerState;
DWORD NpxIrql;
DWORD InitialNode;
void* ServiceTable;
_KQUEUE* Queue;
DWORD ApcQueueLock;
_KTIMER Timer;
_LIST_ENTRY QueueListEntry;
DWORD SoftAffinity;
DWORD Affinity;
DWORD Preempted;
DWORD ProcessReadyQueue;
DWORD KernelStackResident;
DWORD NextProcessor;
void* CallbackStack;
void* Win32Thread;
_KTRAP_FRAME* TrapFrame;
_KAPC_STATE* ApcStatePointer[2];
char PreviousMode;
DWORD EnableStackSwap;
DWORD LargeStack;
DWORD ResourceIndex;
DWORD KernelTime;
DWORD UserTime;
_KAPC_STATE SavedApcState;
DWORD Alertable;
DWORD ApcStateIndex;
DWORD ApcQueueable;
DWORD AutoAlignment;
void* StackBase;
_KAPC SuspendApc;
_KSEMAPHORE SuspendSemaphore;
_LIST_ENTRY ThreadListEntry;
char FreezeCount;
char SuspendCount;
DWORD IdealProcessor;
DWORD DisableBoost;
};
struct _MMSUPPORT_FLAGS {
DWORD SessionSpace:1; // bit offset: 00, len=1
DWORD BeingTrimmed:1; // bit offset: 01, len=1
DWORD SessionLeader:1; // bit offset: 02, len=1
DWORD TrimHard:1; // bit offset: 03, len=1
DWORD WorkingSetHard:1; // bit offset: 04, len=1
DWORD AddressSpaceBeingDeleted:1; // bit offset: 05, len=1
DWORD Available:10; // bit offset: 06, len=10
DWORD AllowWorkingSetAdjustment:8; // bit offset: 10, len=8
DWORD MemoryPriority:8; // bit offset: 18, len=8
};
struct _TERMINATION_PORT {
_TERMINATION_PORT* Next;
void* Port;
};
struct _HEAP {
_HEAP_ENTRY Entry;
DWORD Signature;
DWORD Flags;
DWORD ForceFlags;
DWORD VirtualMemoryThreshold;
DWORD SegmentReserve;
DWORD SegmentCommit;
DWORD DeCommitFreeBlockThreshold;
DWORD DeCommitTotalFreeThreshold;
DWORD TotalFreeSize;
DWORD MaximumAllocationSize;
DWORD ProcessHeapsListIndex;
DWORD HeaderValidateLength;
void* HeaderValidateCopy;
DWORD NextAvailableTagIndex;
DWORD MaximumTagIndex;
_HEAP_TAG_ENTRY* TagEntries;
_HEAP_UCR_SEGMENT* UCRSegments;
_HEAP_UNCOMMMTTED_RANGE* UnusedUnCommittedRanges;
DWORD AlignRound;
DWORD AlignMask;
_LIST_ENTRY VirtualAllocdBlocks;
_HEAP_SEGMENT* Segments[64];
__unnamed u;
__unnamed u2;
DWORD AllocatorBackTraceIndex;
DWORD NonDedicatedListLength;
void* LargeBlocksIndex;
_HEAP_PSEUDO_TAG_ENTRY* PseudoTagEntries;
_LIST_ENTRY FreeLists[128];
_HEAP_LOCK* LockVariable;
int (*CommitRoutine)(void*, void**, DWORD*);
void* FrontEndHeap;
DWORD FrontHeapLockCount;
DWORD FrontEndHeapType;
DWORD LastSegmentIndex;
};
struct _HEAP_ENTRY {
DWORD Size;
DWORD PreviousSize;
void* SubSegment;
DWORD SegmentIndex;
DWORD Flags;
DWORD UnusedBytes;
DWORD SmallTagIndex;
};
struct _HEAP_TAG_ENTRY {
DWORD Allocs;
DWORD Frees;
DWORD Size;
DWORD TagIndex;
DWORD CreatorBackTraceIndex;
DWORD TagName[24];
};
struct _HEAP_UCR_SEGMENT {
_HEAP_UCR_SEGMENT* Next;
DWORD ReservedSize;
DWORD CommittedSize;
DWORD filler;
};
struct _HEAP_UNCOMMMTTED_RANGE {
_HEAP_UNCOMMMTTED_RANGE* Next;
DWORD Address;
DWORD Size;
DWORD filler;
};
struct _HEAP_SEGMENT {
_HEAP_ENTRY Entry;
DWORD Signature;
DWORD Flags;
_HEAP* Heap;
DWORD LargestUnCommittedRange;
void* BaseAddress;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -