Git conversion: Make reactos the root directory, move rosapps, rostests, wallpapers into modules, and delete rossubsys.

2025-08-05 02:05:50 +00:00 · 2017-10-03 07:45:34 +00:00 · 2017-10-03 07:45:34 +00:00 · c2c66aff7d
commit c2c66aff7d
parent b94e2d8ca0
24198 changed files with 0 additions and 37285 deletions
--- a/sdk/include/asm/CMakeLists.txt
+++ b/sdk/include/asm/CMakeLists.txt
@ -0,0 +1,29 @@
+
+add_library(genincdata SHARED genincdata.c)
+
+set_entrypoint(genincdata 0)
+add_dependencies(genincdata bugcodes psdk xdk)
+
+if(MSVC)
+    set(OPT_MS "-ms")
+else()
+    set(OPT_MS "")
+endif()
+
+if(ARCH STREQUAL "i386")
+    set(_filename ks386.inc)
+elseif(ARCH STREQUAL "amd64")
+    set(_filename ksamd64.inc)
+elseif(ARCH STREQUAL "arm")
+    set(_filename ksarm.h)
+endif()
+
+get_target_property(genincdata_dll genincdata LOCATION)
+
+add_custom_command(
+    OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/${_filename}
+    COMMAND native-geninc ${genincdata_dll} ${CMAKE_CURRENT_BINARY_DIR}/${_filename} ${OPT_MS}
+    DEPENDS genincdata native-geninc)
+
+add_custom_target(asm
+    DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/${_filename})
--- a/sdk/include/asm/asm.inc
+++ b/sdk/include/asm/asm.inc
@ -0,0 +1,411 @@
+/*
+ * COPYRIGHT:       See COPYING in the top level directory
+ * PROJECT:         ReactOS Kernel
+ * FILE:            include/asm/asm.inc
+ * PURPOSE:         ASM macros for GAS and MASM/ML64
+ * PROGRAMMERS:     Timo Kreuzer (timo.kreuzer@reactos.org)
+ */
+
+#ifndef __ASM_INC__
+#define __ASM_INC__
+
+/* Common definitions for FPO macro
+   see http://msdn.microsoft.com/en-us/library/ms679352%28VS.85%29.aspx */
+#define FRAME_FPO    0
+#define FRAME_TRAP   1
+#define FRAME_TSS    2
+#define FRAME_NONFPO 3
+
+#ifdef _USE_ML
+
+/* Allow ".name" identifiers */
+OPTION DOTNAME
+
+#ifdef _M_IX86
+.686P
+.XMM
+.MODEL FLAT
+ASSUME CS:NOTHING, DS:NOTHING, ES:NOTHING, FS:NOTHING, GS:NOTHING
+#endif
+
+/* Explicit radix in MASM syntax  */
+#define BIN(x) x##y
+#define OCT(x) x##q
+#define DEC(x) x##t
+#define HEX(x) 0##x##h
+
+/* Macro values need not be marked */
+#define VAL(x) x
+
+/* MASM/ML doesn't want explicit [rip] addressing */
+rip = 0
+
+/* Due to MASM's reverse syntax, we are forced to use a precompiler macro */
+#define MACRO(name, ...) name MACRO __VA_ARGS__
+
+/* To avoid reverse syntax we provide a new macro .PROC, replacing PROC... */
+.PROC MACRO name
+__current_function_name EQU %name
+#ifdef _M_IX86
+    %name PROC
+#else
+    %name PROC FRAME
+#endif
+ENDM
+#define FUNC .PROC
+
+/* ... and .ENDP, replacing ENDP */
+.ENDP MACRO
+    %__current_function_name ENDP
+ENDM
+#define ENDFUNC .ENDP
+
+/* Global labels need an extra colon */
+GLOBAL_LABEL MACRO label
+    %label::
+ENDM
+
+/* check http://msdn.microsoft.com/en-us/library/9c9k076y%28VS.80%29.aspx
+   and http://msdn.microsoft.com/en-us/library/ms679352%28VS.85%29.aspx */
+FPO MACRO cdwLocals, cdwParams, cbProlog, cbRegs, fUseBP, cbFrame
+    .FPO (cdwLocals, cdwParams, cbProlog, cbRegs, fUseBP, cbFrame)
+ENDM
+
+/* MASM doesn't have an ASCII macro */
+.ASCII MACRO text:VARARG
+    DB text
+ENDM
+.ascii MACRO text:VARARG
+    DB text
+ENDM
+
+/* MASM doesn't have an ASCIZ macro */
+.ASCIZ MACRO text:VARARG
+    DB text
+    DB 0
+ENDM
+.asciz MACRO text:VARARG
+    DB text
+    DB 0
+ENDM
+
+.code64 MACRO
+    .code
+ENDM
+
+.code32 MACRO
+    .code
+    .586P
+ENDM
+
+.code16 MACRO
+    ASSUME nothing
+    .text SEGMENT use16
+    .586P
+ENDM
+
+.endcode16 MACRO
+    .text ENDS
+ENDM
+
+.bss MACRO
+    .DATA?
+    ASSUME nothing
+ENDM
+
+//.text MACRO
+//ENDM
+
+.align MACRO alignment
+    ALIGN alignment
+ENDM
+
+.byte MACRO args:VARARG
+    db args
+ENDM
+
+.short MACRO args:VARARG
+    dw args
+ENDM
+
+.word MACRO args:VARARG
+    dw args
+ENDM
+
+.long MACRO args:VARARG
+    dd args
+ENDM
+
+.double MACRO args:VARARG
+    dq args
+ENDM
+
+.org MACRO value
+    ORG value
+ENDM
+
+.fill MACRO count, size, value
+    REPEAT count
+        if (size EQ 1)
+            DB value
+        elseif (size EQ 2)
+            DW value
+        elseif (size EQ 4)
+            DD value
+        endif
+    ENDM
+ENDM
+
+.skip MACRO size, fill:=<0>
+    DB size DUP (fill)
+ENDM
+
+.space MACRO size, fill:=<0>
+    .skip size, fill
+ENDM
+
+ljmp MACRO segment, offset
+    DB 0EAh
+    DD offset
+    DW segment
+ENDM
+
+ljmp16 MACRO segment, offset
+    DB 0EAh
+    DW offset
+    DW segment
+ENDM
+
+data32 MACRO opcode:VARARG
+    DB 66h
+    opcode
+ENDM
+
+UNIMPLEMENTED MACRO name
+ENDM
+
+absolute MACRO address
+    __absolute__address__ = address
+ENDM
+
+resb MACRO name, size
+    name = __absolute__address__
+    __absolute__address__ = __absolute__address__ + size
+ENDM
+
+/* We need this to distinguish repeat from macros */
+#define ENDR ENDM
+
+#define CR 13
+#define LF 10
+#define NUL 0
+
+/* For compatibility with GAS */
+CFI_STARTPROC MACRO start
+ENDM
+CFI_ENDPROC MACRO
+ENDM
+CFI_DEF_CFA MACRO reg:REQ, offset:REQ
+ENDM
+CFI_DEF_CFA_OFFSET MACRO offset:REQ
+ENDM
+CFI_DEF_CFA_REGISTER MACRO reg:REQ
+ENDM
+CFI_ADJUST_CFA_OFFSET MACRO offset:REQ
+ENDM
+CFI_OFFSET MACRO reg:REQ, offset:REQ
+ENDM
+CFI_REGISTER MACRO reg1:REQ, reg2:REQ
+ENDM
+CFI_REL_OFFSET MACRO reg:REQ, offset:REQ
+ENDM
+CFI_SAME_VALUE MACRO reg:REQ
+ENDM
+
+#else /***********************************************************************/
+
+/* Force intel syntax */
+.intel_syntax noprefix
+
+.altmacro
+
+/* Explicit radix in GAS syntax */
+#define BIN(x) 0b##x
+#define OCT(x) 0##x
+#define DEC(x) x
+#define HEX(x) 0x##x
+
+/* Macro values need to be marked */
+#define VAL(x) \x
+
+/* Due to MASM's reverse syntax, we are forced to use a precompiler macro */
+#define MACRO(...) .macro __VA_ARGS__
+#define ENDM .endm
+
+/* To avoid reverse syntax we provide a new macro .PROC, replacing PROC... */
+.macro .PROC name
+    .func \name
+#ifdef _X86_
+    /* x86 GAS expects a label with _ prefix */
+    _\name:
+#endif
+    \name:
+    .cfi_startproc
+    .equ cfa_current_offset, -8
+.endm
+#define FUNC .PROC
+
+/* ... and .ENDP, replacing ENDP */
+.macro .ENDP
+    .cfi_endproc
+    .endfunc
+.endm
+#define ENDFUNC .ENDP
+
+/* MASM compatible PUBLIC */
+.macro PUBLIC symbol
+    .global \symbol
+.endm
+
+/* No special marking of global labels */
+.macro GLOBAL_LABEL label
+    \label:
+.endm
+
+/* Dummy ASSUME */
+.macro ASSUME p1 p2 p3 p4 p5 p6 p7 p8
+.endm
+
+/* MASM needs an end tag for segments */
+.macro .endcode16
+.endm
+
+/* MASM compatible ALIGN */
+#define ALIGN .align
+
+/* MASM compatible REPEAT, additional ENDR */
+#define REPEAT .rept
+#define ENDR .endr
+
+.macro ljmp segment, offset
+    jmp far ptr \segment:\offset
+.endm
+
+.macro ljmp16 segment, offset
+    jmp far ptr \segment:\offset
+.endm
+
+/* MASM compatible EXTERN */
+.macro EXTERN name
+.endm
+
+/* MASM needs an END tag */
+#define END
+
+.macro .MODEL model
+.endm
+
+.macro .code
+    .text
+.endm
+
+/* check http://msdn.microsoft.com/en-us/library/9c9k076y%28VS.80%29.aspx
+   and http://msdn.microsoft.com/en-us/library/ms679352%28VS.85%29.aspx */
+.macro FPO cdwLocals, cdwParams, cbProlog, cbRegs, fUseBP, cbFrame
+    .if (cbFrame == FRAME_TRAP)
+        .cfi_signal_frame
+    .endif
+.endm
+
+/* Macros for x64 stack unwind OPs */
+
+.macro .allocstack size
+    .cfi_adjust_cfa_offset \size
+    .set cfa_current_offset, cfa_current_offset - \size
+.endm
+
+code = 1
+.macro .pushframe param=0
+    .if (\param)
+        .cfi_adjust_cfa_offset 0x30
+        .set cfa_current_offset, cfa_current_offset - 0x30
+    .else
+        .cfi_adjust_cfa_offset 0x28
+        .set cfa_current_offset, cfa_current_offset - 0x28
+    .endif
+.endm
+
+.macro .pushreg reg
+    .cfi_adjust_cfa_offset 8
+    .equ cfa_current_offset, cfa_current_offset - 8
+    .cfi_offset \reg, cfa_current_offset
+.endm
+
+.macro .savereg reg, offset
+    // checkme!!!
+    .cfi_offset \reg, \offset
+.endm
+
+.macro .savexmm128 reg, offset
+    // checkme!!!
+    .cfi_offset \reg, \offset
+.endm
+
+.macro .setframe reg, offset
+    .cfi_def_cfa reg, \offset
+    .equ cfa_current_offset, \offset
+.endm
+
+.macro .endprolog
+.endm
+
+.macro absolute address
+    __absolute__address__ = \address
+.endm
+
+.macro resb name, size
+    \name = __absolute__address__
+    __absolute__address__ = __absolute__address__ + \size
+.endm
+
+.macro UNIMPLEMENTED2 file, line, func
+    jmp 3f
+1:  .asciz "\func"
+2:  .asciz \file
+3:
+    sub rsp, 0x20
+    lea rcx, MsgUnimplemented[rip]
+    lea rdx, 1b[rip]
+    lea r8, 2b[rip]
+    mov r9, \line
+    call DbgPrint
+    add rsp, 0x20
+.endm
+#define UNIMPLEMENTED UNIMPLEMENTED2 __FILE__, __LINE__,
+
+/* MASM/ML uses ".if" for runtime conditionals, and "if" for compile time
+   conditionals. We therefore use "if", too. .if shouldn't be used at all */
+#define if .if
+#define endif .endif
+#define else .else
+#define elseif .elseif
+
+#define CR  "\r"
+#define LF  "\n"
+#define NUL "\0"
+
+/* CFI annotations */
+#define CFI_STARTPROC .cfi_startproc
+#define CFI_ENDPROC .cfi_endproc
+#define CFI_DEF_CFA .cfi_def_cfa
+#define CFI_DEF_CFA_OFFSET .cfi_def_cfa_offset
+#define CFI_DEF_CFA_REGISTER .cfi_def_cfa_register
+#define CFI_ADJUST_CFA_OFFSET .cfi_adjust_cfa_offset
+#define CFI_OFFSET .cfi_offset
+#define CFI_REGISTER .cfi_register
+#define CFI_REL_OFFSET .cfi_rel_offset
+#define CFI_SAME_VALUE .cfi_same_value
+
+#endif
+
+#endif /* __ASM_INC__ */
--- a/sdk/include/asm/genincdata.c
+++ b/sdk/include/asm/genincdata.c
@ -0,0 +1,78 @@
+#undef __MSVCRT__
+#include <psdk/ntverp.h>
+
+/* DDK/IFS/NDK Headers */
+#define _NTSYSTEM_
+#include <excpt.h>
+#include <setjmp.h>
+#include <ntdef.h>
+#include <ntifs.h>
+#include <arc/arc.h>
+#include <ntndk.h>
+#include <bugcodes.h>
+
+/* KD Support */
+#define NOEXTAPI
+#include <windbgkd.h>
+#include <wdbgexts.h>
+#include <kddll.h>
+
+#ifdef _M_AMD64
+enum
+{
+    P1Home = 1 * sizeof(PVOID),
+    P2Home = 2 * sizeof(PVOID),
+    P3Home = 3 * sizeof(PVOID),
+    P4Home = 4 * sizeof(PVOID),
+};
+#endif
+
+typedef struct
+{
+    char Type;
+    char Name[55];
+    ULONGLONG Value;
+} ASMGENDATA;
+
+#define TYPE_END 0
+#define TYPE_RAW 1
+#define TYPE_CONSTANT 2
+#define TYPE_HEADER 3
+
+#define RAW(x) {TYPE_RAW, x, 0}
+#define CONSTANT(name) {TYPE_CONSTANT, #name, (ULONG)name}
+#define CONSTANT64(name) {TYPE_CONSTANT, #name, (ULONGLONG)name}
+#define CONSTANTPTR(name) {TYPE_CONSTANT, #name, (ULONG_PTR)name}
+#define CONSTANTX(name, value) {TYPE_CONSTANT, #name, value}
+#define OFFSET(name, struct, member) {TYPE_CONSTANT, #name, FIELD_OFFSET(struct, member)}
+#define RELOFFSET(name, struct, member, to) {TYPE_CONSTANT, #name, FIELD_OFFSET(struct, member) - FIELD_OFFSET(struct, to)}
+#define SIZE(name, struct) {TYPE_CONSTANT, #name, sizeof(struct)}
+#define HEADER(x) {TYPE_HEADER, x, 0}
+
+#if defined(_MSC_VER)
+#pragma section(".asmdef")
+__declspec(allocate(".asmdef"))
+#elif defined(__GNUC__)
+__attribute__ ((section(".asmdef")))
+#else
+#error Your compiler is not supported.
+#endif
+
+ASMGENDATA Table[] =
+{
+/* ARCHITECTURE SPECIFIC CONTSTANTS ******************************************/
+#ifdef _M_IX86
+#include "ks386.template.h"
+#elif defined(_M_AMD64)
+#include "ksamd64.template.h"
+#elif defined(_M_ARM)
+#include "ksarm.template.h"
+#endif
+
+/* PORTABLE CONSTANTS ********************************************************/
+#include "ksx.template.h"
+
+    /* End of list */
+    {TYPE_END, "", 0}
+};
+
--- a/sdk/include/asm/ks386.template.h
+++ b/sdk/include/asm/ks386.template.h
@ -0,0 +1,767 @@
+
+HEADER("CR0 flags"),
+CONSTANT(CR0_PE),
+CONSTANT(CR0_MP),
+CONSTANT(CR0_EM),
+CONSTANT(CR0_TS),
+CONSTANT(CR0_ET),
+CONSTANT(CR0_NE),
+CONSTANT(CR0_WP),
+CONSTANT(CR0_AM), // not win 10
+CONSTANT(CR0_NW),
+CONSTANT(CR0_CD),
+CONSTANT(CR0_PG),
+
+HEADER("CR4 flags"),
+CONSTANT(CR4_VME),
+CONSTANT(CR4_PVI),
+CONSTANT(CR4_TSD),
+CONSTANT(CR4_DE),
+CONSTANT(CR4_PSE),
+CONSTANT(CR4_PAE),
+CONSTANT(CR4_MCE),
+CONSTANT(CR4_PGE),
+CONSTANT(CR4_FXSR),
+CONSTANT(CR4_XMMEXCPT),
+//CONSTANT(CR4_PGE_V),
+//CONSTANT(CR4_XSAVE),
+
+HEADER("Debug Registers"),
+CONSTANT(DR6_LEGAL),
+CONSTANT(DR7_LEGAL),
+CONSTANT(DR7_ACTIVE),
+CONSTANT(DR7_RESERVED_MASK),
+
+HEADER("EFLAGS"),
+CONSTANT(EFLAGS_TF),
+CONSTANT(EFLAGS_INTERRUPT_MASK),
+CONSTANT(EFLAGS_V86_MASK),
+CONSTANT(EFLAGS_ALIGN_CHECK),
+CONSTANT(EFLAGS_VIF),
+CONSTANT(EFLAGS_VIP),
+CONSTANT(EFLAGS_USER_SANITIZE),
+//CONSTANT(EFLAG_SELECT),
+
+#if (NTDDI_VERSION >= NTDDI_VISTA)
+HEADER("Hypervisor Enlightenment Definitions"),
+CONSTANT(HV_MMU_USE_HYPERCALL_FOR_ADDRESS_SWITCH),
+CONSTANT(HV_MMU_USE_HYPERCALL_FOR_LOCAL_FLUSH),
+CONSTANT(HV_MMU_USE_HYPERCALL_FOR_REMOTE_FLUSH),
+CONSTANT(HV_KE_USE_HYPERCALL_FOR_LONG_SPIN_WAIT),
+#endif
+
+HEADER("KeFeatureBits flags"),
+CONSTANT(KF_V86_VIS),
+CONSTANT(KF_RDTSC),
+CONSTANT(KF_CR4),
+CONSTANT(KF_GLOBAL_PAGE),
+CONSTANT(KF_LARGE_PAGE),
+CONSTANT(KF_CMPXCHG8B),
+CONSTANT(KF_FAST_SYSCALL),
+//CONSTANT(KF_XSTATE),
+
+HEADER("KDGT selectors"),
+CONSTANT(KGDT_R3_DATA),
+CONSTANT(KGDT_R3_CODE),
+CONSTANT(KGDT_R0_CODE),
+CONSTANT(KGDT_R0_DATA),
+CONSTANT(KGDT_R0_PCR),
+//CONSTANT(KGDT_STACK16),// obsolete
+//CONSTANT(KGDT_CODE16),// obsolete
+CONSTANT(KGDT_TSS),
+CONSTANT(KGDT_R3_TEB),
+//CONSTANT(KGDT_R3_GS),
+CONSTANT(KGDT_DF_TSS),
+CONSTANT(KGDT_NMI_TSS),
+CONSTANT(KGDT_LDT),
+
+HEADER("Machine type definitions"),
+CONSTANT(MACHINE_TYPE_ISA),
+CONSTANT(MACHINE_TYPE_EISA),
+CONSTANT(MACHINE_TYPE_MCA),
+
+HEADER("MSR definitions"),
+CONSTANT(MSR_AMD_ACCESS),
+CONSTANT(MSR_IA32_MISC_ENABLE),
+CONSTANT(MSR_EFER),
+
+HEADER("MSR values"),
+CONSTANT(MSR_NXE),
+CONSTANT(XHF_NOEXECUTE),
+CONSTANT(MSR_XD_ENABLE_MASK),
+
+HEADER("WOW64 turbo dispatch system call types"),
+CONSTANT(ServiceNoTurbo),
+CONSTANT(Service0Arg),
+CONSTANT(Service0ArgReloadState),
+CONSTANT(Service1ArgSp),
+CONSTANT(Service1ArgNSp),
+CONSTANT(Service2ArgNSpNSp),
+CONSTANT(Service2ArgNSpNSpReloadState),
+CONSTANT(Service2ArgSpNSp),
+CONSTANT(Service2ArgSpSp),
+CONSTANT(Service2ArgNSpSp),
+CONSTANT(Service3ArgNSpNSpNSp),
+CONSTANT(Service3ArgSpSpSp),
+CONSTANT(Service3ArgSpNSpNSp),
+CONSTANT(Service3ArgSpNSpNSpReloadState),
+CONSTANT(Service3ArgSpSpNSp),
+CONSTANT(Service3ArgNSpSpNSp),
+CONSTANT(Service3ArgSpNSpSp),
+CONSTANT(Service4ArgNSpNSpNSpNSp),
+CONSTANT(Service4ArgSpSpNSpNSp),
+CONSTANT(Service4ArgSpSpNSpNSpReloadState),
+CONSTANT(Service4ArgSpNSpNSpNSp),
+CONSTANT(Service4ArgSpNSpNSpNSpReloadState),
+CONSTANT(Service4ArgNSpSpNSpNSp),
+CONSTANT(Service4ArgSpSpSpNSp),
+CONSTANT(ServiceCpupTdQuerySystemTime),
+CONSTANT(ServiceCpupTdGetCurrentProcessorNumber),
+CONSTANT(ServiceCpupTdReadWriteFile),
+CONSTANT(ServiceCpupTdDeviceIoControlFile),
+CONSTANT(ServiceCpupTdRemoveIoCompletion),
+CONSTANT(ServiceCpupTdWaitForMultipleObjects),
+CONSTANT(ServiceCpupTdWaitForMultipleObjects32),
+CONSTANT(Wow64ServiceTypesCount),
+
+HEADER("VDM constants"),
+CONSTANT(VDM_INDEX_Invalid),
+CONSTANT(VDM_INDEX_0F),
+CONSTANT(VDM_INDEX_ESPrefix),
+CONSTANT(VDM_INDEX_CSPrefix),
+CONSTANT(VDM_INDEX_SSPrefix),
+CONSTANT(VDM_INDEX_DSPrefix),
+CONSTANT(VDM_INDEX_FSPrefix),
+CONSTANT(VDM_INDEX_GSPrefix),
+CONSTANT(VDM_INDEX_OPER32Prefix),
+CONSTANT(VDM_INDEX_ADDR32Prefix),
+CONSTANT(VDM_INDEX_INSB),
+CONSTANT(VDM_INDEX_INSW),
+CONSTANT(VDM_INDEX_OUTSB),
+CONSTANT(VDM_INDEX_OUTSW),
+CONSTANT(VDM_INDEX_PUSHF),
+CONSTANT(VDM_INDEX_POPF),
+CONSTANT(VDM_INDEX_INTnn),
+CONSTANT(VDM_INDEX_INTO),
+CONSTANT(VDM_INDEX_IRET),
+CONSTANT(VDM_INDEX_NPX),
+CONSTANT(VDM_INDEX_INBimm),
+CONSTANT(VDM_INDEX_INWimm),
+CONSTANT(VDM_INDEX_OUTBimm),
+CONSTANT(VDM_INDEX_OUTWimm),
+CONSTANT(VDM_INDEX_INB),
+CONSTANT(VDM_INDEX_INW),
+CONSTANT(VDM_INDEX_OUTB),
+CONSTANT(VDM_INDEX_OUTW),
+CONSTANT(VDM_INDEX_LOCKPrefix),
+CONSTANT(VDM_INDEX_REPNEPrefix),
+CONSTANT(VDM_INDEX_REPPrefix),
+CONSTANT(VDM_INDEX_CLI),
+CONSTANT(VDM_INDEX_STI),
+CONSTANT(VDM_INDEX_HLT),
+CONSTANT(MAX_VDM_INDEX),
+
+//HEADER("VDM feature bits"),
+//CONSTANT(V86_VIRTUAL_INT_EXTENSIONS),
+//CONSTANT(PM_VIRTUAL_INT_EXTENSIONS),
+
+HEADER("XSAVE_AREA definitions"),
+CONSTANT(XSTATE_MASK_LEGACY_FLOATING_POINT),
+CONSTANT(XSTATE_MASK_LEGACY_SSE),
+CONSTANT(XSTATE_MASK_LEGACY),
+CONSTANT(XSTATE_MASK_GSSE),
+
+//HEADER("Interrupt vector definitions"),
+//CONSTANT(IOMMU_VECTOR),
+//CONSTANT(STUB_VECTOR),
+//CONSTANT(REBOOT_VECTOR),
+//CONSTANT(IPI_VECTOR),
+//CONSTANT(LOCAL_ERROR_VECTOR),
+//CONSTANT(PERF_VECTOR),
+
+HEADER("Miscellaneous constants"),
+//CONSTANT(INITIAL_MXCSR),
+//CONSTANT(IPI_FREEZE),
+//CONSTANT(XSAVE_PRESENT),
+SIZE(KTIMER_TABLE_SIZE, KTIMER_TABLE),
+//CONSTANT(TRAP_FRAME_MARKER),
+CONSTANT(FRAME_EDITED),
+//CONSTANT(INTERRUPT_FRAME),
+//CONSTANT(EXCEPTION_FRAME),
+//CONSTANT(SYSCALL_FRAME),
+//CONSTANT(KXMM_FRAME_SIZE),
+//CONSTANT(KI_SLIST_FAULT_COUNT_MAXIMUM),
+CONSTANT(PF_XMMI_INSTRUCTIONS_AVAILABLE),
+CONSTANT(CPU_AMD),
+CONSTANT(CPU_INTEL),
+//CONSTANT(DEBUG_ACTIVE_MASK),
+//CONSTANT(DEBUG_ACTIVE_MINIMAL_THREAD),
+//CONSTANT(THREAD_LOCK_FLAGS_DBG_INSTRUMENTED),
+//CONSTANT(X86AMD64_R3_LONG_MODE_CODE),
+//CONSTANT(SEL_TYPE_NP),
+//CONSTANT(TEB_FLAGS_SAFE_THUNK_CALL),
+//CONSTANT(TEB_FLAGS_FIBER_SWAPPED),
+//CONSTANT(KI_SPINLOCK_ORDER_PRCB_LOCK),
+//CONSTANT(PROCESSOR_START_FLAG_FORCE_ENABLE_NX),
+
+HEADER("** FIELD OFFSETS ***************"),
+
+//HEADER("RtlBackoff offsets"),
+//OFFSET(BoDelay, ????, Delay),
+//SIZE(RtlBackoffLength, ????),
+
+HEADER("CONTEXT offsets"),
+OFFSET(CsContextFlags, CONTEXT, ContextFlags),
+OFFSET(CsDr0, CONTEXT, Dr0),
+OFFSET(CsDr1, CONTEXT, Dr1),
+OFFSET(CsDr2, CONTEXT, Dr2),
+OFFSET(CsDr3, CONTEXT, Dr3),
+OFFSET(CsDr6, CONTEXT, Dr6),
+OFFSET(CsDr7, CONTEXT, Dr7),
+OFFSET(CsFloatSave, CONTEXT, FloatSave),
+OFFSET(CsSegGs, CONTEXT, SegGs),
+OFFSET(CsSegFs, CONTEXT, SegFs),
+OFFSET(CsSegEs, CONTEXT, SegEs),
+OFFSET(CsSegDs, CONTEXT, SegDs),
+OFFSET(CsEdi, CONTEXT, Edi),
+OFFSET(CsEsi, CONTEXT, Esi),
+OFFSET(CsEbx, CONTEXT, Ebx),
+OFFSET(CsEdx, CONTEXT, Edx),
+OFFSET(CsEcx, CONTEXT, Ecx),
+OFFSET(CsEax, CONTEXT, Eax),
+OFFSET(CsEbp, CONTEXT, Ebp),
+OFFSET(CsEip, CONTEXT, Eip),
+OFFSET(CsSegCs, CONTEXT, SegCs),
+OFFSET(CsEflags, CONTEXT, EFlags),
+OFFSET(CsEsp, CONTEXT, Esp),
+OFFSET(CsSegSs, CONTEXT, SegSs),
+OFFSET(CsExtendedRegisters, CONTEXT, ExtendedRegisters),
+//OFFSET(CsMxCsr, CONTEXT, MxCsr),
+SIZE(ContextFrameLength, CONTEXT),
+SIZE(CONTEXT_LENGTH, CONTEXT),
+
+HEADER("KCALLOUT_FRAME offsets"),
+OFFSET(CuInStk, KCALLOUT_FRAME, InitialStack), // 00000H
+OFFSET(CuTrFr, KCALLOUT_FRAME, TrapFrame), // 00004H
+OFFSET(CuCbStk, KCALLOUT_FRAME, CallbackStack), // 00008H
+OFFSET(CuEdi, KCALLOUT_FRAME, Edi), // 0000CH
+OFFSET(CuEsi, KCALLOUT_FRAME, Esi), // 00010H
+OFFSET(CuEbx, KCALLOUT_FRAME, Ebx), // 00014H
+OFFSET(CuEbp, KCALLOUT_FRAME, Ebp), // 00018H
+OFFSET(CuRet, KCALLOUT_FRAME, ReturnAddress), // 0001CH
+OFFSET(CuOutBf, KCALLOUT_FRAME, Result), // 00020H
+OFFSET(CuOutLn, KCALLOUT_FRAME, ResultLength), // 00024H
+
+//HEADER("??? offsets"),
+//OFFSET(ErrHandler, ???, Handler),
+//OFFSET(ErrNext, ???, Next),
+//OFFSET(ErrLength, ???, Length),
+
+HEADER("FLOATING_SAVE_AREA offsets"),
+OFFSET(FpControlWord, FLOATING_SAVE_AREA, ControlWord),
+OFFSET(FpStatusWord, FLOATING_SAVE_AREA, StatusWord),
+OFFSET(FpTagWord, FLOATING_SAVE_AREA, TagWord),
+OFFSET(FpErrorOffset, FLOATING_SAVE_AREA, ErrorOffset),
+OFFSET(FpErrorSelector, FLOATING_SAVE_AREA, ErrorSelector),
+OFFSET(FpDataOffset, FLOATING_SAVE_AREA, DataOffset),
+OFFSET(FpDataSelector, FLOATING_SAVE_AREA, DataSelector),
+OFFSET(FpRegisterArea, FLOATING_SAVE_AREA, RegisterArea),
+
+HEADER("XSAVE_FORMAT offsets"),
+OFFSET(FxControlWord, XSAVE_FORMAT, ControlWord),
+OFFSET(FxStatusWord, XSAVE_FORMAT, StatusWord),
+OFFSET(FxTagWord, XSAVE_FORMAT, TagWord),
+OFFSET(FxErrorOpcode, XSAVE_FORMAT, ErrorOpcode),
+OFFSET(FxErrorOffset, XSAVE_FORMAT, ErrorOffset),
+OFFSET(FxErrorSelector, XSAVE_FORMAT, ErrorSelector),
+OFFSET(FxDataOffset, XSAVE_FORMAT, DataOffset),
+OFFSET(FxDataSelector, XSAVE_FORMAT, DataSelector),
+OFFSET(FxMxCsr, XSAVE_FORMAT, MxCsr),
+SIZE(XSAVE_FORMAT_SIZE, XSAVE_FORMAT),
+
+HEADER("KGDTENTRY offsets"),
+OFFSET(KgdtLimitLow, KGDTENTRY, LimitLow),
+OFFSET(KgdtBaseLow, KGDTENTRY, BaseLow),
+OFFSET(KgdtHighWord, KGDTENTRY, HighWord),
+OFFSET(KgdtBaseMid, KGDTENTRY, HighWord.Bytes.BaseMid),
+OFFSET(KgdtLimitHi, KGDTENTRY, HighWord.Bytes.Flags2),
+OFFSET(KgdtBaseHi, KGDTENTRY, HighWord.Bytes.BaseHi),
+
+HEADER("KPRCB offsets"),
+OFFSET(PbCurrentThread, KPRCB, CurrentThread),
+OFFSET(PbNextThread, KPRCB, NextThread),
+OFFSET(PbIdleThread, KPRCB, IdleThread),
+//OFFSET(PbNestingLevel, KPRCB, NestingLevel),
+OFFSET(PbCpuType, KPRCB, CpuType),
+OFFSET(PbCpuID, KPRCB, CpuID),
+OFFSET(PbCpuStep, KPRCB, CpuStep),
+OFFSET(PbProcessorState, KPRCB, ProcessorState),
+OFFSET(PbParentNode, KPRCB, ParentNode),
+//OFFSET(PbPriorityState, KPRCB, PriorityState),
+OFFSET(PbHalReserved, KPRCB, HalReserved),
+//OFFSET(PbCFlushSize, KPRCB, CFlushSize),
+//OFFSET(PbCpuVendor, KPRCB, CpuVendor),
+//OFFSET(PbGroupSetMember, KPRCB, GroupSetMember),
+OFFSET(PbNumber, KPRCB, Number),
+//OFFSET(PbClockOwner, KPRCB, ClockOwner),
+OFFSET(PbLockQueue, KPRCB, LockQueue),
+OFFSET(PbInterruptCount, KPRCB, InterruptCount),
+OFFSET(PbKernelTime, KPRCB, KernelTime),
+OFFSET(PbUserTime, KPRCB, UserTime),
+OFFSET(PbDpcTime, KPRCB, DpcTime),
+OFFSET(PbInterruptTime, KPRCB, InterruptTime),
+OFFSET(PbAdjustDpcThreshold, KPRCB, AdjustDpcThreshold),
+OFFSET(PbPageColor, KPRCB, PageColor),
+OFFSET(PbDebuggerSavedIRQL, KPRCB, DebuggerSavedIRQL),
+OFFSET(PbNodeShiftedColor, KPRCB, NodeShiftedColor),
+OFFSET(PbSecondaryColorMask, KPRCB, SecondaryColorMask),
+//OFFSET(PbAlignmentFixupCount, KPRCB, AlignmentFixupCount),
+//OFFSET(PbExceptionDispatchCount, KPRCB, ExceptionDispatchCount),
+OFFSET(PbSystemCalls, KPRCB, KeSystemCalls),
+OFFSET(PbPPLookasideList, KPRCB, PPLookasideList),
+OFFSET(PbPPNPagedLookasideList, KPRCB, PPNPagedLookasideList),
+OFFSET(PbPPPagedLookasideList, KPRCB, PPPagedLookasideList),
+OFFSET(PbPacketBarrier, KPRCB, PacketBarrier),
+OFFSET(PbReverseStall, KPRCB, ReverseStall),
+OFFSET(PbIpiFrame, KPRCB, IpiFrame),
+OFFSET(PbCurrentPacket, KPRCB, CurrentPacket),
+OFFSET(PbTargetSet, KPRCB, TargetSet),
+OFFSET(PbWorkerRoutine, KPRCB, WorkerRoutine),
+OFFSET(PbIpiFrozen, KPRCB, IpiFrozen),
+OFFSET(PbRequestSummary, KPRCB, RequestSummary),
+//OFFSET(PbDpcList, KPRCB, DpcList),
+//OFFSET(PbDpcLock, KPRCB, DpcLock),
+//OFFSET(PbDpcCount, KPRCB, DpcCount),
+OFFSET(PbDpcStack, KPRCB, DpcStack),
+OFFSET(PbMaximumDpcQueueDepth, KPRCB, MaximumDpcQueueDepth),
+OFFSET(PbDpcRequestRate, KPRCB, DpcRequestRate),
+OFFSET(PbMinimumDpcRate, KPRCB, MinimumDpcRate),
+OFFSET(PbDpcLastCount, KPRCB, DpcLastCount),
+OFFSET(PbPrcbLock, KPRCB, PrcbLock),
+OFFSET(PbQuantumEnd, KPRCB, QuantumEnd),
+OFFSET(PbDpcRoutineActive, KPRCB, DpcRoutineActive),
+OFFSET(PbIdleSchedule, KPRCB, IdleSchedule),
+//OFFSET(PbNormalDpcState, KPRCB, NormalDpcState),
+//OFFSET(PbKeSpinLockOrdering, KPRCB, KeSpinLockOrdering),
+OFFSET(PbDeferredReadyListHead, KPRCB, DeferredReadyListHead),
+OFFSET(PbReadySummary, KPRCB, ReadySummary),
+OFFSET(PbWaitListHead, KPRCB, WaitListHead),
+//OFFSET(PbStartCycle, KPRCB, StartCycle),
+//OFFSET(PbCycleTime, KPRCB, CycleTime),
+//OFFSET(PbHighCycleTime, KPRCB, HighCycleTime),
+OFFSET(PbDispatcherReadyListHead, KPRCB, DispatcherReadyListHead),
+OFFSET(PbChainedInterruptList, KPRCB, ChainedInterruptList),
+//OFFSET(PbSpinLockAcquireCount, KPRCB, SpinLockAcquireCount),
+//OFFSET(PbSpinLockContentionCount, KPRCB, SpinLockContentionCount),
+//OFFSET(PbSpinLockSpinCount, KPRCB, SpinLockSpinCount),
+//OFFSET(PbContext, KPRCB, Context),
+//OFFSET(PbIsrStack, KPRCB, IsrStack),
+//OFFSET(PbVectorToInterruptObject, KPRCB, VectorToInterruptObject),
+//OFFSET(PbEntropyBuffer, KPRCB, EntropyTimingState.Buffer),
+//OFFSET(PbMailbox, KPRCB, Mailbox),
+SIZE(ProcessorBlockLength, KPRCB),
+
+HEADER("KPCR offsets"),
+OFFSET(PcExceptionList, KIPCR, NtTib.ExceptionList),
+//OFFSET(PcInitialStack, KIPCR, InitialStack),
+//OFFSET(PcMxCsr, KIPCR, MxCsr),
+OFFSET(PcTssCopy, KIPCR, TssCopy),
+OFFSET(PcContextSwitches, KIPCR, ContextSwitches),
+OFFSET(PcSetMemberCopy, KIPCR, SetMemberCopy),
+OFFSET(PcTeb, KIPCR, NtTib.Self),
+OFFSET(PcSelfPcr, KIPCR, Self),
+OFFSET(PcPrcb, KIPCR, Prcb),
+OFFSET(PcIrql, KIPCR, Irql),
+OFFSET(PcIRR, KIPCR, IRR),
+OFFSET(PcIrrActive, KIPCR, IrrActive),
+OFFSET(PcIDR, KIPCR, IDR),
+OFFSET(PcIdt, KIPCR, IDT),
+OFFSET(PcGdt, KIPCR, GDT),
+OFFSET(PcTss, KIPCR, TSS),
+OFFSET(PcSetMember, KIPCR, SetMember),
+OFFSET(PcStallScaleFactor, KIPCR, StallScaleFactor),
+OFFSET(PcNumber, KIPCR, Number),
+OFFSET(PcVdmAlert, KIPCR, VdmAlert),
+OFFSET(PcHal, KIPCR, HalReserved),
+OFFSET(PcPrcbData, KIPCR, PrcbData),
+OFFSET(PcCurrentThread, KIPCR, PrcbData.CurrentThread),
+//OFFSET(PcNestingLevel, KIPCR, PrcbData.NestingLevel),
+OFFSET(PcParentNode, KIPCR, PrcbData.ParentNode),
+OFFSET(PcInterruptCount, KIPCR, PrcbData.InterruptCount),
+//OFFSET(PcDpcRequestSummary, KIPCR, PrcbData.DpcRequestSummary),
+//OFFSET(PcStartCycles, KIPCR, PrcbData.StartCycles),
+//OFFSET(PcCycleTime, KIPCR, PrcbData.CycleTime),
+//OFFSET(PcHighCycleTime, KIPCR, PrcbData.HighCycleTime),
+SIZE(ProcessorControlRegisterLength, KIPCR),
+
+// Processor Start Block Offset Definitions
+//HEADER("??? offsets"),
+//OFFSET(PsbCompletionFlag, ???, PsbCompletionFlag),
+//OFFSET(PsbFlags, ???, PsbCompletionFlag),
+//OFFSET(PsbTiledMemoryMap, ???, PsbCompletionFlag),
+//OFFSET(PsbSelfMap, ???, PsbCompletionFlag),
+//OFFSET(PsbProcessorState, ???, PsbCompletionFlag),
+//SIZE(ProcessorStartBlockLength, ???, PsbCompletionFlag),
+
+HEADER("PEB offsets"),
+OFFSET(PebBeingDebugged, PEB, BeingDebugged),
+OFFSET(PebKernelCallbackTable, PEB, KernelCallbackTable),
+
+HEADER("KPROCESSOR_STATE offsets"),
+OFFSET(PsContextFrame, KPROCESSOR_STATE, ContextFrame),
+OFFSET(PsSpecialRegisters, KPROCESSOR_STATE, SpecialRegisters),
+SIZE(ProcessorStateLength, KPROCESSOR_STATE),
+
+HEADER("KSPECIAL_REGISTERS offsets"),
+OFFSET(SrCr0, KSPECIAL_REGISTERS, Cr0),
+OFFSET(SrCr2, KSPECIAL_REGISTERS, Cr2),
+OFFSET(SrCr3, KSPECIAL_REGISTERS, Cr3),
+OFFSET(SrCr4, KSPECIAL_REGISTERS, Cr4),
+OFFSET(SrKernelDr0, KSPECIAL_REGISTERS, KernelDr0),
+OFFSET(SrKernelDr1, KSPECIAL_REGISTERS, KernelDr1),
+OFFSET(SrKernelDr2, KSPECIAL_REGISTERS, KernelDr2),
+OFFSET(SrKernelDr3, KSPECIAL_REGISTERS, KernelDr3),
+OFFSET(SrKernelDr6, KSPECIAL_REGISTERS, KernelDr6),
+OFFSET(SrKernelDr7, KSPECIAL_REGISTERS, KernelDr7),
+OFFSET(SrGdtr, KSPECIAL_REGISTERS, Gdtr),
+OFFSET(SrIdtr, KSPECIAL_REGISTERS, Idtr),
+OFFSET(SrTr, KSPECIAL_REGISTERS, Tr),
+OFFSET(SrLdtr, KSPECIAL_REGISTERS, Ldtr),
+//OFFSET(SrXcr0, KSPECIAL_REGISTERS, Xcr0),
+//OFFSET(SrExceptionList, KSPECIAL_REGISTERS, ExceptionList),
+
+HEADER("KSYSTEM_TIME offsets"),
+OFFSET(StLowTime, KSYSTEM_TIME, LowTime),
+OFFSET(StHigh1Time, KSYSTEM_TIME, High1Time),
+OFFSET(StHigh2Time, KSYSTEM_TIME, High2Time),
+
+//HEADER("KSWITCH_FRAME offsets"),
+//SIZE(SwitchFrameLength, KSWITCH_FRAME),
+
+HEADER("TEB offsets (duplicates Te* definitions!)"),
+OFFSET(TbExceptionList, TEB, NtTib.ExceptionList),
+OFFSET(TbStackBase, TEB, NtTib.StackBase),
+OFFSET(TbStackLimit, TEB, NtTib.StackLimit),
+OFFSET(TbVersion, TEB, NtTib.Version),
+OFFSET(TbFiberData, TEB, NtTib.FiberData),
+OFFSET(TbArbitraryUserPointer, TEB, NtTib.ArbitraryUserPointer),
+OFFSET(TbEnvironmentPointer, TEB, EnvironmentPointer),
+OFFSET(TbClientId, TEB, ClientId),
+OFFSET(TbThreadLocalStoragePointer, TEB, ThreadLocalStoragePointer),
+OFFSET(TbCountOfOwnedCriticalSections, TEB, CountOfOwnedCriticalSections),
+OFFSET(TbCsrClientThread, TEB, CsrClientThread),
+OFFSET(TbWOW32Reserved, TEB, WOW32Reserved),
+OFFSET(TbSystemReserved1, TEB, SystemReserved1),
+OFFSET(TbExceptionCode, TEB, ExceptionCode),
+OFFSET(TbGdiThreadLocalInfo, TEB, GdiThreadLocalInfo),
+OFFSET(TbglDispatchTable, TEB, glDispatchTable),
+OFFSET(TbglSectionInfo, TEB, glSectionInfo),
+OFFSET(TbglSection, TEB, glSection),
+OFFSET(TbglTable, TEB, glTable),
+OFFSET(TbglCurrentRC, TEB, glCurrentRC),
+OFFSET(TbglContext, TEB, glContext),
+OFFSET(TbDeallocationStack, TEB, DeallocationStack),
+OFFSET(TbVdm, TEB, Vdm),
+OFFSET(TbGdiBatchCount, TEB, GdiBatchCount),
+//OFFSET(TeSameTebFlags, TEB, SameTebFlags),
+OFFSET(TebPeb, TEB, ProcessEnvironmentBlock),
+
+HEADER("KTRAP_FRAME"),
+OFFSET(TsDbgEbp, KTRAP_FRAME, DbgEbp),
+OFFSET(TsDbgEip, KTRAP_FRAME, DbgEip),
+OFFSET(TsDbgArgMark, KTRAP_FRAME, DbgArgMark),
+OFFSET(TsTempSegCs, KTRAP_FRAME, TempSegCs),
+//OFFSET(TsLogging, KTRAP_FRAME, Logging),
+//OFFSET(TsFrameType, KTRAP_FRAME, FrameType),
+OFFSET(TsTempEsp, KTRAP_FRAME, TempEsp),
+OFFSET(TsDr0, KTRAP_FRAME, Dr0),
+OFFSET(TsDr1, KTRAP_FRAME, Dr1),
+OFFSET(TsDr2, KTRAP_FRAME, Dr2),
+OFFSET(TsDr3, KTRAP_FRAME, Dr3),
+OFFSET(TsDr6, KTRAP_FRAME, Dr6),
+OFFSET(TsDr7, KTRAP_FRAME, Dr7),
+OFFSET(TsSegGs, KTRAP_FRAME, SegGs),
+OFFSET(TsSegEs, KTRAP_FRAME, SegEs),
+OFFSET(TsSegDs, KTRAP_FRAME, SegDs),
+OFFSET(TsEdx, KTRAP_FRAME, Edx),
+OFFSET(TsEcx, KTRAP_FRAME, Ecx),
+OFFSET(TsEax, KTRAP_FRAME, Eax),
+OFFSET(TsPreviousPreviousMode, KTRAP_FRAME, PreviousPreviousMode),
+//OFFSET(TsMxCsr, KTRAP_FRAME, MxCsr),
+OFFSET(TsExceptionList, KTRAP_FRAME, ExceptionList),
+//OFFSET(TsEntropyQueueDpc, KTRAP_FRAME, EntropyQueueDpc),
+OFFSET(TsSegFs, KTRAP_FRAME, SegFs),
+OFFSET(TsEdi, KTRAP_FRAME, Edi),
+OFFSET(TsEsi, KTRAP_FRAME, Esi),
+OFFSET(TsEbx, KTRAP_FRAME, Ebx),
+OFFSET(TsEbp, KTRAP_FRAME, Ebp),
+OFFSET(TsErrCode, KTRAP_FRAME, ErrCode),
+OFFSET(TsEip, KTRAP_FRAME, Eip),
+OFFSET(TsSegCs, KTRAP_FRAME, SegCs),
+OFFSET(TsEflags, KTRAP_FRAME, EFlags),
+OFFSET(TsHardwareEsp, KTRAP_FRAME, HardwareEsp),
+OFFSET(TsHardwareSegSs, KTRAP_FRAME, HardwareSegSs),
+OFFSET(TsDbgArgPointer, KTRAP_FRAME, DbgArgPointer), // not in win10
+OFFSET(TsV86Es, KTRAP_FRAME, V86Es),
+OFFSET(TsV86Ds, KTRAP_FRAME, V86Ds),
+OFFSET(TsV86Fs, KTRAP_FRAME, V86Fs),
+OFFSET(TsV86Gs, KTRAP_FRAME, V86Gs),
+SIZE(KTRAP_FRAME_LENGTH, KTRAP_FRAME),
+CONSTANT(KTRAP_FRAME_ALIGN),
+
+HEADER("KTSS offsets"),
+OFFSET(TssEsp0, KTSS, Esp0),
+OFFSET(TssCR3, KTSS, CR3),
+OFFSET(TssEip, KTSS, Eip),
+OFFSET(TssEFlags, KTSS, EFlags),
+OFFSET(TssEax, KTSS, Eax),
+OFFSET(TssEbx, KTSS, Ebx),
+OFFSET(TssEcx, KTSS, Ecx),
+OFFSET(TssEdx, KTSS, Edx),
+OFFSET(TssEsp, KTSS, Esp),
+OFFSET(TssEbp, KTSS, Ebp),
+OFFSET(TssEsi, KTSS, Esi),
+OFFSET(TssEdi, KTSS, Edi),
+OFFSET(TssEs, KTSS, Es),
+OFFSET(TssCs, KTSS, Cs),
+OFFSET(TssSs, KTSS, Ss),
+OFFSET(TssDs, KTSS, Ds),
+OFFSET(TssFs, KTSS, Fs),
+OFFSET(TssGs, KTSS, Gs),
+OFFSET(TssLDT, KTSS, LDT),
+OFFSET(TssIoMapBase, KTSS, IoMapBase),
+OFFSET(TssIoMaps, KTSS, IoMaps),
+SIZE(TssLength, KTSS),
+
+//HEADER("VDM_PROCESS_OBJECTS??? offsets"),
+//VpVdmTib equ 00098H
+
+HEADER("XSTATE_CONFIGURATION offsets"),
+OFFSET(XcfgEnabledFeatures, XSTATE_CONFIGURATION, EnabledFeatures),
+#if (NTDDI_VERSION >= NTDDI_WIN10)
+OFFSET(XcfgEnabledVolatileFeatures, XSTATE_CONFIGURATION, EnabledFeatures),
+#endif
+
+HEADER("XSTATE_CONTEXT offsets"),
+OFFSET(XctxMask, XSTATE_CONTEXT, Mask),
+OFFSET(XctxLength, XSTATE_CONTEXT, Length),
+OFFSET(XctxArea, XSTATE_CONTEXT, Area),
+
+HEADER("XSAVE_AREA offsets"),
+OFFSET(XsaHeader, XSAVE_AREA, Header),
+SIZE(XsaHeaderLength, XSAVE_AREA_HEADER),
+//CONSTANTX(XSAVE_ALIGN, _alignof(XSAVE_AREA)),
+
+HEADER("Data access macros"),
+RAW("#define USERDATA ds:[HEX(0FFDF0000)]"),
+RAW("#define PCR fs:"),
+
+#if (NTDDI_VERSION >= NTDDI_VISTA)
+HEADER("KNODE offsets"),
+OFFSET(NdIdleCpuSet, KNODE, IdleCpuSet),
+#endif
+
+//HEADER("ETW definitions for interrupt tracing"),
+//SIZE(EtwTSLength, ???, TSLength),
+
+//HEADER("WOW64 shared information block definitions"),
+//OFFSET(PwWow64Info, ???, IdleCpuSet),
+//OFFSET(WiCpuFlags, ???, IdleCpuSet),
+//CONSTANT(WOW64_CPUFLAGS_SOFTWARE),
+
+
+/// Unknown stuff:
+
+CONSTANT(NPX_STATE_NOT_LOADED),
+CONSTANT(NPX_STATE_LOADED),
+//CONSTANT(NPX_MASK_LAZY),
+
+// ReactOS stuff here
+HEADER("KPCR"),
+OFFSET(KPCR_EXCEPTION_LIST, KPCR, NtTib.ExceptionList),
+OFFSET(KPCR_PERF_GLOBAL_GROUP_MASK, KIPCR, PerfGlobalGroupMask),
+OFFSET(KPCR_CONTEXT_SWITCHES, KPCR, ContextSwitches),
+OFFSET(KPCR_TEB, KIPCR, Used_Self),
+OFFSET(KPCR_SELF, KIPCR, Self),
+OFFSET(KPCR_PRCB, KPCR, Prcb),
+OFFSET(KPCR_IDT, KIPCR, IDT),
+OFFSET(KPCR_GDT, KIPCR, GDT),
+OFFSET(KPCR_TSS, KPCR, TSS),
+OFFSET(KPCR_STALL_SCALE_FACTOR, KPCR, StallScaleFactor),
+OFFSET(KPCR_PRCB_DATA, KIPCR, PrcbData),
+OFFSET(KPCR_CURRENT_THREAD, KIPCR, PrcbData.CurrentThread),
+OFFSET(KPCR_PRCB_NEXT_THREAD, KIPCR, PrcbData.NextThread),
+OFFSET(KPCR_PRCB_DPC_QUEUE_DEPTH, KIPCR, PrcbData.DpcData[0].DpcQueueDepth),
+OFFSET(KPCR_PRCB_DPC_STACK, KIPCR, PrcbData.DpcStack),
+OFFSET(KPCR_PRCB_MAXIMUM_DPC_QUEUE_DEPTH, KIPCR, PrcbData.MaximumDpcQueueDepth),
+OFFSET(KPCR_PRCB_DPC_ROUTINE_ACTIVE, KIPCR, PrcbData.DpcRoutineActive),
+OFFSET(KPCR_PRCB_TIMER_REQUEST, KIPCR, PrcbData.TimerRequest),
+OFFSET(KPCR_PRCB_QUANTUM_END, KIPCR, PrcbData.QuantumEnd),
+OFFSET(KPCR_PRCB_DEFERRED_READY_LIST_HEAD, KIPCR, PrcbData.DeferredReadyListHead),
+OFFSET(KPCR_PRCB_POWER_STATE_IDLE_FUNCTION, KIPCR, PrcbData.PowerState.IdleFunction),
+
+HEADER("KTRAP_FRAME"),
+OFFSET(KTRAP_FRAME_DEBUGEBP, KTRAP_FRAME, DbgEbp),
+OFFSET(KTRAP_FRAME_DEBUGEIP, KTRAP_FRAME, DbgEip),
+OFFSET(KTRAP_FRAME_TEMPESP, KTRAP_FRAME, TempEsp),
+OFFSET(KTRAP_FRAME_DR0, KTRAP_FRAME, Dr0),
+OFFSET(KTRAP_FRAME_DR1, KTRAP_FRAME, Dr1),
+OFFSET(KTRAP_FRAME_DR2, KTRAP_FRAME, Dr2),
+OFFSET(KTRAP_FRAME_DR3, KTRAP_FRAME, Dr3),
+OFFSET(KTRAP_FRAME_DR6, KTRAP_FRAME, Dr6),
+OFFSET(KTRAP_FRAME_DR7, KTRAP_FRAME, Dr7),
+OFFSET(KTRAP_FRAME_GS, KTRAP_FRAME, SegGs),
+OFFSET(KTRAP_FRAME_ES, KTRAP_FRAME, SegEs),
+OFFSET(KTRAP_FRAME_DS, KTRAP_FRAME, SegDs),
+OFFSET(KTRAP_FRAME_EDX, KTRAP_FRAME, Edx),
+OFFSET(KTRAP_FRAME_ECX, KTRAP_FRAME, Ecx),
+OFFSET(KTRAP_FRAME_EAX, KTRAP_FRAME, Eax),
+OFFSET(KTRAP_FRAME_PREVIOUS_MODE, KTRAP_FRAME, PreviousPreviousMode),
+OFFSET(KTRAP_FRAME_EXCEPTION_LIST, KTRAP_FRAME, ExceptionList),
+OFFSET(KTRAP_FRAME_FS, KTRAP_FRAME, SegFs),
+OFFSET(KTRAP_FRAME_EDI, KTRAP_FRAME, Edi),
+OFFSET(KTRAP_FRAME_ESI, KTRAP_FRAME, Esi),
+OFFSET(KTRAP_FRAME_EBX, KTRAP_FRAME, Ebx),
+OFFSET(KTRAP_FRAME_EBP, KTRAP_FRAME, Ebp),
+OFFSET(KTRAP_FRAME_ERROR_CODE, KTRAP_FRAME, ErrCode),
+OFFSET(KTRAP_FRAME_EIP, KTRAP_FRAME, Eip),
+OFFSET(KTRAP_FRAME_EFLAGS, KTRAP_FRAME, EFlags),
+OFFSET(KTRAP_FRAME_ESP, KTRAP_FRAME, HardwareEsp),
+OFFSET(KTRAP_FRAME_SS, KTRAP_FRAME, HardwareSegSs),
+OFFSET(KTRAP_FRAME_V86_ES, KTRAP_FRAME, V86Es),
+OFFSET(KTRAP_FRAME_V86_DS, KTRAP_FRAME, V86Ds),
+OFFSET(KTRAP_FRAME_V86_FS, KTRAP_FRAME, V86Fs),
+OFFSET(KTRAP_FRAME_V86_GS, KTRAP_FRAME, V86Gs),
+SIZE(KTRAP_FRAME_SIZE, KTRAP_FRAME),
+
+HEADER("CONTEXT"),
+OFFSET(CONTEXT_FLAGS, CONTEXT, ContextFlags),
+OFFSET(CONTEXT_SEGGS, CONTEXT, SegGs),
+OFFSET(CONTEXT_SEGFS, CONTEXT, SegFs),
+OFFSET(CONTEXT_SEGES, CONTEXT, SegEs),
+OFFSET(CONTEXT_SEGDS, CONTEXT, SegDs),
+OFFSET(CONTEXT_EDI, CONTEXT, Edi),
+OFFSET(CONTEXT_ESI, CONTEXT, Esi),
+OFFSET(CONTEXT_EBX, CONTEXT, Ebx),
+OFFSET(CONTEXT_EDX, CONTEXT, Edx),
+OFFSET(CONTEXT_ECX, CONTEXT, Ecx),
+OFFSET(CONTEXT_EAX, CONTEXT, Eax),
+OFFSET(CONTEXT_EBP, CONTEXT, Ebp),
+OFFSET(CONTEXT_EIP, CONTEXT, Eip),
+OFFSET(CONTEXT_SEGCS, CONTEXT, SegCs),
+OFFSET(CONTEXT_EFLAGS, CONTEXT, EFlags),
+OFFSET(CONTEXT_ESP, CONTEXT, Esp),
+OFFSET(CONTEXT_SEGSS, CONTEXT, SegSs),
+SIZE(CONTEXT_FRAME_LENGTH, CONTEXT),
+
+HEADER("FIBER"),
+OFFSET(FIBER_PARAMETER, FIBER, FiberData),
+OFFSET(FIBER_EXCEPTION_LIST, FIBER, ExceptionList),
+OFFSET(FIBER_STACK_BASE, FIBER, StackBase),
+OFFSET(FIBER_STACK_LIMIT, FIBER, StackLimit),
+OFFSET(FIBER_DEALLOCATION_STACK, FIBER, DeallocationStack),
+OFFSET(FIBER_CONTEXT, FIBER, FiberContext),
+OFFSET(FIBER_CONTEXT_FLAGS, FIBER, FiberContext.ContextFlags),
+OFFSET(FIBER_CONTEXT_EAX, FIBER, FiberContext.Eax),
+OFFSET(FIBER_CONTEXT_EBX, FIBER, FiberContext.Ebx),
+OFFSET(FIBER_CONTEXT_ECX, FIBER, FiberContext.Ecx),
+OFFSET(FIBER_CONTEXT_EDX, FIBER, FiberContext.Edx),
+OFFSET(FIBER_CONTEXT_ESI, FIBER, FiberContext.Esi),
+OFFSET(FIBER_CONTEXT_EDI, FIBER, FiberContext.Edi),
+OFFSET(FIBER_CONTEXT_EBP, FIBER, FiberContext.Ebp),
+OFFSET(FIBER_CONTEXT_EIP, FIBER, FiberContext.Eip),
+OFFSET(FIBER_CONTEXT_ESP, FIBER, FiberContext.Esp),
+OFFSET(FIBER_CONTEXT_DR6, FIBER, FiberContext.Dr6),
+OFFSET(FIBER_CONTEXT_FLOAT_SAVE_CONTROL_WORD, FIBER, FiberContext.FloatSave.ControlWord),
+OFFSET(FIBER_CONTEXT_FLOAT_SAVE_STATUS_WORD, FIBER, FiberContext.FloatSave.StatusWord),
+OFFSET(FIBER_CONTEXT_FLOAT_SAVE_TAG_WORD, FIBER, FiberContext.FloatSave.TagWord),
+OFFSET(FIBER_GUARANTEED_STACK_BYTES, FIBER, GuaranteedStackBytes),
+OFFSET(FIBER_FLS_DATA, FIBER, FlsData),
+OFFSET(FIBER_ACTIVATION_CONTEXT_STACK, FIBER, ActivationContextStackPointer),
+
+HEADER("KTSS"),
+OFFSET(KTSS_IOMAPBASE, KTSS, IoMapBase),
+OFFSET(KTSS_ESP0, KTSS, Esp0),
+
+HEADER("EXCEPTION_RECORD"),
+OFFSET(EXCEPTION_RECORD_EXCEPTION_CODE, EXCEPTION_RECORD, ExceptionCode),
+OFFSET(EXCEPTION_RECORD_EXCEPTION_FLAGS, EXCEPTION_RECORD, ExceptionFlags),
+OFFSET(EXCEPTION_RECORD_EXCEPTION_RECORD, EXCEPTION_RECORD, ExceptionRecord),
+OFFSET(EXCEPTION_RECORD_EXCEPTION_ADDRESS, EXCEPTION_RECORD, ExceptionAddress),
+OFFSET(EXCEPTION_RECORD_NUMBER_PARAMETERS, EXCEPTION_RECORD, NumberParameters),
+OFFSET(EXCEPTION_RECORD_EXCEPTION_ADDRESS, EXCEPTION_RECORD, ExceptionAddress),
+SIZE(SIZEOF_EXCEPTION_RECORD, EXCEPTION_RECORD),
+CONSTANT(EXCEPTION_RECORD_LENGTH),
+
+HEADER("EXCEPTION_POINTERS"),
+OFFSET(EXCEPTION_POINTERS_EXCEPTION_RECORD, EXCEPTION_POINTERS, ExceptionRecord),
+OFFSET(EXCEPTION_POINTERS_CONTEXT_RECORD, EXCEPTION_POINTERS, ContextRecord),
+SIZE(SIZEOF_EXCEPTION_POINTERS, EXCEPTION_POINTERS),
+
+HEADER("KTHREAD"),
+OFFSET(KTHREAD_DEBUG_ACTIVE, KTHREAD, Header.DebugActive),
+OFFSET(KTHREAD_INITIAL_STACK, KTHREAD, InitialStack),
+OFFSET(KTHREAD_STACK_LIMIT, KTHREAD, StackLimit),
+OFFSET(KTHREAD_TEB, KTHREAD, Teb),
+OFFSET(KTHREAD_KERNEL_STACK, KTHREAD, KernelStack),
+OFFSET(KTHREAD_APCSTATE_PROCESS, KTHREAD, ApcState.Process),
+OFFSET(KTHREAD_PENDING_KERNEL_APC, KTHREAD, ApcState.KernelApcPending),
+OFFSET(KTHREAD_CONTEXT_SWITCHES, KTHREAD, ContextSwitches),
+OFFSET(KTHREAD_STATE_, KTHREAD, State),
+OFFSET(KTHREAD_NPX_STATE, KTHREAD, NpxState),
+OFFSET(KTHREAD_WAIT_IRQL, KTHREAD, WaitIrql),
+OFFSET(KTHREAD_WAIT_REASON, KTHREAD, WaitReason),
+OFFSET(KTHREAD_COMBINED_APC_DISABLE, KTHREAD, CombinedApcDisable),
+OFFSET(KTHREAD_SPECIAL_APC_DISABLE, KTHREAD, SpecialApcDisable),
+OFFSET(KTHREAD_LARGE_STACK, KTHREAD, LargeStack),
+OFFSET(KTHREAD_TRAP_FRAME, KTHREAD, TrapFrame),
+OFFSET(KTHREAD_CALLBACK_STACK, KTHREAD, CallbackStack),
+OFFSET(KTHREAD_APC_STATE_INDEX, KTHREAD, ApcStateIndex),
+OFFSET(KTHREAD_STACK_BASE, KTHREAD, StackBase),
+
+HEADER("KPROCESS"),
+OFFSET(KPROCESS_DIRECTORY_TABLE_BASE, KPROCESS, DirectoryTableBase),
+OFFSET(KPROCESS_LDT_DESCRIPTOR0, KPROCESS, LdtDescriptor),
+OFFSET(KPROCESS_LDT_DESCRIPTOR1, KPROCESS, LdtDescriptor.HighWord),
+OFFSET(KPROCESS_INT21_DESCRIPTOR0, KPROCESS, Int21Descriptor),
+OFFSET(KPROCESS_INT21_DESCRIPTOR1, KPROCESS, Int21Descriptor.Access),
+OFFSET(KPROCESS_IOPM_OFFSET, KPROCESS, IopmOffset),
+
+HEADER("TEB"),
+OFFSET(TEB_EXCEPTION_LIST, TEB, NtTib.ExceptionList),
+OFFSET(TEB_STACK_BASE, TEB, NtTib.StackBase),
+OFFSET(TEB_STACK_LIMIT, TEB, NtTib.StackLimit),
+OFFSET(TEB_FIBER_DATA, TEB, NtTib.FiberData),
+OFFSET(TEB_SELF, TEB, NtTib.Self),
+OFFSET(TEB_PEB, TEB, ProcessEnvironmentBlock),
+OFFSET(TEB_EXCEPTION_CODE, TEB, ExceptionCode),
+OFFSET(TEB_ACTIVATION_CONTEXT_STACK_POINTER, TEB, ActivationContextStackPointer),
+OFFSET(TEB_DEALLOCATION_STACK, TEB, DeallocationStack),
+OFFSET(TEB_GDI_BATCH_COUNT, TEB, GdiBatchCount),
+OFFSET(TEB_GUARANTEED_STACK_BYTES, TEB, GuaranteedStackBytes),
+OFFSET(TEB_FLS_DATA, TEB, FlsData),
+
+HEADER("PEB"),
+OFFSET(PEB_KERNEL_CALLBACK_TABLE, PEB, KernelCallbackTable),
+
+HEADER("Misc"),
+CONSTANT(NPX_FRAME_LENGTH),
+CONSTANT(FN_CR0_NPX_STATE),
+CONSTANT(FP_CONTROL_WORD),
+CONSTANT(FP_STATUS_WORD),
+CONSTANT(FP_TAG_WORD),
+CONSTANT(FP_DATA_SELECTOR),
+CONSTANT(CBSTACK_RESULT),
+CONSTANT(CBSTACK_RESULT_LENGTH),
+CONSTANT(CBSTACK_TRAP_FRAME),
+CONSTANT(CBSTACK_CALLBACK_STACK),
+SIZE(SIZEOF_FX_SAVE_AREA, FX_SAVE_AREA),
+CONSTANT(KUSER_SHARED_SYSCALL),
+CONSTANT(EXCEPTION_EXECUTE_HANDLER),
+CONSTANT(STATUS_CALLBACK_POP_STACK),
+CONSTANT(CONTEXT_ALIGNED_SIZE),
+CONSTANT(PROCESSOR_FEATURE_FXSR),
+CONSTANT(KUSER_SHARED_SYSCALL_RET),
+CONSTANT(USER_SHARED_DATA),
+CONSTANT(USER_SHARED_DATA_PROCESSOR_FEATURES),
+
--- a/sdk/include/asm/ksamd64.template.h
+++ b/sdk/include/asm/ksamd64.template.h
--- a/sdk/include/asm/ksarm.template.h
+++ b/sdk/include/asm/ksarm.template.h
@ -0,0 +1,565 @@
+
+RAW(""),
+RAW("#include <kxarm.h>"),
+RAW(""),
+
+HEADER("CPSR Values"),
+CONSTANT(CPSRM_USER),
+CONSTANT(CPSRM_FIQ),
+CONSTANT(CPSRM_INT),
+CONSTANT(CPSRM_SVC),
+CONSTANT(CPSRM_ABT),
+CONSTANT(CPSRM_UDF),
+CONSTANT(CPSRM_SYS),
+CONSTANT(CPSRM_MASK),
+CONSTANT(SYSCALL_PSR),
+
+CONSTANT(CPSRF_N), // 0x80000000
+CONSTANT(CPSRF_Z), // 0x40000000
+CONSTANT(CPSRF_C), // 0x20000000
+CONSTANT(CPSRF_V), // 0x10000000
+CONSTANT(CPSRF_Q), // 0x8000000
+CONSTANT(CPSR_IT_MASK), // 0x600fc00
+
+CONSTANT(FPSCRF_N), // 0x80000000
+CONSTANT(FPSCRF_Z), // 0x40000000
+CONSTANT(FPSCRF_C), // 0x20000000
+CONSTANT(FPSCRF_V), // 0x10000000
+CONSTANT(FPSCRF_QC), // 0x8000000
+
+CONSTANT(FPSCRM_AHP), // 0x4000000
+CONSTANT(FPSCRM_DN), // 0x2000000
+CONSTANT(FPSCRM_FZ), // 0x1000000
+CONSTANT(FPSCRM_RMODE_MASK), // 0xc00000
+CONSTANT(FPSCRM_RMODE_RN), // 0x0
+CONSTANT(FPSCRM_RMODE_RP), // 0x400000
+CONSTANT(FPSCRM_RMODE_RM), // 0x800000
+CONSTANT(FPSCRM_RMODE_RZ), // 0xc00000
+CONSTANT(FPSCRM_DEPRECATED), // 0x370000
+
+CONSTANT(FPSCR_IDE), // 0x8000
+CONSTANT(FPSCR_IXE), // 0x1000
+CONSTANT(FPSCR_UFE), // 0x800
+CONSTANT(FPSCR_OFE), // 0x400
+CONSTANT(FPSCR_DZE), // 0x200
+CONSTANT(FPSCR_IOE), // 0x100
+CONSTANT(FPSCR_IDC), // 0x80
+CONSTANT(FPSCR_IXC), // 0x10
+CONSTANT(FPSCR_UFC), // 0x8
+CONSTANT(FPSCR_OFC), // 0x4
+CONSTANT(FPSCR_DZC), // 0x2
+CONSTANT(FPSCR_IOC), // 0x1
+
+CONSTANT(CPSRC_INT), // 0x80
+CONSTANT(CPSRC_ABORT), // 0x100
+CONSTANT(CPSRC_THUMB), // 0x20
+
+CONSTANT(SWFS_PAGE_FAULT), // 0x10
+CONSTANT(SWFS_ALIGN_FAULT), // 0x20
+CONSTANT(SWFS_HWERR_FAULT), // 0x40
+CONSTANT(SWFS_DEBUG_FAULT), // 0x80
+CONSTANT(SWFS_EXECUTE), // 0x8
+CONSTANT(SWFS_WRITE), // 0x1
+
+CONSTANT(CP14_DBGDSCR_MOE_MASK), // 0x3c
+CONSTANT(CP14_DBGDSCR_MOE_SHIFT), // 0x2
+CONSTANT(CP14_DBGDSCR_MOE_HALT), // 0x0
+CONSTANT(CP14_DBGDSCR_MOE_BP), // 0x1
+CONSTANT(CP14_DBGDSCR_MOE_WPASYNC), // 0x2
+CONSTANT(CP14_DBGDSCR_MOE_BKPT), // 0x3
+CONSTANT(CP14_DBGDSCR_MOE_EXTERNAL), // 0x4
+CONSTANT(CP14_DBGDSCR_MOE_VECTOR), // 0x5
+CONSTANT(CP14_DBGDSCR_MOE_WPSYNC), // 0xa
+
+CONSTANT(CP15_PMCR_DP), // 0x20
+CONSTANT(CP15_PMCR_X), // 0x10
+CONSTANT(CP15_PMCR_CLKCNT_DIV), // 0x8
+CONSTANT(CP15_PMCR_CLKCNT_RST), // 0x4
+CONSTANT(CP15_PMCR_CNT_RST), // 0x2
+CONSTANT(CP15_PMCR_ENABLE), // 0x1
+
+HEADER("DebugService Control Types"),
+//CONSTANT(BREAKPOINT_HW_SYNCH_WATCH), // 0x6
+//CONSTANT(BREAKPOINT_HW_ASYNCH_WATCH), // 0x7
+//CONSTANT(BREAKPOINT_HW_BREAK), // 0x8
+
+// Handle table entry definition (FIXME: since win10, portable?)
+#if (NTDDI_VERSION >= NTDDI_WIN10)
+HEADER("Handle table entry definition"),
+#define EXHANDLE_TABLE_ENTRY_LOCK 0x1
+#define EXHANDLE_REFERENCE_SHIFT 0x1b
+#define EXHANDLE_REF_ACQUIRE_LOCK 0xffffffff
+#define EXHANDLE_REPLENISH_REFS 0x8
+#define EXHANDLE_CACHED_REFS 0x1f
+#endif
+
+HEADER("Other constants"),
+CONSTANT(PAGE_SHIFT),
+//CONSTANT(PTE_TOP),
+//CONSTANT(TRANSITION_ASID),
+CONSTANT(KI_EXCEPTION_INTERNAL), // 0x10000000
+//CONSTANT(KI_EXCEPTION_HARDWARE_ERROR), // 0x10000005
+
+HEADER("CONTEXT Offsets"),
+OFFSET(CxContextFlags, CONTEXT, ContextFlags), // 0x0
+OFFSET(CxR0, CONTEXT, R0), // 0x4
+OFFSET(CxR1, CONTEXT, R1), // 0x8
+OFFSET(CxR2, CONTEXT, R2), // 0xc
+OFFSET(CxR3, CONTEXT, R3), // 0x10
+OFFSET(CxR4, CONTEXT, R4), // 0x14
+OFFSET(CxR5, CONTEXT, R5), // 0x18
+OFFSET(CxR6, CONTEXT, R6), // 0x1c
+OFFSET(CxR7, CONTEXT, R7), // 0x20
+OFFSET(CxR8, CONTEXT, R8), // 0x24
+OFFSET(CxR9, CONTEXT, R9), // 0x28
+OFFSET(CxR10, CONTEXT, R10), // 0x2c
+OFFSET(CxR11, CONTEXT, R11), // 0x30
+OFFSET(CxR12, CONTEXT, R12), // 0x34
+OFFSET(CxSp, CONTEXT, Sp), // 0x38
+OFFSET(CxLr, CONTEXT, Lr), // 0x3c
+OFFSET(CxPc, CONTEXT, Pc), // 0x40
+OFFSET(CxCpsr, CONTEXT, Cpsr), // 0x44
+OFFSET(CxFpscr, CONTEXT, Fpscr), // 0x48
+OFFSET(CxQ, CONTEXT, Q), // 0x50
+OFFSET(CxD, CONTEXT, D), // 0x50
+OFFSET(CxS, CONTEXT, S), // 0x50
+OFFSET(CxD8, CONTEXT, D[8]), // 0x90
+OFFSET(CxBvr, CONTEXT, Bvr), // 0x150
+OFFSET(CxBcr, CONTEXT, Bcr), // 0x170
+OFFSET(CxWvr, CONTEXT, Wvr), // 0x190
+OFFSET(CxWcr, CONTEXT, Wcr), // 0x194
+SIZE(CONTEXT_FRAME_LENGTH, CONTEXT), // 0x1a0
+//CONSTANT(CONTEXT_ALIGN, __alignof(CONTEXT)),
+
+HEADER("_JUMP_BUFFER offsets"),
+OFFSET(JbFrame, _JUMP_BUFFER, Frame), // 0x0
+OFFSET(JbR4, _JUMP_BUFFER, R4), // 0x4
+OFFSET(JbR5, _JUMP_BUFFER, R5), // 0x8
+OFFSET(JbR6, _JUMP_BUFFER, R6), // 0xc
+OFFSET(JbR7, _JUMP_BUFFER, R7), // 0x10
+OFFSET(JbR8, _JUMP_BUFFER, R8), // 0x14
+OFFSET(JbR9, _JUMP_BUFFER, R9), // 0x18
+OFFSET(JbR10, _JUMP_BUFFER, R10), // 0x1c
+OFFSET(JbR11, _JUMP_BUFFER, R11), // 0x20
+OFFSET(JbSp, _JUMP_BUFFER, Sp), // 0x24
+OFFSET(JbPc, _JUMP_BUFFER, Pc), // 0x28
+OFFSET(JbFpscr, _JUMP_BUFFER, Fpscr), // 0x2c
+OFFSET(JbD, _JUMP_BUFFER, D), // 0x30
+
+HEADER("DISPATCHER_CONTEXT offsets"),
+OFFSET(DcControlPc, DISPATCHER_CONTEXT, ControlPc), // 0x0
+OFFSET(DcImageBase, DISPATCHER_CONTEXT, ImageBase), // 0x4
+OFFSET(DcFunctionEntry, DISPATCHER_CONTEXT, FunctionEntry), // 0x8
+OFFSET(DcEstablisherFrame, DISPATCHER_CONTEXT, EstablisherFrame), // 0xc
+OFFSET(DcTargetPc, DISPATCHER_CONTEXT, TargetPc), // 0x10
+OFFSET(DcContextRecord, DISPATCHER_CONTEXT, ContextRecord), // 0x14
+OFFSET(DcLanguageHandler, DISPATCHER_CONTEXT, LanguageHandler), // 0x18
+OFFSET(DcHandlerData, DISPATCHER_CONTEXT, HandlerData), // 0x1c
+OFFSET(DcHistoryTable, DISPATCHER_CONTEXT, HistoryTable), // 0x20
+OFFSET(DcScopeIndex, DISPATCHER_CONTEXT, ScopeIndex), // 0x24
+OFFSET(DcControlPcIsUnwound, DISPATCHER_CONTEXT, ControlPcIsUnwound), // 0x28
+OFFSET(DcNonVolatileRegisters, DISPATCHER_CONTEXT, NonVolatileRegisters), // 0x2c
+OFFSET(DcReserved, DISPATCHER_CONTEXT, Reserved), // 0x30
+
+HEADER("Trap Frame offsets"),
+OFFSET(TrArg3, KTRAP_FRAME, Arg3), // 0x0
+OFFSET(TrFaultStatus, KTRAP_FRAME, FaultStatus), // 0x4
+OFFSET(TrFaultAddress, KTRAP_FRAME, FaultAddress), // 0x8
+OFFSET(TrTrapFrame, KTRAP_FRAME, TrapFrame), // 0x8
+OFFSET(TrReserved, KTRAP_FRAME, Reserved), // 0xc
+OFFSET(TrExceptionActive, KTRAP_FRAME, ExceptionActive), // 0x10
+OFFSET(TrPreviousMode, KTRAP_FRAME, PreviousMode), // 0x13
+OFFSET(TrDebugRegistersValid, KTRAP_FRAME, DebugRegistersValid), // 0x12
+OFFSET(TrBvr, KTRAP_FRAME, Bvr), // 0x18
+OFFSET(TrBcr, KTRAP_FRAME, Bcr), // 0x38
+OFFSET(TrWvr, KTRAP_FRAME, Wvr), // 0x58
+OFFSET(TrWcr, KTRAP_FRAME, Wcr), // 0x5c
+OFFSET(TrVfpState, KTRAP_FRAME, VfpState), // 0x14
+OFFSET(TrR0, KTRAP_FRAME, R0), // 0x60
+OFFSET(TrR1, KTRAP_FRAME, R1), // 0x64
+OFFSET(TrR2, KTRAP_FRAME, R2), // 0x68
+OFFSET(TrR3, KTRAP_FRAME, R3), // 0x6c
+OFFSET(TrR12, KTRAP_FRAME, R12), // 0x70
+OFFSET(TrSp, KTRAP_FRAME, Sp), // 0x74
+OFFSET(TrLr, KTRAP_FRAME, Lr), // 0x78
+OFFSET(TrR11, KTRAP_FRAME, R11), // 0x7c
+OFFSET(TrPc, KTRAP_FRAME, Pc), // 0x80
+OFFSET(TrCpsr, KTRAP_FRAME, Cpsr), // 0x84
+SIZE(KTRAP_FRAME_LENGTH, KTRAP_FRAME), // 0x88
+
+HEADER("KEXCEPTION_FRAME offsets"),
+OFFSET(ExParam5, KEXCEPTION_FRAME, Param5), // 0x0
+OFFSET(ExTrapFrame, KEXCEPTION_FRAME, TrapFrame), // 0x4
+OFFSET(ExR4, KEXCEPTION_FRAME, R4), // 0x14
+OFFSET(ExR5, KEXCEPTION_FRAME, R5), // 0x18
+OFFSET(ExR6, KEXCEPTION_FRAME, R6), // 0x1c
+OFFSET(ExR7, KEXCEPTION_FRAME, R7), // 0x20
+OFFSET(ExR8, KEXCEPTION_FRAME, R8), // 0x24
+OFFSET(ExR9, KEXCEPTION_FRAME, R9), // 0x28
+OFFSET(ExR10, KEXCEPTION_FRAME, R10), // 0x2c
+OFFSET(ExR11, KEXCEPTION_FRAME, R11), // 0x30
+OFFSET(ExReturn, KEXCEPTION_FRAME, Return), // 0x34
+SIZE(KEXCEPTION_FRAME_LENGTH, KEXCEPTION_FRAME), // 0x38
+
+HEADER("KSPECIAL_REGISTERS offsets"),
+OFFSET(KsCp15_Cr13_UsrRW, KSPECIAL_REGISTERS, Cp15_Cr13_UsrRW), // 0x1c
+OFFSET(KsCp15_Cr13_UsrRO, KSPECIAL_REGISTERS, Cp15_Cr13_UsrRO), // 0x20
+OFFSET(KsCp15_Cr13_SvcRW, KSPECIAL_REGISTERS, Cp15_Cr13_SvcRW), // 0x24
+OFFSET(KsKernelBvr, KSPECIAL_REGISTERS, KernelBvr), // 0x28
+OFFSET(KsKernelBcr, KSPECIAL_REGISTERS, KernelBcr), // 0x48
+OFFSET(KsKernelWcr, KSPECIAL_REGISTERS, KernelWcr), // 0x6c
+OFFSET(KsFpexc, KSPECIAL_REGISTERS, Fpexc), // 0x70
+OFFSET(KsFpinst, KSPECIAL_REGISTERS, Fpinst), // 0x74
+OFFSET(KsFpinst2, KSPECIAL_REGISTERS, Fpinst2), // 0x78
+OFFSET(KsUserSp, KSPECIAL_REGISTERS, UserSp), // 0x7c
+OFFSET(KsUserLr, KSPECIAL_REGISTERS, UserLr), // 0x80
+OFFSET(KsAbortSp, KSPECIAL_REGISTERS, AbortSp), // 0x84
+OFFSET(KsAbortLr, KSPECIAL_REGISTERS, AbortLr), // 0x88
+OFFSET(KsAbortSpsr, KSPECIAL_REGISTERS, AbortSpsr), // 0x8c
+OFFSET(KsUdfSp, KSPECIAL_REGISTERS, UdfSp), // 0x90
+OFFSET(KsUdfLr, KSPECIAL_REGISTERS, UdfLr), // 0x94
+OFFSET(KsUdfSpsr, KSPECIAL_REGISTERS, UdfSpsr), // 0x98
+OFFSET(KsIrqSp, KSPECIAL_REGISTERS, IrqSp), // 0x9c
+OFFSET(KsIrqLr, KSPECIAL_REGISTERS, IrqLr), // 0xa0
+OFFSET(KsIrqSpsr, KSPECIAL_REGISTERS, IrqSpsr), // 0xa4
+
+HEADER("KPROCESSOR_STATE offsets"),
+OFFSET(PsSpecialRegisters, KPROCESSOR_STATE, SpecialRegisters), // 0x0
+OFFSET(PsUsrRW, KPROCESSOR_STATE, SpecialRegisters.Cp15_Cr13_UsrRW), // 0x1c
+OFFSET(PsUsrRO, KPROCESSOR_STATE, SpecialRegisters.Cp15_Cr13_UsrRO), // 0x20
+OFFSET(PsSvcRW, KPROCESSOR_STATE, SpecialRegisters.Cp15_Cr13_SvcRW), // 0x24
+OFFSET(PsArchState, KPROCESSOR_STATE, ArchState), // 0xa8
+OFFSET(PsCpuid, KPROCESSOR_STATE, ArchState.Cp15_Cr0_CpuId), // 0xa8
+OFFSET(PsControl, KPROCESSOR_STATE, ArchState.Cp15_Cr1_Control), // 0xac
+OFFSET(PsAuxControl, KPROCESSOR_STATE, ArchState.Cp15_Cr1_AuxControl), // 0xb0
+OFFSET(PsCpacr, KPROCESSOR_STATE, ArchState.Cp15_Cr1_Cpacr), // 0xb4
+OFFSET(PsTtbControl, KPROCESSOR_STATE, ArchState.Cp15_Cr2_TtbControl), // 0xb8
+OFFSET(PsTtb0, KPROCESSOR_STATE, ArchState.Cp15_Cr2_Ttb0), // 0xbc
+OFFSET(PsTtb1, KPROCESSOR_STATE, ArchState.Cp15_Cr2_Ttb1), // 0xc0
+OFFSET(PsDacr, KPROCESSOR_STATE, ArchState.Cp15_Cr3_Dacr), // 0xc4
+OFFSET(PsPrimaryMemoryRemap, KPROCESSOR_STATE, ArchState.Cp15_Cr10_PrimaryMemoryRemap), // 0x1ec
+OFFSET(PsNormalMemoryRemap, KPROCESSOR_STATE, ArchState.Cp15_Cr10_NormalMemoryRemap), // 0x1f0
+OFFSET(PsVBARns, KPROCESSOR_STATE, ArchState.Cp15_Cr12_VBARns), // 0x1f4
+OFFSET(PsAsid, KPROCESSOR_STATE, ArchState.Cp15_Cr13_ContextId), // 0x1f8
+OFFSET(PsContextId, KPROCESSOR_STATE, ArchState.Cp15_Cr13_ContextId), // 0x1f8
+OFFSET(PsContextFrame, KPROCESSOR_STATE, ContextFrame), // 0x200
+SIZE(ProcessorStateLength, KPROCESSOR_STATE), // 0x3a0
+
+HEADER("KARM_ARCH_STATE offsets"),
+OFFSET(AaCp15_Cr0_CpuId, KARM_ARCH_STATE, Cp15_Cr0_CpuId), // 0x0
+OFFSET(AaCp15_Cr1_Control, KARM_ARCH_STATE, Cp15_Cr1_Control), // 0x4
+OFFSET(AaCp15_Cr1_AuxControl, KARM_ARCH_STATE, Cp15_Cr1_AuxControl), // 0x8
+OFFSET(AaCp15_Cr1_Cpacr, KARM_ARCH_STATE, Cp15_Cr1_Cpacr), // 0xc
+OFFSET(AaCp15_Cr2_TtbControl, KARM_ARCH_STATE, Cp15_Cr2_TtbControl), // 0x10
+OFFSET(AaCp15_Cr2_Ttb0, KARM_ARCH_STATE, Cp15_Cr2_Ttb0), // 0x14
+OFFSET(AaCp15_Cr2_Ttb1, KARM_ARCH_STATE, Cp15_Cr2_Ttb1), // 0x18
+OFFSET(AaCp15_Cr3_Dacr, KARM_ARCH_STATE, Cp15_Cr3_Dacr), // 0x1c
+OFFSET(AaCp15_Cr5_Dfsr, KARM_ARCH_STATE, Cp15_Cr5_Dfsr), // 0x20
+OFFSET(AaCp15_Cr5_Ifsr, KARM_ARCH_STATE, Cp15_Cr5_Ifsr), // 0x24
+OFFSET(AaCp15_Cr6_Dfar, KARM_ARCH_STATE, Cp15_Cr6_Dfar), // 0x28
+OFFSET(AaCp15_Cr6_Ifar, KARM_ARCH_STATE, Cp15_Cr6_Ifar), // 0x2c
+OFFSET(AaCp15_Cr9_PmControl, KARM_ARCH_STATE, Cp15_Cr9_PmControl), // 0x30
+OFFSET(AaCp15_Cr9_PmCountEnableSet, KARM_ARCH_STATE, Cp15_Cr9_PmCountEnableSet), // 0x34
+OFFSET(AaCp15_Cr9_PmCycleCounter, KARM_ARCH_STATE, Cp15_Cr9_PmCycleCounter), // 0x38
+OFFSET(AaCp15_Cr9_PmEventCounter, KARM_ARCH_STATE, Cp15_Cr9_PmEventCounter), // 0x3c
+OFFSET(AaCp15_Cr9_PmEventType, KARM_ARCH_STATE, Cp15_Cr9_PmEventType), // 0xb8
+OFFSET(AaCp15_Cr9_PmInterruptSelect, KARM_ARCH_STATE, Cp15_Cr9_PmInterruptSelect), // 0x134
+OFFSET(AaCp15_Cr9_PmOverflowStatus, KARM_ARCH_STATE, Cp15_Cr9_PmOverflowStatus), // 0x138
+OFFSET(AaCp15_Cr9_PmSelect, KARM_ARCH_STATE, Cp15_Cr9_PmSelect), // 0x13c
+OFFSET(AaCp15_Cr9_PmUserEnable, KARM_ARCH_STATE, Cp15_Cr9_PmUserEnable), // 0x140
+OFFSET(AaCp15_Cr10_PrimaryMemoryRemap, KARM_ARCH_STATE, Cp15_Cr10_PrimaryMemoryRemap), // 0x144
+OFFSET(AaCp15_Cr10_NormalMemoryRemap, KARM_ARCH_STATE, Cp15_Cr10_NormalMemoryRemap), // 0x148
+OFFSET(AaCp15_Cr12_VBARns, KARM_ARCH_STATE, Cp15_Cr12_VBARns), // 0x14c
+OFFSET(AaCp15_Cr13_ContextId, KARM_ARCH_STATE, Cp15_Cr13_ContextId), // 0x150
+
+HEADER("KSTART_FRAME offsets"),
+OFFSET(SfR0, KSTART_FRAME, R0), // 0x0
+OFFSET(SfR1, KSTART_FRAME, R1), // 0x4
+OFFSET(SfR2, KSTART_FRAME, R2), // 0x8
+OFFSET(SfReturn, KSTART_FRAME, Return), // 0xc
+SIZE(KSTART_FRAME_LENGTH, KSTART_FRAME), // 0x10
+
+HEADER("KSWITCH_FRAME offsets"),
+OFFSET(SwApcBypass, KSWITCH_FRAME, ApcBypass), // 0x0
+OFFSET(SwR11, KSWITCH_FRAME, R11), // 0x8
+OFFSET(SwReturn, KSWITCH_FRAME, Return), // 0xc
+SIZE(KSWITCH_FRAME_LENGTH, KSWITCH_FRAME), // 0x10
+
+HEADER("MACHINE_FRAME offsets"),
+OFFSET(MfSp, MACHINE_FRAME, Sp), // 0x0
+OFFSET(MfPc, MACHINE_FRAME, Pc), // 0x4
+SIZE(MachineFrameLength, MACHINE_FRAME), // 0x8
+
+HEADER("KARM_VFP_STATE offsets"),
+OFFSET(VsLink, KARM_VFP_STATE, Link), // 0x0
+OFFSET(VsFpscr, KARM_VFP_STATE, Fpscr), // 0x4
+OFFSET(VsVfpD, KARM_VFP_STATE, VfpD), // 0x10
+OFFSET(VsVfpD8, KARM_VFP_STATE, VfpD[8]), // 0x50
+SIZE(VFP_STATE_LENGTH, KARM_VFP_STATE), // 0x110
+
+HEADER("KARM_MINI_STACK offsets"),
+OFFSET(MsPc, KARM_MINI_STACK, Pc), // 0x0
+OFFSET(MsCpsr, KARM_MINI_STACK, Cpsr), // 0x4
+OFFSET(MsR4, KARM_MINI_STACK, R4), // 0x8
+OFFSET(MsR5, KARM_MINI_STACK, R5), // 0xc
+OFFSET(MsR6, KARM_MINI_STACK, R6), // 0x10
+OFFSET(MsR7, KARM_MINI_STACK, R7), // 0x14
+OFFSET(MsReserved, KARM_MINI_STACK, Reserved), // 0x18
+SIZE(MiniStackLength, KARM_MINI_STACK), // 0x20
+
+HEADER("KPCR offsets"),
+OFFSET(PcSelf, KIPCR, Self), //  0xc
+OFFSET(PcCurrentPrcb, KIPCR, CurrentPrcb), // 0x10
+OFFSET(PcLockArray, KIPCR, LockArray), // 0x14
+OFFSET(PcTeb, KIPCR, Used_Self), // 0x18
+OFFSET(PcStallScaleFactor, KIPCR, StallScaleFactor), // 0x30
+OFFSET(PcHalReserved, KIPCR, HalReserved), // 0x84
+OFFSET(PcPrcb, KIPCR, Prcb), // 0x580
+OFFSET(PcIdleHalt, KIPCR, Prcb.IdleHalt), // 0x582
+OFFSET(PcCurrentThread, KIPCR, Prcb.CurrentThread), // 0x584
+OFFSET(PcNextThread, KIPCR, Prcb.NextThread), // 0x588
+OFFSET(PcIdleThread, KIPCR, Prcb.IdleThread), // 0x58c
+OFFSET(PcNestingLevel, KIPCR, Prcb.NestingLevel), // 0x590
+OFFSET(PcNumber, KIPCR, Prcb.Number), // 0x594
+OFFSET(PcPrcbLock, KIPCR, Prcb.PrcbLock), // 0x598
+OFFSET(PcGroupSetMember, KIPCR, Prcb.GroupSetMember), // 0x998
+OFFSET(PcFeatureBits, KIPCR, Prcb.FeatureBits), // 0xa8c
+OFFSET(PcDeferredReadyListHead, KIPCR, Prcb.DeferredReadyListHead), // 0xb84
+OFFSET(PcSystemCalls, KIPCR, Prcb.KeSystemCalls), // 0xbb0
+OFFSET(PcSpBase, KIPCR, Prcb.SpBase), // 0xc44
+OFFSET(PcDpcRoutineActive, KIPCR, Prcb.DpcRoutineActive), // 0xc5a
+OFFSET(PcInterruptCount, KIPCR, Prcb.InterruptCount), // 0xe80
+OFFSET(PcSkipTick, KIPCR, Prcb.SkipTick), // 0xe98
+OFFSET(PcDebuggerSavedIRQL, KIPCR, Prcb.DebuggerSavedIRQL), // 0xe99
+OFFSET(PcStartCycles, KIPCR, Prcb.StartCycles), // 0xec8
+OFFSET(PcCycleCounterHigh, KIPCR, Prcb.CycleCounterHigh), // 0xed8
+SIZE(ProcessorControlRegisterLength, KIPCR), // 0x5b80
+
+HEADER("KPRCB offsets"),
+OFFSET(PbIdleHalt, KPRCB, IdleHalt), // 0x2
+OFFSET(PbCurrentThread, KPRCB, CurrentThread), // 0x4
+OFFSET(PbNextThread, KPRCB, NextThread), // 0x8
+OFFSET(PbIdleThread, KPRCB, IdleThread), //  0xc
+OFFSET(PbNestingLevel, KPRCB, NestingLevel), // 0x10
+OFFSET(PbNumber, KPRCB, Number), // 0x14
+OFFSET(PbPrcbLock, KPRCB, PrcbLock), // 0x18
+OFFSET(PbPriorityState, KPRCB, PriorityState), // 0x1c
+OFFSET(PbProcessorState, KPRCB, ProcessorState), // 0x20
+OFFSET(PbHalReserved, KPRCB, HalReserved), // 0x3d0
+OFFSET(PbMinorVersion, KPRCB, MinorVersion), // 0x40c
+OFFSET(PbMajorVersion, KPRCB, MajorVersion), // 0x40e
+OFFSET(PbBuildType, KPRCB, BuildType), // 0x410
+OFFSET(PbCoresPerPhysicalProcessor, KPRCB, CoresPerPhysicalProcessor), // 0x412
+OFFSET(PbLogicalProcessorsPerCore, KPRCB, LogicalProcessorsPerCore), // 0x413
+OFFSET(PbGroup, KPRCB, Group), // 0x41c
+OFFSET(PbGroupIndex, KPRCB, GroupIndex), // 0x41d
+OFFSET(PbLockQueue, KPRCB, LockQueue), // 0x480
+OFFSET(PbProcessorVendorString, KPRCB, ProcessorVendorString), // 0x508
+OFFSET(PbFeatureBits, KPRCB, FeatureBits), // 0x50c
+OFFSET(PbPPLookasideList, KPRCB, PPLookasideList), // 0x580
+OFFSET(PbPacketBarrier, KPRCB, PacketBarrier), // 0x600
+OFFSET(PbDeferredReadyListHead, KPRCB, DeferredReadyListHead), // 0x604
+OFFSET(PbSystemCalls, KPRCB, KeSystemCalls), // 0x630
+OFFSET(PbContextSwitches, KPRCB, KeContextSwitches), // 0x634
+OFFSET(PbFastReadNoWait, KPRCB, CcFastReadNoWait), // 0x638
+OFFSET(PbFastReadWait, KPRCB, CcFastReadWait), // 0x63c
+OFFSET(PbFastReadNotPossible, KPRCB, CcFastReadNotPossible), // 0x640
+OFFSET(PbCopyReadNoWait, KPRCB, CcCopyReadNoWait), // 0x644
+OFFSET(PbCopyReadWait, KPRCB, CcCopyReadWait), // 0x648
+OFFSET(PbCopyReadNoWaitMiss, KPRCB, CcCopyReadNoWaitMiss), // 0x64c
+OFFSET(PbLookasideIrpFloat, KPRCB, LookasideIrpFloat), // 0x650
+OFFSET(PbReadOperationCount, KPRCB, IoReadOperationCount), // 0x654
+OFFSET(PbWriteOperationCount, KPRCB, IoWriteOperationCount), // 0x658
+OFFSET(PbOtherOperationCount, KPRCB, IoOtherOperationCount), // 0x65c
+OFFSET(PbReadTransferCount, KPRCB, IoReadTransferCount), // 0x660
+OFFSET(PbWriteTransferCount, KPRCB, IoWriteTransferCount), // 0x668
+OFFSET(PbOtherTransferCount, KPRCB, IoOtherTransferCount), // 0x670
+OFFSET(PbMailbox, KPRCB, Mailbox), // 0x680
+OFFSET(PbIpiFrozen, KPRCB, IpiFrozen), // 0x688
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+OFFSET(PbDpcList, KPRCB, DpcData[0].DpcList), // 0x690
+#else
+OFFSET(PbDpcListHead, KPRCB, DpcData[0].DpcListHead), // 0x690
+#endif
+OFFSET(PbDpcLock, KPRCB, DpcData[0].DpcLock), // 0x698
+OFFSET(PbDpcCount, KPRCB, DpcData[0].DpcCount), // 0x6a0
+OFFSET(PbDpcStack, KPRCB, DpcStack), // 0x6c0
+OFFSET(PbSpBase, KPRCB, SpBase), // 0x6c4
+OFFSET(PbMaximumDpcQueueDepth, KPRCB, MaximumDpcQueueDepth), // 0x6c8
+OFFSET(PbDpcRequestRate, KPRCB, DpcRequestRate), // 0x6cc
+OFFSET(PbMinimumDpcRate, KPRCB, MinimumDpcRate), // 0x6d0
+OFFSET(PbDpcLastCount, KPRCB, DpcLastCount), // 0x6d4
+OFFSET(PbQuantumEnd, KPRCB, QuantumEnd), // 0x6d9
+OFFSET(PbDpcRoutineActive, KPRCB, DpcRoutineActive), // 0x6da
+OFFSET(PbIdleSchedule, KPRCB, IdleSchedule), // 0x6db
+#if (NTDDI_VERSION >= NTDDI_WIN8)
+OFFSET(PbDpcRequestSummary, KPRCB, DpcRequestSummary), // 0x6dc
+OFFSET(PbNormalDpcState, KPRCB, NormalDpcState), // 0x6dc
+OFFSET(PbDpcGate, KPRCB, DpcGate), // 0x700
+#else
+OFFSET(PbDpcSetEventRequest, KPRCB, DpcSetEventRequest), // 0x700
+OFFSET(PbDpcEvent, KPRCB, DpcEvent), // 0x700
+#endif
+OFFSET(PbKeSpinLockOrdering, KPRCB, KeSpinLockOrdering), // 0x744
+OFFSET(PbWaitListHead, KPRCB, WaitListHead), // 0x780
+OFFSET(PbDispatcherReadyListHead, KPRCB, DispatcherReadyListHead), // 0x800
+OFFSET(PbInterruptCount, KPRCB, InterruptCount), // 0x900
+OFFSET(PbKernelTime, KPRCB, KernelTime), // 0x904
+OFFSET(PbUserTime, KPRCB, UserTime), // 0x908
+OFFSET(PbDpcTime, KPRCB, DpcTime), // 0x90c
+OFFSET(PbInterruptTime, KPRCB, InterruptTime), // 0x910
+OFFSET(PbAdjustDpcThreshold, KPRCB, AdjustDpcThreshold), // 0x914
+OFFSET(PbExceptionDispatchCount, KPRCB, KeExceptionDispatchCount), // 0x934
+OFFSET(PbParentNode, KPRCB, ParentNode), // 0x938
+OFFSET(PbStartCycles, KPRCB, StartCycles), // 0x948
+OFFSET(PbCycleCounterHigh, KPRCB, CycleCounterHigh), // 0x958
+#if (NTDDI_VERSION >= NTDDI_WIN8)
+OFFSET(PbEntropyCount, KPRCB, EntropyTimingState.EntropyCount), // 0x960
+OFFSET(PbEntropyBuffer, KPRCB, EntropyTimingState.Buffer), // 0x964
+#endif /* (NTDDI_VERSION >= NTDDI_WIN8) */
+OFFSET(PbPageColor, KPRCB, PageColor), // 0xa8c
+OFFSET(PbNodeColor, KPRCB, NodeColor), // 0xa90
+OFFSET(PbNodeShiftedColor, KPRCB, NodeShiftedColor), // 0xa94
+OFFSET(PbSecondaryColorMask, KPRCB, SecondaryColorMask), // 0xa98
+OFFSET(PbCycleTime, KPRCB, CycleTime), // 0xaa0
+OFFSET(PbCcFastMdlReadNoWait, KPRCB, CcFastMdlReadNoWait), // 0xb00
+OFFSET(PbPowerState, KPRCB, PowerState), // 0xb80
+OFFSET(PbAlignmentFixupCount, KPRCB, KeAlignmentFixupCount), // 0xd14
+OFFSET(PbSpinLockAcquireCount, KPRCB, SynchCounters.SpinLockAcquireCount), // 0xe80
+OFFSET(PbFiqMiniStack, KPRCB, FiqMiniStack), // 0xf50
+OFFSET(PbIrqMiniStack, KPRCB, IrqMiniStack), // 0xf70
+OFFSET(PbUdfMiniStack, KPRCB, UdfMiniStack), // 0xf90
+OFFSET(PbAbtMiniStack, KPRCB, AbtMiniStack), // 0xfb0
+OFFSET(PbPanicMiniStack, KPRCB, PanicMiniStack), // 0xfd0
+OFFSET(PbPanicStackBase, KPRCB, PanicStackBase), // 0xff0
+OFFSET(PbPPNPagedLookasideList, KPRCB, PPNPagedLookasideList), // 0x3200
+OFFSET(PbPPPagedLookasideList, KPRCB, PPPagedLookasideList), // 0x3b00
+//OFFSET(PbRequestMailbox, KPRCB, RequestMailbox), // 0x4600
+
+HEADER("UCALLOUT_FRAME offsets (yes, Cu/Ck is confusing...)"),
+OFFSET(CkBuffer, UCALLOUT_FRAME, Buffer),
+OFFSET(CkLength, UCALLOUT_FRAME, Length),
+OFFSET(CkApiNumber, UCALLOUT_FRAME, ApiNumber),
+OFFSET(CkPc, UCALLOUT_FRAME, MachineFrame.Pc),
+OFFSET(CkSp, UCALLOUT_FRAME, MachineFrame.Sp),
+SIZE(CalloutFrameLength, UCALLOUT_FRAME),
+
+HEADER("KCALLOUT_FRAME offsets (yes, Cu/Ck is confusing...)"),
+OFFSET(CuTrapFrame, KCALLOUT_FRAME, TrapFrame),
+OFFSET(CuOutputBuffer, KCALLOUT_FRAME, OutputBuffer),
+OFFSET(CuOutputLength, KCALLOUT_FRAME, OutputLength),
+
+// Processor Idle Times Offset Definitions
+//#define PiStartTime 0x0
+//#define PiEndTime 0x8
+
+//#define DBGDSCR_MON_EN_BIT 0x8000
+//#define KF_VFP_32REG 0x10
+//#define KI_SPINLOCK_ORDER_PRCB_LOCK 0x40
+//#define THREAD_FLAGS_CYCLE_PROFILING 0x1
+//#define THREAD_FLAGS_CYCLE_PROFILING_LOCK_BIT 0x10
+//#define THREAD_FLAGS_CYCLE_PROFILING_LOCK 0x10000
+//#define THREAD_FLAGS_COUNTER_PROFILING 0x2
+//#define THREAD_FLAGS_COUNTER_PROFILING_LOCK_BIT 0x11
+//#define THREAD_FLAGS_COUNTER_PROFILING_LOCK 0x20000
+//#define THREAD_FLAGS_GROUP_SCHEDULING 0x4
+//#define THREAD_FLAGS_AFFINITY_SET 0x8
+//#define THREAD_FLAGS_ACCOUNTING_CSWITCH 0x6
+//#define THREAD_FLAGS_ACCOUNTING_ANY 0xe
+//#define KTHREAD_AUTO_ALIGNMENT_BIT 0x0
+//#define KTHREAD_GUI_THREAD_MASK 0x40
+//#define KTHREAD_SYSTEM_THREAD_BIT 0xb
+//#define KTHREAD_QUEUE_DEFER_PREEMPTION_BIT 0xa
+//#define DEBUG_ACTIVE_DBG 0x1
+//#define DEBUG_ACTIVE_DBG_INSTRUMENTED 0x3
+//#define DEBUG_ACTIVE_INSTRUMENTED 0x2
+//CONSTANT(DEBUG_ACTIVE_MINIMAL_THREAD),
+
+//#define ARM_VFP_MANAGEMENT 0x1
+//#define ARM_VFP_ENABLE_STATISTICS 0x0
+//#define ARM_VFP_ALWAYSON 0x0
+//#define ARM_VFP_LAZY_ONEWAY 0x1
+//#define ARM_VFP_LAZY_WITH_DEMOTION 0x2
+#define TRAP_TYPE_INTERRUPT 0x1
+#define TRAP_TYPE_SYSCALL 0x2
+#define TRAP_TYPE_UNDEFINED 0x3
+#define TRAP_TYPE_DATA_ABORT 0x4
+#define TRAP_TYPE_PREFETCH_ABORT 0x5
+#define TRAP_TYPE_RESET 0x6
+#define TRAP_TYPE_FIQ 0x7
+#define THUMB_BREAKPOINT 0xdefe
+#define THUMB_DEBUG_SERVICE 0xdefd
+#define THUMB_ASSERT 0xdefc
+#define THUMB_FASTFAIL 0xdefb
+#define THUMB_READ_CYCLES 0xdefa
+#define THUMB_DIVIDE_BY_0 0xdef9
+#define ARM_EXCEPTION_VECTOR 0xffff0000 // obsolete in win10
+#define KI_DPC_INTERRUPT_FLAGS 0x2f // amd64 as well
+#define KI_EXCEPTION_HARDWARE_ERROR 0x10000005
+#define KTRAP_FRAME_ARGUMENTS 0x38
+#define ARM_RED_ZONE_BYTES 0x8
+CONSTANT(PF_ARM_EXTERNAL_CACHE_AVAILABLE),
+#define FAST_FAIL_DEPRECATED_SERVICE_INVOKED 0x1b // since win10
+
+#define CP14_DBGBCR_MISMATCH_BIT 0x400000
+#define CP14_DBGBCR_ENABLE_BIT 0x1
+
+#define CP15_CPACR_D32DIS 0x80000000
+#define CP15_CPACR_ASEDIS 0x40000000
+#define CP15_CPACR_VFP_MASK 0xf00000
+#define CPVFP_FPEXC_EX 0x80000000
+#define CPVFP_FPEXC_EN 0x40000000
+#define CPVFP_FPEXC_DEX 0x20000000
+#define CPVFP_FPEXC_FP2V 0x10000000
+
+#define CP15_CR0_HARVARD_CACHE 0x1000000
+#define CP15_xFSR_FS_HIGH 0x400
+#define CP15_xFSR_FS_LOW 0xf
+#define CP15_DFSR_WnR 0x800
+
+#define CP15_SCTLR_I 0x1000
+#define CP15_SCTLR_C 0x4
+#define CP15_SCTLR_M 0x1
+#define CP15_SCTLR_Z 0x800
+#define CP15_SCTLR_TR 0x10000000 // obsolete in win10
+#define CP15_THREAD_RESERVED_MASK 0x3f
+
+// Processor Start Block Offset Definitions
+#define PsbSelfMap 0x0
+#define PsbTiledTtb0 0x4
+#define ProcessorStartBlockLength 0x8
+
+// Processor Parked Page Offset Definitions
+#define PppArchitecturalStateVirtualAddress 0x10
+#define PppArchitecturalState 0x18
+#define PppDcacheFlushSavedRegisters 0x3b8 // obsolete in win10
+#define ProcessorParkedPageLength 0x1000
+
+#define TlThread 0x0
+#define TlCpuNumber 0x4
+#define TlTrapType 0x5
+#define TlPadding 0x6
+#define TlR0 0x8
+#define TlR1 0xc
+#define TlR2 0x10
+#define TlR3 0x14
+#define TlR12 0x18
+#define TlSp 0x1c
+#define TlLr 0x20
+#define TlR11 0x24
+#define TlPc 0x28
+#define TlCpsr 0x2c
+
+// DPC stack
+#define DpSp 0x8
+#define DpPc 0xc
+
+// also amd64
+#define KEXCEPTION_ACTIVE_INTERRUPT_FRAME 0x0
+#define KEXCEPTION_ACTIVE_EXCEPTION_FRAME 0x1
+#define KEXCEPTION_ACTIVE_SERVICE_FRAME 0x2
+
+
+
+
+
--- a/sdk/include/asm/ksx.template.h
+++ b/sdk/include/asm/ksx.template.h
@ -0,0 +1,915 @@
+
+
+HEADER("Pointer size"),
+SIZE(SizeofPointer, PVOID),
+
+HEADER("Bug Check Codes"),
+CONSTANT(APC_INDEX_MISMATCH),
+CONSTANT(INVALID_AFFINITY_SET),
+CONSTANT(INVALID_DATA_ACCESS_TRAP),
+CONSTANT(IRQL_NOT_GREATER_OR_EQUAL),
+CONSTANT(IRQL_NOT_LESS_OR_EQUAL), // 0x0a
+CONSTANT(NO_USER_MODE_CONTEXT), // 0x0e
+CONSTANT(SPIN_LOCK_ALREADY_OWNED), // 0x0f
+CONSTANT(SPIN_LOCK_NOT_OWNED), // 0x10
+CONSTANT(THREAD_NOT_MUTEX_OWNER), // 0x11
+CONSTANT(TRAP_CAUSE_UNKNOWN), // 0x12
+CONSTANT(KMODE_EXCEPTION_NOT_HANDLED), // 0x1e
+CONSTANT(KERNEL_APC_PENDING_DURING_EXIT), // 0x20
+CONSTANT(PANIC_STACK_SWITCH), // 0x2b
+CONSTANT(DATA_BUS_ERROR), // 0x2e
+CONSTANT(INSTRUCTION_BUS_ERROR), // 0x2f
+CONSTANT(SYSTEM_EXIT_OWNED_MUTEX), // 0x39
+//CONSTANT(SYSTEM_UNWIND_PREVIOUS_USER), // 0x3a
+//CONSTANT(SYSTEM_SERVICE_EXCEPTION), // 0x3b
+//CONSTANT(INTERRUPT_UNWIND_ATTEMPTED), // 0x3c
+//CONSTANT(INTERRUPT_EXCEPTION_NOT_HANDLED), // 0x3d
+CONSTANT(PAGE_FAULT_WITH_INTERRUPTS_OFF), // 0x49
+CONSTANT(IRQL_GT_ZERO_AT_SYSTEM_SERVICE), // 0x4a
+CONSTANT(DATA_COHERENCY_EXCEPTION), // 0x55
+CONSTANT(INSTRUCTION_COHERENCY_EXCEPTION), // 0x56
+CONSTANT(HAL1_INITIALIZATION_FAILED), // 0x61
+CONSTANT(UNEXPECTED_KERNEL_MODE_TRAP), // 0x7f
+CONSTANT(NMI_HARDWARE_FAILURE), // 0x80
+CONSTANT(SPIN_LOCK_INIT_FAILURE), // 0x81
+CONSTANT(ATTEMPTED_SWITCH_FROM_DPC), // 0xb8
+//CONSTANT(MUTEX_ALREADY_OWNED), // 0xbf
+//CONSTANT(HARDWARE_INTERRUPT_STORM), // 0xf2
+//CONSTANT(RECURSIVE_MACHINE_CHECK), // 0xfb
+//CONSTANT(RECURSIVE_NMI), // 0x111
+CONSTANT(KERNEL_SECURITY_CHECK_FAILURE), // 0x139
+//CONSTANT(UNSUPPORTED_INSTRUCTION_MODE), // 0x151
+//CONSTANT(BUGCHECK_CONTEXT_MODIFIER), // 0x80000000
+
+HEADER("Breakpoints"),
+CONSTANT(BREAKPOINT_BREAK),
+CONSTANT(BREAKPOINT_PRINT),
+CONSTANT(BREAKPOINT_PROMPT),
+CONSTANT(BREAKPOINT_LOAD_SYMBOLS),
+CONSTANT(BREAKPOINT_UNLOAD_SYMBOLS),
+CONSTANT(BREAKPOINT_COMMAND_STRING),
+
+HEADER("Context Frame Flags"),
+CONSTANT(CONTEXT_FULL),
+CONSTANT(CONTEXT_CONTROL),
+CONSTANT(CONTEXT_INTEGER),
+CONSTANT(CONTEXT_FLOATING_POINT),
+CONSTANT(CONTEXT_DEBUG_REGISTERS),
+#if defined(_M_IX86) || defined(_M_AMD64)
+CONSTANT(CONTEXT_SEGMENTS),
+#endif
+
+HEADER("Exception flags"),
+CONSTANT(EXCEPTION_NONCONTINUABLE),
+CONSTANT(EXCEPTION_UNWINDING),
+CONSTANT(EXCEPTION_EXIT_UNWIND),
+CONSTANT(EXCEPTION_STACK_INVALID),
+CONSTANT(EXCEPTION_NESTED_CALL),
+CONSTANT(EXCEPTION_TARGET_UNWIND),
+CONSTANT(EXCEPTION_COLLIDED_UNWIND),
+CONSTANT(EXCEPTION_UNWIND),
+CONSTANT(EXCEPTION_EXECUTE_HANDLER),
+CONSTANT(EXCEPTION_CONTINUE_SEARCH),
+CONSTANT(EXCEPTION_CONTINUE_EXECUTION),
+#ifdef _X86_
+CONSTANT(EXCEPTION_CHAIN_END),
+//CONSTANT(FIXED_NTVDMSTATE_LINEAR), /// FIXME ???
+#endif
+
+HEADER("Exception types"),
+CONSTANT(ExceptionContinueExecution),
+CONSTANT(ExceptionContinueSearch),
+CONSTANT(ExceptionNestedException),
+CONSTANT(ExceptionCollidedUnwind),
+
+HEADER("Fast Fail Constants"),
+CONSTANT(FAST_FAIL_GUARD_ICALL_CHECK_FAILURE),
+//CONSTANT(FAST_FAIL_INVALID_BUFFER_ACCESS),
+#ifdef _M_ASM64
+CONSTANT(FAST_FAIL_INVALID_JUMP_BUFFER),
+CONSTANT(FAST_FAIL_INVALID_SET_OF_CONTEXT),
+#endif // _M_ASM64
+
+HEADER("Interrupt object types"),
+CONSTANTX(InLevelSensitive, LevelSensitive),
+CONSTANTX(InLatched, Latched),
+
+HEADER("IPI"),
+#ifndef _M_AMD64
+CONSTANT(IPI_APC),
+CONSTANT(IPI_DPC),
+CONSTANT(IPI_FREEZE),
+CONSTANT(IPI_PACKET_READY),
+#endif // _M_AMD64
+#ifdef _M_IX86
+CONSTANT(IPI_SYNCH_REQUEST),
+#endif // _M_IX86
+
+HEADER("IRQL"),
+CONSTANT(PASSIVE_LEVEL),
+CONSTANT(APC_LEVEL),
+CONSTANT(DISPATCH_LEVEL),
+#ifdef _M_AMD64
+CONSTANT(CLOCK_LEVEL),
+#elif defined(_M_IX86)
+CONSTANT(CLOCK1_LEVEL),
+CONSTANT(CLOCK2_LEVEL),
+#endif
+CONSTANT(IPI_LEVEL),
+CONSTANT(POWER_LEVEL),
+CONSTANT(PROFILE_LEVEL),
+CONSTANT(HIGH_LEVEL),
+RAW("#ifdef NT_UP"),
+{TYPE_CONSTANT, "SYNCH_LEVEL", DISPATCH_LEVEL},
+RAW("#else"),
+{TYPE_CONSTANT, "SYNCH_LEVEL", (IPI_LEVEL - 2)},
+RAW("#endif"),
+
+#if (NTDDI_VERSION >= NTDDI_VISTA)
+HEADER("Entropy Timing Constants"),
+CONSTANT(KENTROPY_TIMING_INTERRUPTS_PER_BUFFER),
+CONSTANT(KENTROPY_TIMING_BUFFER_MASK),
+CONSTANT(KENTROPY_TIMING_ANALYSIS),
+#endif
+
+HEADER("Lock Queue"),
+CONSTANT(LOCK_QUEUE_WAIT),
+CONSTANT(LOCK_QUEUE_OWNER),
+CONSTANT(LockQueueDispatcherLock), /// FIXE: obsolete
+
+//HEADER("Performance Definitions"),
+//CONSTANT(PERF_CONTEXTSWAP_OFFSET),
+//CONSTANT(PERF_CONTEXTSWAP_FLAG),
+//CONSTANT(PERF_INTERRUPT_OFFSET),
+//CONSTANT(PERF_INTERRUPT_FLAG),
+//CONSTANT(PERF_SYSCALL_OFFSET),
+//CONSTANT(PERF_SYSCALL_FLAG),
+#ifndef _M_ARM
+//CONSTANT(PERF_PROFILE_OFFSET), /// FIXE: obsolete
+//CONSTANT(PERF_PROFILE_FLAG), /// FIXE: obsolete
+//CONSTANT(PERF_SPINLOCK_OFFSET), /// FIXE: obsolete
+//CONSTANT(PERF_SPINLOCK_FLAG), /// FIXE: obsolete
+#endif
+#ifdef _M_IX86
+//CONSTANT(PERF_IPI_OFFSET), // 00008H
+//CONSTANT(PERF_IPI_FLAG), // 0400000H
+//CONSTANT(PERF_IPI), // 040400000H
+//CONSTANT(PERF_INTERRUPT), // 020004000H
+#endif
+//CONSTANT(NTOS_YIELD_MACRO),
+
+HEADER("Process states"),
+CONSTANT(ProcessInMemory),
+CONSTANT(ProcessOutOfMemory),
+CONSTANT(ProcessInTransition),
+
+HEADER("Processor mode"),
+CONSTANT(KernelMode),
+CONSTANT(UserMode),
+
+HEADER("Service Table Constants"),
+CONSTANT(NUMBER_SERVICE_TABLES),
+CONSTANT(SERVICE_NUMBER_MASK),
+CONSTANT(SERVICE_TABLE_SHIFT),
+CONSTANT(SERVICE_TABLE_MASK),
+CONSTANT(SERVICE_TABLE_TEST),
+
+HEADER("Status codes"),
+CONSTANT(STATUS_ACCESS_VIOLATION),
+CONSTANT(STATUS_ASSERTION_FAILURE),
+CONSTANT(STATUS_ARRAY_BOUNDS_EXCEEDED),
+CONSTANT(STATUS_BAD_COMPRESSION_BUFFER),
+CONSTANT(STATUS_BREAKPOINT),
+CONSTANT(STATUS_CALLBACK_POP_STACK),
+CONSTANT(STATUS_DATATYPE_MISALIGNMENT),
+CONSTANT(STATUS_FLOAT_DENORMAL_OPERAND),
+CONSTANT(STATUS_FLOAT_DIVIDE_BY_ZERO),
+CONSTANT(STATUS_FLOAT_INEXACT_RESULT),
+CONSTANT(STATUS_FLOAT_INVALID_OPERATION),
+CONSTANT(STATUS_FLOAT_OVERFLOW),
+CONSTANT(STATUS_FLOAT_STACK_CHECK),
+CONSTANT(STATUS_FLOAT_UNDERFLOW),
+CONSTANT(STATUS_FLOAT_MULTIPLE_FAULTS),
+CONSTANT(STATUS_FLOAT_MULTIPLE_TRAPS),
+CONSTANT(STATUS_GUARD_PAGE_VIOLATION),
+CONSTANT(STATUS_ILLEGAL_FLOAT_CONTEXT),
+CONSTANT(STATUS_ILLEGAL_INSTRUCTION),
+CONSTANT(STATUS_INSTRUCTION_MISALIGNMENT),
+CONSTANT(STATUS_INVALID_HANDLE),
+CONSTANT(STATUS_INVALID_LOCK_SEQUENCE),
+CONSTANT(STATUS_INVALID_OWNER),
+CONSTANT(STATUS_INVALID_PARAMETER),
+CONSTANT(STATUS_INVALID_PARAMETER_1),
+CONSTANT(STATUS_INVALID_SYSTEM_SERVICE),
+//CONSTANT(STATUS_INVALID_THREAD),
+CONSTANT(STATUS_INTEGER_DIVIDE_BY_ZERO),
+CONSTANT(STATUS_INTEGER_OVERFLOW),
+CONSTANT(STATUS_IN_PAGE_ERROR),
+CONSTANT(STATUS_KERNEL_APC),
+CONSTANT(STATUS_LONGJUMP),
+CONSTANT(STATUS_NO_CALLBACK_ACTIVE),
+#ifndef _M_ARM
+CONSTANT(STATUS_NO_EVENT_PAIR), /// FIXME: obsolete
+#endif
+CONSTANT(STATUS_PRIVILEGED_INSTRUCTION),
+CONSTANT(STATUS_SINGLE_STEP),
+CONSTANT(STATUS_STACK_BUFFER_OVERRUN),
+CONSTANT(STATUS_STACK_OVERFLOW),
+CONSTANT(STATUS_SUCCESS),
+CONSTANT(STATUS_THREAD_IS_TERMINATING),
+CONSTANT(STATUS_TIMEOUT),
+CONSTANT(STATUS_UNWIND),
+CONSTANT(STATUS_UNWIND_CONSOLIDATE),
+CONSTANT(STATUS_USER_APC),
+CONSTANT(STATUS_WAKE_SYSTEM),
+CONSTANT(STATUS_WAKE_SYSTEM_DEBUGGER),
+
+//HEADER("Thread flags"),
+//CONSTANT(THREAD_FLAGS_CYCLE_PROFILING),
+//CONSTANT(THREAD_FLAGS_CYCLE_PROFILING_LOCK_BIT),
+//CONSTANT(THREAD_FLAGS_CYCLE_PROFILING_LOCK),
+//CONSTANT(THREAD_FLAGS_COUNTER_PROFILING),
+//CONSTANT(THREAD_FLAGS_COUNTER_PROFILING_LOCK_BIT),
+//CONSTANT(THREAD_FLAGS_COUNTER_PROFILING_LOCK),
+//CONSTANT(THREAD_FLAGS_CPU_THROTTLED), /// FIXME: obsolete
+//CONSTANT(THREAD_FLAGS_CPU_THROTTLED_BIT), /// FIXME: obsolete
+//CONSTANT(THREAD_FLAGS_ACCOUNTING_CSWITCH),
+//CONSTANT(THREAD_FLAGS_ACCOUNTING_INTERRUPT),
+//CONSTANT(THREAD_FLAGS_ACCOUNTING_ANY),
+//CONSTANT(THREAD_FLAGS_GROUP_SCHEDULING),
+//CONSTANT(THREAD_FLAGS_AFFINITY_SET),
+#ifdef _M_IX86
+//CONSTANT(THREAD_FLAGS_INSTRUMENTED), // 0x0040
+//CONSTANT(THREAD_FLAGS_INSTRUMENTED_PROFILING), // 0x0041
+#endif // _M_IX86
+
+HEADER("TLS defines"),
+CONSTANT(TLS_MINIMUM_AVAILABLE),
+CONSTANT(TLS_EXPANSION_SLOTS),
+
+HEADER("Thread states"),
+CONSTANT(Initialized),
+CONSTANT(Ready),
+CONSTANT(Running),
+CONSTANT(Standby),
+CONSTANT(Terminated),
+CONSTANT(Waiting),
+#ifdef _M_ARM
+CONSTANT(Transition),
+CONSTANT(DeferredReady),
+//CONSTANT(GateWaitObsolete),
+#endif // _M_ARM
+
+HEADER("Wait type / reason"),
+CONSTANT(WrExecutive),
+CONSTANT(WrMutex), /// FIXME: Obsolete
+CONSTANT(WrDispatchInt),
+CONSTANT(WrQuantumEnd), /// FIXME: Obsolete
+CONSTANT(WrEventPair), /// FIXME: Obsolete
+CONSTANT(WaitAny),
+CONSTANT(WaitAll),
+
+HEADER("Stack sizes"),
+CONSTANT(KERNEL_STACK_SIZE), /// FIXME: Obsolete
+CONSTANT(KERNEL_LARGE_STACK_SIZE),
+CONSTANT(KERNEL_LARGE_STACK_COMMIT), /// FIXME: Obsolete
+//CONSTANT(DOUBLE_FAULT_STACK_SIZE),
+#ifdef _M_AMD64
+CONSTANT(KERNEL_MCA_EXCEPTION_STACK_SIZE),
+CONSTANT(NMI_STACK_SIZE),
+CONSTANT(ISR_STACK_SIZE),
+#endif
+
+//CONSTANT(KTHREAD_AUTO_ALIGNMENT_BIT),
+//CONSTANT(KTHREAD_GUI_THREAD_MASK),
+//CONSTANT(KTHREAD_SYSTEM_THREAD_BIT),
+//CONSTANT(KTHREAD_QUEUE_DEFER_PREEMPTION_BIT),
+
+HEADER("Miscellaneous Definitions"),
+CONSTANT(TRUE),
+CONSTANT(FALSE),
+CONSTANT(PAGE_SIZE),
+CONSTANT(Executive),
+//CONSTANT(BASE_PRIORITY_THRESHOLD),
+//CONSTANT(EVENT_PAIR_INCREMENT), /// FIXME: obsolete
+CONSTANT(LOW_REALTIME_PRIORITY),
+CONSTANT(CLOCK_QUANTUM_DECREMENT),
+//CONSTANT(READY_SKIP_QUANTUM),
+//CONSTANT(THREAD_QUANTUM),
+CONSTANT(WAIT_QUANTUM_DECREMENT),
+//CONSTANT(ROUND_TRIP_DECREMENT_COUNT),
+CONSTANT(MAXIMUM_PROCESSORS),
+CONSTANT(INITIAL_STALL_COUNT),
+//CONSTANT(EXCEPTION_EXECUTE_FAULT), // amd64
+//CONSTANT(KCACHE_ERRATA_MONITOR_FLAGS), // not arm
+//CONSTANT(KI_DPC_ALL_FLAGS),
+//CONSTANT(KI_DPC_ANY_DPC_ACTIVE),
+//CONSTANT(KI_DPC_INTERRUPT_FLAGS), // 0x2f arm and x64
+//CONSTANT(KI_EXCEPTION_GP_FAULT), // not i386
+//CONSTANT(KI_EXCEPTION_INVALID_OP), // not i386
+//CONSTANT(KI_EXCEPTION_INTEGER_DIVIDE_BY_ZERO), // amd64
+CONSTANT(KI_EXCEPTION_ACCESS_VIOLATION),
+//CONSTANT(KINTERRUPT_STATE_DISABLED_BIT),
+//CONSTANT(KINTERRUPT_STATE_DISABLED),
+//CONSTANT(TARGET_FREEZE), // amd64
+//CONSTANT(BlackHole), // FIXME: obsolete
+CONSTANT(DBG_STATUS_CONTROL_C),
+//CONSTANTPTR(USER_SHARED_DATA), // FIXME: we need the kernel mode address here!
+//CONSTANT(MM_SHARED_USER_DATA_VA),
+//CONSTANT(KERNEL_STACK_CONTROL_LARGE_STACK), // FIXME: obsolete
+//CONSTANT(DISPATCH_LENGTH), // FIXME: obsolete
+//CONSTANT(MAXIMUM_PRIMARY_VECTOR), // not arm
+//CONSTANT(KI_SLIST_FAULT_COUNT_MAXIMUM), // i386
+//CONSTANTUSER_CALLBACK_FILTER),
+
+#ifndef _M_ARM
+CONSTANT(MAXIMUM_IDTVECTOR),
+//CONSTANT(MAXIMUM_PRIMARY_VECTOR),
+CONSTANT(PRIMARY_VECTOR_BASE),
+CONSTANT(RPL_MASK),
+CONSTANT(MODE_MASK),
+//MODE_BIT equ 00000H amd64
+//LDT_MASK equ 00004H amd64
+#endif
+
+
+/* STRUCTURE OFFSETS *********************************************************/
+
+//HEADER("KAFFINITY_EX"),
+//OFFSET(AfCount, KAFFINITY_EX, Count),
+//OFFSET(AfBitmap, KAFFINITY_EX, Bitmap),
+
+//HEADER("Aligned Affinity"),
+//OFFSET(AfsCpuSet, ???, CpuSet), // FIXME: obsolete
+
+HEADER("KAPC"),
+OFFSET(ApType, KAPC, Type),
+OFFSET(ApSize, KAPC, Size),
+OFFSET(ApThread, KAPC, Thread),
+OFFSET(ApApcListEntry, KAPC, ApcListEntry),
+OFFSET(ApKernelRoutine, KAPC, KernelRoutine),
+OFFSET(ApRundownRoutine, KAPC, RundownRoutine),
+OFFSET(ApNormalRoutine, KAPC, NormalRoutine),
+OFFSET(ApNormalContext, KAPC, NormalContext),
+OFFSET(ApSystemArgument1, KAPC, SystemArgument1),
+OFFSET(ApSystemArgument2, KAPC, SystemArgument2),
+OFFSET(ApApcStateIndex, KAPC, ApcStateIndex),
+OFFSET(ApApcMode, KAPC, ApcMode),
+OFFSET(ApInserted, KAPC, Inserted),
+SIZE(ApcObjectLength, KAPC),
+
+HEADER("KAPC offsets (relative to NormalRoutine)"),
+RELOFFSET(ArNormalRoutine, KAPC, NormalRoutine, NormalRoutine),
+RELOFFSET(ArNormalContext, KAPC, NormalContext, NormalRoutine),
+RELOFFSET(ArSystemArgument1, KAPC, SystemArgument1, NormalRoutine),
+RELOFFSET(ArSystemArgument2, KAPC, SystemArgument2, NormalRoutine),
+CONSTANTX(ApcRecordLength, 4 * sizeof(PVOID)),
+
+HEADER("KAPC_STATE"),
+OFFSET(AsApcListHead, KAPC_STATE, ApcListHead),
+OFFSET(AsProcess, KAPC_STATE, Process),
+OFFSET(AsKernelApcInProgress, KAPC_STATE, KernelApcInProgress), // FIXME: obsolete
+OFFSET(AsKernelApcPending, KAPC_STATE, KernelApcPending),
+OFFSET(AsUserApcPending, KAPC_STATE, UserApcPending),
+
+HEADER("CLIENT_ID"),
+OFFSET(CidUniqueProcess, CLIENT_ID, UniqueProcess),
+OFFSET(CidUniqueThread, CLIENT_ID, UniqueThread),
+
+HEADER("RTL_CRITICAL_SECTION"),
+OFFSET(CsDebugInfo, RTL_CRITICAL_SECTION, DebugInfo),
+OFFSET(CsLockCount, RTL_CRITICAL_SECTION, LockCount),
+OFFSET(CsRecursionCount, RTL_CRITICAL_SECTION, RecursionCount),
+OFFSET(CsOwningThread, RTL_CRITICAL_SECTION, OwningThread),
+OFFSET(CsLockSemaphore, RTL_CRITICAL_SECTION, LockSemaphore),
+OFFSET(CsSpinCount, RTL_CRITICAL_SECTION, SpinCount),
+
+HEADER("RTL_CRITICAL_SECTION_DEBUG"),
+OFFSET(CsType, RTL_CRITICAL_SECTION_DEBUG, Type),
+OFFSET(CsCreatorBackTraceIndex, RTL_CRITICAL_SECTION_DEBUG, CreatorBackTraceIndex),
+OFFSET(CsCriticalSection, RTL_CRITICAL_SECTION_DEBUG, CriticalSection),
+OFFSET(CsProcessLocksList, RTL_CRITICAL_SECTION_DEBUG, ProcessLocksList),
+OFFSET(CsEntryCount, RTL_CRITICAL_SECTION_DEBUG, EntryCount),
+OFFSET(CsContentionCount, RTL_CRITICAL_SECTION_DEBUG, ContentionCount),
+
+HEADER("KDEVICE_QUEUE_ENTRY"),
+OFFSET(DeDeviceListEntry, KDEVICE_QUEUE_ENTRY, DeviceListEntry),
+OFFSET(DeSortKey, KDEVICE_QUEUE_ENTRY, SortKey),
+OFFSET(DeInserted, KDEVICE_QUEUE_ENTRY, Inserted),
+SIZE(DeviceQueueEntryLength, KDEVICE_QUEUE_ENTRY),
+
+HEADER("KDPC"),
+OFFSET(DpType, KDPC, Type),
+OFFSET(DpImportance, KDPC, Importance),
+OFFSET(DpNumber, KDPC, Number),
+OFFSET(DpDpcListEntry, KDPC, DpcListEntry),
+OFFSET(DpDeferredRoutine, KDPC, DeferredRoutine),
+OFFSET(DpDeferredContext, KDPC, DeferredContext),
+OFFSET(DpSystemArgument1, KDPC, SystemArgument1),
+OFFSET(DpSystemArgument2, KDPC, SystemArgument2),
+OFFSET(DpDpcData, KDPC, DpcData),
+SIZE(DpcObjectLength, KDPC),
+
+HEADER("KDEVICE_QUEUE"),
+OFFSET(DvType, KDEVICE_QUEUE, Type),
+OFFSET(DvSize, KDEVICE_QUEUE, Size),
+OFFSET(DvDeviceListHead, KDEVICE_QUEUE, DeviceListHead),
+OFFSET(DvSpinLock, KDEVICE_QUEUE, Lock),
+OFFSET(DvBusy, KDEVICE_QUEUE, Busy),
+SIZE(DeviceQueueObjectLength, KDEVICE_QUEUE),
+
+HEADER("EXCEPTION_RECORD"),
+OFFSET(ErExceptionCode, EXCEPTION_RECORD, ExceptionCode),
+OFFSET(ErExceptionFlags, EXCEPTION_RECORD, ExceptionFlags),
+OFFSET(ErExceptionRecord, EXCEPTION_RECORD, ExceptionRecord),
+OFFSET(ErExceptionAddress, EXCEPTION_RECORD, ExceptionAddress),
+OFFSET(ErNumberParameters, EXCEPTION_RECORD, NumberParameters),
+OFFSET(ErExceptionInformation, EXCEPTION_RECORD, ExceptionInformation),
+SIZE(ExceptionRecordLength, EXCEPTION_RECORD),
+SIZE(EXCEPTION_RECORD_LENGTH, EXCEPTION_RECORD), // not 1386
+
+HEADER("EPROCESS"),
+OFFSET(EpDebugPort, EPROCESS, DebugPort),
+#if defined(_M_IX86)
+OFFSET(EpVdmObjects, EPROCESS, VdmObjects),
+#elif defined(_M_AMD64)
+OFFSET(EpWow64Process, EPROCESS, Wow64Process),
+#endif
+SIZE(ExecutiveProcessObjectLength, EPROCESS),
+
+HEADER("ETHREAD offsets"),
+OFFSET(EtCid, ETHREAD, Cid), // 0x364
+SIZE(ExecutiveThreadObjectLength, ETHREAD), // 0x418
+
+HEADER("KEVENT"),
+OFFSET(EvType, KEVENT, Header.Type),
+OFFSET(EvSize, KEVENT, Header.Size),
+OFFSET(EvSignalState, KEVENT, Header.SignalState),
+OFFSET(EvWaitListHead, KEVENT, Header.WaitListHead),
+SIZE(EventObjectLength, KEVENT),
+
+HEADER("FIBER"),
+OFFSET(FbFiberData, FIBER, FiberData),
+OFFSET(FbExceptionList, FIBER, ExceptionList),
+OFFSET(FbStackBase, FIBER, StackBase),
+OFFSET(FbStackLimit, FIBER, StackLimit),
+OFFSET(FbDeallocationStack, FIBER, DeallocationStack),
+OFFSET(FbFiberContext, FIBER, FiberContext),
+//OFFSET(FbWx86Tib, FIBER, Wx86Tib),
+//OFFSET(FbActivationContextStackPointer, FIBER, ActivationContextStackPointer),
+OFFSET(FbFlsData, FIBER, FlsData),
+OFFSET(FbGuaranteedStackBytes, FIBER, GuaranteedStackBytes),
+//OFFSET(FbTebFlags, FIBER, TebFlags),
+
+HEADER("FAST_MUTEX"),
+OFFSET(FmCount, FAST_MUTEX, Count),
+OFFSET(FmOwner, FAST_MUTEX, Owner),
+OFFSET(FmContention, FAST_MUTEX, Contention),
+//OFFSET(FmGate, FAST_MUTEX, Gate), // obsolete
+OFFSET(FmOldIrql, FAST_MUTEX, OldIrql),
+
+#ifndef _M_ARM
+HEADER("GETSETCONTEXT offsets"), // GET_SET_CTX_CONTEXT
+OFFSET(GetSetCtxContextPtr, GETSETCONTEXT, Context),
+#endif // _M_ARM
+
+HEADER("KINTERRUPT"),
+OFFSET(InType, KINTERRUPT, Type),
+OFFSET(InSize, KINTERRUPT, Size),
+OFFSET(InInterruptListEntry, KINTERRUPT, InterruptListEntry),
+OFFSET(InServiceRoutine, KINTERRUPT, ServiceRoutine),
+OFFSET(InServiceContext, KINTERRUPT, ServiceContext),
+OFFSET(InSpinLock, KINTERRUPT, SpinLock),
+OFFSET(InTickCount, KINTERRUPT, TickCount),
+OFFSET(InActualLock, KINTERRUPT, ActualLock),
+OFFSET(InDispatchAddress, KINTERRUPT, DispatchAddress),
+OFFSET(InVector, KINTERRUPT, Vector),
+OFFSET(InIrql, KINTERRUPT, Irql),
+OFFSET(InSynchronizeIrql, KINTERRUPT, SynchronizeIrql),
+OFFSET(InFloatingSave, KINTERRUPT, FloatingSave),
+OFFSET(InConnected, KINTERRUPT, Connected),
+OFFSET(InNumber, KINTERRUPT, Number),
+OFFSET(InShareVector, KINTERRUPT, ShareVector),
+//OFFSET(InInternalState, KINTERRUPT, InternalState),
+OFFSET(InMode, KINTERRUPT, Mode),
+OFFSET(InServiceCount, KINTERRUPT, ServiceCount),
+OFFSET(InDispatchCount, KINTERRUPT, DispatchCount),
+//OFFSET(InTrapFrame, KINTERRUPT, TrapFrame), // amd64
+OFFSET(InDispatchCode, KINTERRUPT, DispatchCode), // obsolete
+SIZE(InterruptObjectLength, KINTERRUPT),
+
+#ifdef _M_AMD64
+HEADER("IO_STATUS_BLOCK"),
+OFFSET(IoStatus, IO_STATUS_BLOCK, Status),
+OFFSET(IoPointer, IO_STATUS_BLOCK, Pointer),
+OFFSET(IoInformation, IO_STATUS_BLOCK, Information),
+#endif /* _M_AMD64 */
+
+#if (NTDDI_VERSION >= NTDDI_WIN8)
+HEADER("KSTACK_CONTROL"),
+OFFSET(KcCurrentBase, KSTACK_CONTROL, StackBase),
+OFFSET(KcActualLimit, KSTACK_CONTROL, ActualLimit),
+OFFSET(KcPreviousBase, KSTACK_CONTROL, Previous.StackBase),
+OFFSET(KcPreviousLimit, KSTACK_CONTROL, Previous.StackLimit),
+OFFSET(KcPreviousKernel, KSTACK_CONTROL, Previous.KernelStack),
+OFFSET(KcPreviousInitial, KSTACK_CONTROL, Previous.InitialStack),
+#ifdef _IX86
+OFFSET(KcTrapFrame, KSTACK_CONTROL, PreviousTrapFrame),
+OFFSET(KcExceptionList, KSTACK_CONTROL, PreviousExceptionList),
+#endif // _IX86
+SIZE(KSTACK_CONTROL_LENGTH, KSTACK_CONTROL),
+CONSTANT(KSTACK_ACTUAL_LIMIT_EXPANDED), // move somewhere else?
+#else
+//HEADER("KERNEL_STACK_CONTROL"),
+#endif
+
+#if 0 // no longer in win 10, different struct
+HEADER("KNODE"),
+//OFFSET(KnRight, KNODE, Right),
+//OFFSET(KnLeft, KNODE, Left),
+OFFSET(KnPfnDereferenceSListHead, KNODE, PfnDereferenceSListHead),
+OFFSET(KnProcessorMask, KNODE, ProcessorMask),
+OFFSET(KnColor, KNODE, Color),
+OFFSET(KnSeed, KNODE, Seed),
+OFFSET(KnNodeNumber, KNODE, NodeNumber),
+OFFSET(KnFlags, KNODE, Flags),
+OFFSET(KnMmShiftedColor, KNODE, MmShiftedColor),
+OFFSET(KnFreeCount, KNODE, FreeCount),
+OFFSET(KnPfnDeferredList, KNODE, PfnDeferredList),
+SIZE(KNODE_SIZE, KNODE),
+#endif
+
+HEADER("KSPIN_LOCK_QUEUE"),
+OFFSET(LqNext, KSPIN_LOCK_QUEUE, Next),
+OFFSET(LqLock, KSPIN_LOCK_QUEUE, Lock),
+SIZE(LOCK_QUEUE_HEADER_SIZE, KSPIN_LOCK_QUEUE),
+
+HEADER("KLOCK_QUEUE_HANDLE"),
+OFFSET(LqhLockQueue, KLOCK_QUEUE_HANDLE, LockQueue),
+OFFSET(LqhNext, KLOCK_QUEUE_HANDLE, LockQueue.Next),
+OFFSET(LqhLock, KLOCK_QUEUE_HANDLE, LockQueue.Lock),
+OFFSET(LqhOldIrql, KLOCK_QUEUE_HANDLE, OldIrql),
+
+HEADER("LARGE_INTEGER"),
+OFFSET(LiLowPart, LARGE_INTEGER, LowPart),
+OFFSET(LiHighPart, LARGE_INTEGER, HighPart),
+
+HEADER("LOADER_PARAMETER_BLOCK (rel. to LoadOrderListHead)"),
+RELOFFSET(LpbKernelStack, LOADER_PARAMETER_BLOCK, KernelStack, LoadOrderListHead),
+RELOFFSET(LpbPrcb, LOADER_PARAMETER_BLOCK, Prcb, LoadOrderListHead),
+RELOFFSET(LpbProcess, LOADER_PARAMETER_BLOCK, Process, LoadOrderListHead),
+RELOFFSET(LpbThread, LOADER_PARAMETER_BLOCK, Thread, LoadOrderListHead),
+
+HEADER("LIST_ENTRY"),
+OFFSET(LsFlink, LIST_ENTRY, Flink),
+OFFSET(LsBlink, LIST_ENTRY, Blink),
+
+HEADER("PEB"),
+OFFSET(PeBeingDebugged, PEB, BeingDebugged),
+OFFSET(PeProcessParameters, PEB, ProcessParameters),
+OFFSET(PeKernelCallbackTable, PEB, KernelCallbackTable),
+SIZE(ProcessEnvironmentBlockLength, PEB),
+
+HEADER("KPROFILE"),
+OFFSET(PfType, KPROFILE, Type),
+OFFSET(PfSize, KPROFILE, Size),
+OFFSET(PfProfileListEntry, KPROFILE, ProfileListEntry),
+OFFSET(PfProcess, KPROFILE, Process),
+OFFSET(PfRangeBase, KPROFILE, RangeBase),
+OFFSET(PfRangeLimit, KPROFILE, RangeLimit),
+OFFSET(PfBucketShift, KPROFILE, BucketShift),
+OFFSET(PfBuffer, KPROFILE, Buffer),
+OFFSET(PfSegment, KPROFILE, Segment),
+OFFSET(PfAffinity, KPROFILE, Affinity),
+OFFSET(PfSource, KPROFILE, Source),
+OFFSET(PfStarted, KPROFILE, Started),
+SIZE(ProfileObjectLength, KPROFILE),
+
+HEADER("PORT_MESSAGE"), // whole thing obsolete in win10
+OFFSET(PmLength, PORT_MESSAGE, u1.Length),
+OFFSET(PmZeroInit, PORT_MESSAGE, u2.ZeroInit),
+OFFSET(PmClientId, PORT_MESSAGE, ClientId),
+OFFSET(PmProcess, PORT_MESSAGE, ClientId.UniqueProcess),
+OFFSET(PmThread, PORT_MESSAGE, ClientId.UniqueThread),
+OFFSET(PmMessageId, PORT_MESSAGE, MessageId),
+OFFSET(PmClientViewSize, PORT_MESSAGE, ClientViewSize),
+SIZE(PortMessageLength, PORT_MESSAGE),
+
+HEADER("KPROCESS"),
+OFFSET(PrType, KPROCESS, Header.Type),
+OFFSET(PrSize, KPROCESS, Header.Size),
+OFFSET(PrSignalState, KPROCESS, Header.SignalState),
+OFFSET(PrProfileListHead, KPROCESS, ProfileListHead),
+OFFSET(PrDirectoryTableBase, KPROCESS, DirectoryTableBase),
+#ifdef _M_ARM
+//OFFSET(PrPageDirectory, KPROCESS, PageDirectory),
+#elif defined(_M_IX86)
+OFFSET(PrLdtDescriptor, KPROCESS, LdtDescriptor),
+OFFSET(PrInt21Descriptor, KPROCESS, Int21Descriptor),
+#endif
+OFFSET(PrThreadListHead, KPROCESS, ThreadListHead),
+OFFSET(PrAffinity, KPROCESS, Affinity),
+OFFSET(PrReadyListHead, KPROCESS, ReadyListHead),
+OFFSET(PrSwapListEntry, KPROCESS, SwapListEntry),
+OFFSET(PrActiveProcessors, KPROCESS, ActiveProcessors),
+OFFSET(PrProcessFlags, KPROCESS, ProcessFlags),
+OFFSET(PrBasePriority, KPROCESS, BasePriority),
+OFFSET(PrQuantumReset, KPROCESS, QuantumReset),
+#if defined(_M_IX86)
+OFFSET(PrIopmOffset, KPROCESS, IopmOffset),
+#endif
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+OFFSET(PrCycleTime, KPROCESS, CycleTime),
+#endif
+OFFSET(PrKernelTime, KPROCESS, KernelTime),
+OFFSET(PrUserTime, KPROCESS, UserTime),
+#if defined(_M_AMD64) || defined(_M_ARM)
+//OFFSET(PrInstrumentationCallback, KPROCESS, InstrumentationCallback),
+#elif defined(_M_IX86)
+OFFSET(PrVdmTrapcHandler, KPROCESS, VdmTrapcHandler),
+//OFFSET(PrVdmObjects, KPROCESS, VdmObjects),
+OFFSET(PrFlags, KPROCESS, Flags),
+//PrInstrumentationCallback equ 0031CH // ???
+#endif
+SIZE(KernelProcessObjectLength, KPROCESS),
+
+HEADER("KQUEUE"),
+OFFSET(QuType, KQUEUE, Header.Type), // not in win10
+OFFSET(QuSize, KQUEUE, Header.Size), // not in win10
+OFFSET(QuSignalState, KQUEUE, Header.SignalState),
+OFFSET(QuEntryListHead, KQUEUE, EntryListHead),
+OFFSET(QuCurrentCount, KQUEUE, CurrentCount),
+OFFSET(QuMaximumCount, KQUEUE, MaximumCount),
+OFFSET(QuThreadListHead, KQUEUE, ThreadListHead),
+SIZE(QueueObjectLength, KQUEUE),
+
+HEADER("KSERVICE_TABLE_DESCRIPTOR offsets"),
+OFFSET(SdBase, KSERVICE_TABLE_DESCRIPTOR, Base),
+OFFSET(SdCount, KSERVICE_TABLE_DESCRIPTOR, Count), // not in win10
+OFFSET(SdLimit, KSERVICE_TABLE_DESCRIPTOR, Limit),
+OFFSET(SdNumber, KSERVICE_TABLE_DESCRIPTOR, Number),
+SIZE(SdLength, KSERVICE_TABLE_DESCRIPTOR),
+
+HEADER("STRING"),
+OFFSET(StrLength, STRING, Length),
+OFFSET(StrMaximumLength, STRING, MaximumLength),
+OFFSET(StrBuffer, STRING, Buffer),
+
+HEADER("TEB"),
+#if defined(_M_IX86)
+OFFSET(TeExceptionList, TEB, NtTib.ExceptionList),
+#elif defined(_M_AMD64)
+OFFSET(TeCmTeb, TEB, NtTib),
+#endif
+OFFSET(TeStackBase, TEB, NtTib.StackBase),
+OFFSET(TeStackLimit, TEB, NtTib.StackLimit),
+OFFSET(TeFiberData, TEB, NtTib.FiberData),
+OFFSET(TeSelf, TEB, NtTib.Self),
+OFFSET(TeEnvironmentPointer, TEB, EnvironmentPointer),
+OFFSET(TeClientId, TEB, ClientId),
+OFFSET(TeActiveRpcHandle, TEB, ActiveRpcHandle),
+OFFSET(TeThreadLocalStoragePointer, TEB, ThreadLocalStoragePointer),
+OFFSET(TePeb, TEB, ProcessEnvironmentBlock),
+OFFSET(TeLastErrorValue, TEB, LastErrorValue),
+OFFSET(TeCountOfOwnedCriticalSections, TEB, CountOfOwnedCriticalSections),
+OFFSET(TeCsrClientThread, TEB, CsrClientThread),
+OFFSET(TeWOW32Reserved, TEB, WOW32Reserved),
+//OFFSET(TeSoftFpcr, TEB, SoftFpcr),
+OFFSET(TeExceptionCode, TEB, ExceptionCode),
+OFFSET(TeActivationContextStackPointer, TEB, ActivationContextStackPointer),
+//#if (NTDDI_VERSION >= NTDDI_WIN10)
+//OFFSET(TeInstrumentationCallbackSp, TEB, InstrumentationCallbackSp),
+//OFFSET(TeInstrumentationCallbackPreviousPc, TEB, InstrumentationCallbackPreviousPc),
+//OFFSET(TeInstrumentationCallbackPreviousSp, TEB, InstrumentationCallbackPreviousSp),
+//#endif
+OFFSET(TeGdiClientPID, TEB, GdiClientPID),
+OFFSET(TeGdiClientTID, TEB, GdiClientTID),
+OFFSET(TeGdiThreadLocalInfo, TEB, GdiThreadLocalInfo),
+OFFSET(TeglDispatchTable, TEB, glDispatchTable),
+OFFSET(TeglReserved1, TEB, glReserved1),
+OFFSET(TeglReserved2, TEB, glReserved2),
+OFFSET(TeglSectionInfo, TEB, glSectionInfo),
+OFFSET(TeglSection, TEB, glSection),
+OFFSET(TeglTable, TEB, glTable),
+OFFSET(TeglCurrentRC, TEB, glCurrentRC),
+OFFSET(TeglContext, TEB, glContext),
+OFFSET(TeDeallocationStack, TEB, DeallocationStack),
+OFFSET(TeTlsSlots, TEB, TlsSlots),
+OFFSET(TeVdm, TEB, Vdm),
+OFFSET(TeInstrumentation, TEB, Instrumentation),
+OFFSET(TeGdiBatchCount, TEB, GdiBatchCount),
+OFFSET(TeGuaranteedStackBytes, TEB, GuaranteedStackBytes),
+OFFSET(TeTlsExpansionSlots, TEB, TlsExpansionSlots),
+OFFSET(TeFlsData, TEB, FlsData),
+SIZE(ThreadEnvironmentBlockLength, TEB),
+
+HEADER("TIME_FIELDS"),
+OFFSET(TfYear, TIME_FIELDS, Year),
+OFFSET(TfMonth, TIME_FIELDS, Month),
+OFFSET(TfDay, TIME_FIELDS, Day),
+OFFSET(TfHour, TIME_FIELDS, Hour),
+OFFSET(TfMinute, TIME_FIELDS, Minute),
+OFFSET(TfSecond, TIME_FIELDS, Second),
+OFFSET(TfMilliseconds, TIME_FIELDS, Milliseconds),
+OFFSET(TfWeekday, TIME_FIELDS, Weekday),
+
+HEADER("KTHREAD"),
+OFFSET(ThType, KTHREAD, Header.Type),
+OFFSET(ThLock, KTHREAD, Header.Lock),
+OFFSET(ThSize, KTHREAD, Header.Size),
+OFFSET(ThThreadControlFlags, KTHREAD, Header.ThreadControlFlags),
+OFFSET(ThDebugActive, KTHREAD, Header.DebugActive),
+OFFSET(ThSignalState, KTHREAD, Header.SignalState),
+OFFSET(ThInitialStack, KTHREAD, InitialStack),
+OFFSET(ThStackLimit, KTHREAD, StackLimit),
+OFFSET(ThStackBase, KTHREAD, StackBase),
+OFFSET(ThThreadLock, KTHREAD, ThreadLock),
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+OFFSET(ThCycleTime, KTHREAD, CycleTime),
+#if defined(_M_IX86)
+OFFSET(ThHighCycleTime, KTHREAD, HighCycleTime),
+#endif
+#endif /* (NTDDI_VERSION >= NTDDI_LONGHORN) */
+#if defined(_M_IX86)
+OFFSET(ThServiceTable, KTHREAD, ServiceTable),
+#endif
+//OFFSET(ThCurrentRunTime, KTHREAD, CurrentRunTime),
+//OFFSET(ThStateSaveArea, KTHREAD, StateSaveArea), // 0x3C not arm
+OFFSET(ThKernelStack, KTHREAD, KernelStack),
+#if (NTDDI_VERSION >= NTDDI_WIN7)
+OFFSET(ThRunning, KTHREAD, Running),
+#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
+OFFSET(ThAlerted, KTHREAD, Alerted),
+#if (NTDDI_VERSION >= NTDDI_WIN7)
+OFFSET(ThMiscFlags, KTHREAD, MiscFlags),
+#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
+OFFSET(ThThreadFlags, KTHREAD, ThreadFlags),
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+OFFSET(ThSystemCallNumber, KTHREAD, SystemCallNumber),
+#endif /* (NTDDI_VERSION >= NTDDI_LONGHORN) */
+//OFFSET(ThFirstArgument, KTHREAD, FirstArgument),
+OFFSET(ThTrapFrame, KTHREAD, TrapFrame),
+OFFSET(ThApcState, KTHREAD, ApcState),
+OFFSET(ThPriority, KTHREAD, Priority),
+OFFSET(ThContextSwitches, KTHREAD, ContextSwitches),
+OFFSET(ThState, KTHREAD, State),
+OFFSET(ThNpxState, KTHREAD, NpxState),
+OFFSET(ThWaitIrql, KTHREAD, WaitIrql),
+OFFSET(ThWaitMode, KTHREAD, WaitMode),
+OFFSET(ThTeb, KTHREAD, Teb),
+OFFSET(ThTimer, KTHREAD, Timer),
+OFFSET(ThWin32Thread, KTHREAD, Win32Thread),
+OFFSET(ThWaitTime, KTHREAD, WaitTime),
+OFFSET(ThCombinedApcDisable, KTHREAD, CombinedApcDisable),
+OFFSET(ThKernelApcDisable, KTHREAD, KernelApcDisable),
+OFFSET(ThSpecialApcDisable, KTHREAD, SpecialApcDisable),
+#if defined(_M_ARM)
+//OFFSET(ThVfpState, KTHREAD, VfpState),
+#endif
+OFFSET(ThNextProcessor, KTHREAD, NextProcessor),
+OFFSET(ThProcess, KTHREAD, Process),
+OFFSET(ThPreviousMode, KTHREAD, PreviousMode),
+OFFSET(ThPriorityDecrement, KTHREAD, PriorityDecrement),
+OFFSET(ThAdjustReason, KTHREAD, AdjustReason),
+OFFSET(ThAdjustIncrement, KTHREAD, AdjustIncrement),
+OFFSET(ThAffinity, KTHREAD, Affinity),
+OFFSET(ThApcStateIndex, KTHREAD, ApcStateIndex),
+OFFSET(ThIdealProcessor, KTHREAD, IdealProcessor),
+OFFSET(ThApcStatePointer, KTHREAD, ApcStatePointer),
+OFFSET(ThSavedApcState, KTHREAD, SavedApcState),
+OFFSET(ThWaitReason, KTHREAD, WaitReason),
+OFFSET(ThSaturation, KTHREAD, Saturation),
+OFFSET(ThLegoData, KTHREAD, LegoData),
+//#if defined(_M_ARM) && (NTDDI_VERSION >= NTDDI_WIN10)
+//#define ThUserRoBase 0x434
+//#define ThUserRwBase 0x438
+//#endif
+#ifdef _M_IX86
+OFFSET(ThSListFaultCount, KTHREAD, WaitReason), // 0x18E
+OFFSET(ThSListFaultAddress, KTHREAD, WaitReason), // 0x10
+#endif // _M_IX86
+#if defined(_M_IX86) || defined(_M_AMD64)
+OFFSET(ThUserFsBase, KTHREAD, WaitReason), // 0x434
+OFFSET(ThUserGsBase, KTHREAD, WaitReason), // 0x438
+#endif // defined
+SIZE(KernelThreadObjectLength, KTHREAD),
+
+HEADER("KTIMER"),
+OFFSET(TiType, KTIMER, Header.Type),
+OFFSET(TiSize, KTIMER, Header.Size),
+OFFSET(TiInserted, KTIMER, Header.Inserted), // not in win 10
+OFFSET(TiSignalState, KTIMER, Header.SignalState),
+OFFSET(TiDueTime, KTIMER, DueTime),
+OFFSET(TiTimerListEntry, KTIMER, TimerListEntry),
+OFFSET(TiDpc, KTIMER, Dpc),
+OFFSET(TiPeriod, KTIMER, Period),
+SIZE(TimerObjectLength, KTIMER),
+
+HEADER("TIME"),
+OFFSET(TmLowTime, TIME, LowTime),
+OFFSET(TmHighTime, TIME, HighTime),
+
+HEADER("SYSTEM_CONTEXT_SWITCH_INFORMATION (relative to FindAny)"),
+RELOFFSET(TwFindAny, SYSTEM_CONTEXT_SWITCH_INFORMATION, FindAny, FindAny),
+RELOFFSET(TwFindIdeal, SYSTEM_CONTEXT_SWITCH_INFORMATION, FindIdeal, FindAny),
+RELOFFSET(TwFindLast, SYSTEM_CONTEXT_SWITCH_INFORMATION, FindLast, FindAny),
+RELOFFSET(TwIdleAny, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleAny, FindAny),
+RELOFFSET(TwIdleCurrent, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleCurrent, FindAny),
+RELOFFSET(TwIdleIdeal, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleIdeal, FindAny),
+RELOFFSET(TwIdleLast, SYSTEM_CONTEXT_SWITCH_INFORMATION, IdleLast, FindAny),
+RELOFFSET(TwPreemptAny, SYSTEM_CONTEXT_SWITCH_INFORMATION, PreemptAny, FindAny),
+RELOFFSET(TwPreemptCurrent, SYSTEM_CONTEXT_SWITCH_INFORMATION, PreemptCurrent, FindAny),
+RELOFFSET(TwPreemptLast, SYSTEM_CONTEXT_SWITCH_INFORMATION, PreemptLast, FindAny),
+RELOFFSET(TwSwitchToIdle, SYSTEM_CONTEXT_SWITCH_INFORMATION, SwitchToIdle, FindAny),
+
+HEADER("KUSER_SHARED_DATA"),
+OFFSET(UsTickCountMultiplier, KUSER_SHARED_DATA, TickCountMultiplier), // 0x4
+OFFSET(UsInterruptTime, KUSER_SHARED_DATA, InterruptTime), // 0x8
+OFFSET(UsSystemTime, KUSER_SHARED_DATA, SystemTime), // 0x14
+OFFSET(UsTimeZoneBias, KUSER_SHARED_DATA, TimeZoneBias), // 0x20
+OFFSET(UsImageNumberLow, KUSER_SHARED_DATA, ImageNumberLow),
+OFFSET(UsImageNumberHigh, KUSER_SHARED_DATA, ImageNumberHigh),
+OFFSET(UsNtSystemRoot, KUSER_SHARED_DATA, NtSystemRoot),
+OFFSET(UsMaxStackTraceDepth, KUSER_SHARED_DATA, MaxStackTraceDepth),
+OFFSET(UsCryptoExponent, KUSER_SHARED_DATA, CryptoExponent),
+OFFSET(UsTimeZoneId, KUSER_SHARED_DATA, TimeZoneId),
+OFFSET(UsLargePageMinimum, KUSER_SHARED_DATA, LargePageMinimum),
+//#if (NTDDI_VERSION >= NTDDI_WIN10)
+//OFFSET(UsNtBuildNumber, KUSER_SHARED_DATA, NtBuildNumber),
+//#else
+OFFSET(UsReserved2, KUSER_SHARED_DATA, Reserved2),
+//#endif
+OFFSET(UsNtProductType, KUSER_SHARED_DATA, NtProductType),
+OFFSET(UsProductTypeIsValid, KUSER_SHARED_DATA, ProductTypeIsValid),
+OFFSET(UsNtMajorVersion, KUSER_SHARED_DATA, NtMajorVersion),
+OFFSET(UsNtMinorVersion, KUSER_SHARED_DATA, NtMinorVersion),
+OFFSET(UsProcessorFeatures, KUSER_SHARED_DATA, ProcessorFeatures),
+OFFSET(UsReserved1, KUSER_SHARED_DATA, Reserved1),
+OFFSET(UsReserved3, KUSER_SHARED_DATA, Reserved3),
+OFFSET(UsTimeSlip, KUSER_SHARED_DATA, TimeSlip),
+OFFSET(UsAlternativeArchitecture, KUSER_SHARED_DATA, AlternativeArchitecture),
+OFFSET(UsSystemExpirationDate, KUSER_SHARED_DATA, SystemExpirationDate), // not arm
+OFFSET(UsSuiteMask, KUSER_SHARED_DATA, SuiteMask),
+OFFSET(UsKdDebuggerEnabled, KUSER_SHARED_DATA, KdDebuggerEnabled),
+OFFSET(UsActiveConsoleId, KUSER_SHARED_DATA, ActiveConsoleId),
+OFFSET(UsDismountCount, KUSER_SHARED_DATA, DismountCount),
+OFFSET(UsComPlusPackage, KUSER_SHARED_DATA, ComPlusPackage),
+OFFSET(UsLastSystemRITEventTickCount, KUSER_SHARED_DATA, LastSystemRITEventTickCount),
+OFFSET(UsNumberOfPhysicalPages, KUSER_SHARED_DATA, NumberOfPhysicalPages),
+OFFSET(UsSafeBootMode, KUSER_SHARED_DATA, SafeBootMode),
+OFFSET(UsTestRetInstruction, KUSER_SHARED_DATA, TestRetInstruction),
+OFFSET(UsSystemCall, KUSER_SHARED_DATA, SystemCall), // not in win10
+OFFSET(UsSystemCallReturn, KUSER_SHARED_DATA, SystemCallReturn), // not in win10
+OFFSET(UsSystemCallPad, KUSER_SHARED_DATA, SystemCallPad),
+OFFSET(UsTickCount, KUSER_SHARED_DATA, TickCount),
+OFFSET(UsTickCountQuad, KUSER_SHARED_DATA, TickCountQuad),
+OFFSET(UsWow64SharedInformation, KUSER_SHARED_DATA, Wow64SharedInformation), // not in win10
+//OFFSET(UsXState, KUSER_SHARED_DATA, XState), // win 10
+
+HEADER("KWAIT_BLOCK offsets"),
+OFFSET(WbWaitListEntry, KWAIT_BLOCK, WaitListEntry),
+OFFSET(WbThread, KWAIT_BLOCK, Thread),
+OFFSET(WbObject, KWAIT_BLOCK, Object),
+OFFSET(WbNextWaitBlock, KWAIT_BLOCK, NextWaitBlock), // not in win10
+OFFSET(WbWaitKey, KWAIT_BLOCK, WaitKey),
+OFFSET(WbWaitType, KWAIT_BLOCK, WaitType),
+
+
+#if 0
+//OFFSET(IbCfgBitMap, ????, CfgBitMap),
+CONSTANT(Win32BatchFlushCallout 0x7
+
+
+#define CmThreadEnvironmentBlockOffset 0x1000
+
+;  Process Parameters Block Structure Offset Definitions
+#define PpFlags 0x8
+
+
+// Extended context structure offset definitions
+#define CxxLegacyOffset 0x8
+#define CxxLegacyLength 0xc
+#define CxxXStateOffset 0x10
+#define CxxXStateLength 0x14
+
+#ifndef _M_ARM
+;  Bounds Callback Status Code Definitions
+BoundExceptionContinueSearch equ 00000H
+BoundExceptionHandled equ 00001H
+BoundExceptionError equ 00002H
+#endif
+
+#ifndef _M_ARM
+;  Enlightenment structure definitions
+HeEnlightenments equ 00000H
+HeHypervisorConnected equ 00004H
+HeEndOfInterrupt equ 00008H
+HeApicWriteIcr equ 0000CH
+HeSpinCountMask equ 00014H
+HeLongSpinWait equ 00018H
+#endif
+
+// KAFFINITY_EX
+#define AffinityExLength 0xc // not i386
+
+#endif
--- a/sdk/include/asm/kxarm.h
+++ b/sdk/include/asm/kxarm.h
@ -0,0 +1,259 @@
+
+#define ENABLE_FRAME_POINTER 1
+
+#undef TRUE
+//#define TRUE 1
+#undef FALSE
+//#define FALSE 0
+
+//#include "kxarmunw.h"
+
+#ifdef _MSC_VER
+
+    /* Globals */
+    GBLS __FuncStartLabel
+    GBLS __FuncEpilog1StartLabel
+    GBLS __FuncEpilog2StartLabel
+    GBLS __FuncEpilog3StartLabel
+    GBLS __FuncEpilog4StartLabel
+    GBLS __FuncXDataLabel
+    GBLS __FuncXDataPrologLabel
+    GBLS __FuncXDataEpilog1Label
+    GBLS __FuncXDataEpilog2Label
+    GBLS __FuncXDataEpilog3Label
+    GBLS __FuncXDataEpilog4Label
+    GBLS __FuncXDataEndLabel
+    GBLS __FuncEndLabel
+    GBLS __FuncArea
+    GBLS __FuncExceptionHandler
+
+    MACRO
+    __DeriveFunctionLabels $FuncName
+__FuncStartLabel        SETS "|$FuncName|"
+__FuncEndLabel          SETS "|$FuncName._end|"
+__FuncEpilog1StartLabel SETS "|$FuncName._epilog1_start|"
+__FuncEpilog2StartLabel SETS "|$FuncName._epilog2_start|"
+__FuncEpilog3StartLabel SETS "|$FuncName._epilog3_start|"
+__FuncEpilog4StartLabel SETS "|$FuncName._epilog4_start|"
+__FuncXDataLabel        SETS "|$FuncName._xdata|"
+__FuncXDataPrologLabel  SETS "|$FuncName._xdata_prolog|"
+__FuncXDataEpilog1Label SETS "|$FuncName._xdata_epilog1|"
+__FuncXDataEpilog2Label SETS "|$FuncName._xdata_epilog2|"
+__FuncXDataEpilog3Label SETS "|$FuncName._xdata_epilog3|"
+__FuncXDataEpilog4Label SETS "|$FuncName._xdata_epilog4|"
+__FuncXDataEndLabel     SETS "|$FuncName._xdata_end|"
+    MEND
+
+    MACRO
+    __ExportName $FuncName
+        LCLS Name
+Name    SETS "|$FuncName|"
+        ALIGN 4
+        EXPORT $Name
+$Name
+    MEND
+
+    MACRO
+    __ExportProc $FuncName
+        LCLS Name
+Name    SETS "|$FuncName|"
+        ALIGN 4
+        EXPORT $Name
+$Name   PROC
+    MEND
+
+    MACRO
+    TEXTAREA
+#if defined(_CONTROL_FLOW_GUARD)
+        AREA |.text|,ALIGN=4,CODE,READONLY
+#else
+        AREA |.text|,ALIGN=2,CODE,READONLY
+#endif
+    MEND
+
+    MACRO
+    DATAAREA
+        AREA |.data|,DATA
+    MEND
+
+    MACRO
+    RODATAAREA
+        AREA |.rdata|,DATA,READONLY
+    MEND
+
+    MACRO
+    NESTED_ENTRY $FuncName, $AreaName, $ExceptHandler
+        __DeriveFunctionLabels $FuncName
+__FuncArea SETS "|.text|"
+        IF "$AreaName" != ""
+__FuncArea SETS "$AreaName"
+        ENDIF
+__FuncExceptionHandler SETS ""
+        IF "$ExceptHandler" != ""
+__FuncExceptionHandler SETS "|$ExceptHandler|"
+        ENDIF
+        AREA $__FuncArea,CODE,READONLY
+        __ExportProc $FuncName
+        ROUT
+        // __ResetUnwindState
+    MEND
+
+    // FIXME: this does not exist in native
+    MACRO
+    PROLOG_END
+        /* Ignore for now */
+    MEND
+
+    MACRO
+    NESTED_END $FuncName
+$__FuncEndLabel
+        LTORG
+        ENDP
+        //AREA |.pdata|,ALIGN=2,READONLY
+        //DCD $__FuncStartLabel
+        //RELOC 2
+        //DCD $__FuncXDataLabel
+        //RELOC 2
+        //__EmitUnwindXData
+        //AREA $__FuncArea,CODE,READONLY
+__FuncStartLabel SETS ""
+__FuncEndLabel SETS ""
+    MEND
+
+    MACRO
+    LEAF_ENTRY $FuncName, $AreaName
+        NESTED_ENTRY $FuncName, $AreaName
+    MEND
+
+    MACRO
+    LEAF_END $FuncName
+        NESTED_END $FuncName
+    MEND
+
+    MACRO
+    LEAF_ENTRY_NO_PDATA $FuncName, $AreaName
+        __DeriveFunctionLabels $FuncName
+__FuncArea SETS "|.text|"
+        IF "$AreaName" != ""
+__FuncArea SETS "$AreaName"
+        ENDIF
+        AREA $__FuncArea,CODE,READONLY
+        __ExportProc $FuncName
+        ROUT
+    MEND
+
+    MACRO
+    LEAF_END_NO_PDATA $FuncName
+$__FuncEndLabel
+        LTORG
+        ENDP
+__FuncStartLabel SETS ""
+__FuncEndLabel SETS ""
+    MEND
+
+    MACRO
+    ALTERNATE_ENTRY $FuncName
+        __ExportName $FuncName
+        ROUT
+    MEND
+
+
+    #define CR 13
+    #define LF 10
+    #define NUL 0
+
+    #define ASCII dcb
+
+    MACRO
+    UNIMPLEMENTED $Name
+    MEND
+
+#else
+
+/* Compatibility define */
+#define EQU .equ
+
+.macro IMPORT Name
+    /* Ignore */
+.endm
+
+.macro EXPORT Name
+    .global &Name
+.endm
+
+.macro TEXTAREA
+    .section .text, "rx"
+#if defined(_CONTROL_FLOW_GUARD)
+    .align 4
+#else
+    .align 2
+#endif
+.endm
+
+.macro DATAAREA
+    .section .data, "rw"
+.endm
+
+.macro RODATAAREA
+    .section .rdata, "rw"
+.endm
+
+.macro NESTED_ENTRY Name
+FuncName    .equ    &Name
+PrologName  .equ    &Name&_Prolog
+FuncEndName .equ    &Name&_end
+    .global &FuncName
+    .align 2
+    .func &FuncName
+    &FuncName:
+.endm
+
+// FIXME: should go to kxarmunw.h
+.macro PROLOG_END
+    \PrologName:
+.endm
+
+.macro NESTED_END Name
+    &FuncEndName:
+   .endfunc
+.endm
+
+.macro LEAF_ENTRY $FuncName, $AreaName
+    NESTED_ENTRY $FuncName, $AreaName
+.endm
+
+.macro LEAF_END $FuncName
+    NESTED_END $FuncName
+.endm
+
+
+/* Some "intrinsics", see http://codemachine.com/article_armasm.html */
+
+.macro __debugbreak
+    DCD 0xDEFE
+.endm
+
+.macro __assertfail
+    DCD 0xDEFC
+.endm
+
+.macro __fastfail
+    DCD 0xDEFB
+.endm
+
+.macro __rdpmccntr64
+    DCD 0xDEFA
+.endm
+
+.macro __debugservice
+    DCD 0xDEFD
+.endm
+
+.macro __brkdiv0
+    DCD 0xDEF9
+.endm
+
+
+#endif
+
+
--- a/sdk/include/asm/syscalls.inc
+++ b/sdk/include/asm/syscalls.inc
@ -0,0 +1,154 @@
+
+#ifdef _M_ARM
+
+#include <ksarm.h>
+
+    GBLA SyscallId
+
+SyscallId SETA 0
+
+	MACRO
+	STUB_K $Name
+	LCLS ZwFuncName
+	LCLS ZwFuncEndName
+ZwFuncName    SETS "Zw$Name"
+ZwFuncEndName SETS "$ZwFuncName":CC:"_end"
+	ALIGN 2
+	EXPORT $ZwFuncName [FUNC]
+$ZwFuncName
+	ROUT
+    mov r12, #SyscallId
+    svc #1
+    bx lr
+$ZwFuncEndName
+    MEND
+
+	MACRO
+	STUB_U $Name
+	LCLS NtFuncName
+	LCLS NtFuncEndName
+	LCLS ZwFuncName
+	LCLS ZwFuncEndName
+NtFuncName    SETS "Nt$Name"
+NtFuncEndName SETS "$NtFuncName":CC:"_end"
+ZwFuncName    SETS "Zw$Name"
+ZwFuncEndName SETS "$ZwFuncName":CC:"_end"
+	ALIGN 2
+	EXPORT $NtFuncName [FUNC]
+$NtFuncName
+	EXPORT $ZwFuncName [FUNC]
+$ZwFuncName
+	ROUT
+    mov r12, #SyscallId
+    svc #1
+    bx lr
+$NtFuncEndName
+$ZwFuncEndName
+    MEND
+
+#else
+
+#include <asm.inc>
+
+SyscallId = 0
+
+#ifdef _M_IX86
+#define KUSER_SHARED_SYSCALL HEX(7ffe0300)
+#define KGDT_R0_CODE 8
+MACRO(STUBCODE_U, Name, SyscallId, ArgCount)
+    StackBytes = 4 * ArgCount
+    FPO 0, 0, 0, 0, 0, FRAME_FPO
+    mov eax, SyscallId
+    mov edx, KUSER_SHARED_SYSCALL
+    call dword ptr [edx]
+    ret StackBytes
+ENDM
+MACRO(STUBCODE_K, Name, SyscallId, ArgCount)
+    StackBytes = 4 * &ArgCount
+    FPO 0, 0, 0, 0, 0, FRAME_FPO
+    mov eax, SyscallId
+    lea edx, [esp + 4]
+    pushfd
+    push KGDT_R0_CODE
+    call _KiSystemService
+    ret StackBytes
+ENDM
+#elif defined(_M_AMD64)
+MACRO(STUBCODE_U, Name, SyscallId, ArgCount)
+    .ENDPROLOG
+    mov eax, SyscallId
+    mov r10, rcx
+    syscall
+    ret
+ENDM
+MACRO(STUBCODE_K, Name, SyscallId, ArgCount)
+    .ENDPROLOG
+    EXTERN Nt&Name:PROC
+    lea rax, Nt&Name[rip]
+    mov r10, ArgCount * 8
+    jmp KiZwSystemService
+ENDM
+#elif defined(_M_PPC)
+MACRO(STUBCODE_U, Name, SyscallId, ArgCount)
+    stwu 1,-16(1)
+    mflr 0
+    stw  0,0(1)
+    li   0, SyscallId
+    sc
+    lwz 0,0(1)
+    mtlr 0
+    addi 1,1,16
+    blr
+ENDM
+#define STUBCODE_K STUBCODE_U
+#elif defined(_M_MIPS)
+MACRO(STUBCODE_U, Name, SyscallId, ArgCount)
+    li $8, KUSER_SHARED_SYSCALL
+    lw $8,0($8)
+    j $8
+    nop
+ENDM
+MACRO(STUBCODE_K, Name, SyscallId, ArgCount)
+    j KiSystemService
+    nop
+ENDM
+#else
+#error unsupported architecture
+#endif
+
+#ifdef _M_IX86
+MACRO(MAKE_LABEL, Name, StackBytes)
+    PUBLIC _&Name&@&StackBytes
+    _&Name&@&StackBytes:
+ENDM
+MACRO(START_PROC, Name, StackBytes)
+    PUBLIC _&Name&@&StackBytes
+    .PROC _&Name&@&StackBytes
+ENDM
+#else
+MACRO(MAKE_LABEL, Name, StackBytes)
+    PUBLIC &Name
+    &Name:
+ENDM
+MACRO(START_PROC, Name, StackBytes)
+    PUBLIC &Name
+    .PROC &Name
+ENDM
+#endif
+
+MACRO(STUB_U, Name, ArgCount)
+    MAKE_LABEL Zw&Name, %ArgCount * 4
+    START_PROC Nt&Name, %ArgCount * 4
+    STUBCODE_U Name, SyscallId, %ArgCount
+    .ENDP
+    SyscallId = SyscallId + 1
+ENDM
+
+MACRO(STUB_K, Name, ArgCount)
+    START_PROC Zw&Name, %ArgCount * 4
+    STUBCODE_K Name, SyscallId, %ArgCount
+    .ENDP
+    SyscallId = SyscallId + 1
+ENDM
+
+#endif
--- a/sdk/include/asm/trapamd64.inc
+++ b/sdk/include/asm/trapamd64.inc
@ -0,0 +1,244 @@
+
+APIC_EOI = HEX(0FFFFFFFFFFFE00B0)
+
+TF_VOLATILES            = HEX(01)
+TF_NONVOLATILES         = HEX(02)
+TF_XMM                  = HEX(04)
+TF_SEGMENTS             = HEX(08)
+TF_DEBUG                = HEX(10)
+TF_IRQL                 = HEX(20)
+TF_SAVE_ALL             = (TF_VOLATILES OR TF_NONVOLATILES OR TF_XMM OR TF_SEGMENTS)
+TF_HAS_ERROR_CODE       = HEX(40)
+TF_SEND_EOI             = HEX(80)
+//TF_SYSTEMSERVICE        = (TRAPFLAG_VOLATILES or TRAPFLAG_DEBUG)
+TF_CHECKUSERAPC         = HEX(100)
+
+/*
+ * Stack Layout:
+ * |-------------------|
+ * | KTRAP_FRAME       |
+ * |-------------------| <- rbp
+ * | EXCEPTION_RECORD  |
+ * |-------------------|
+ * | KEXCEPTION_FRAME  |
+ * |-------------------| <- rsp
+ *
+ */
+
+/*
+ * EnterTrap - Allocate KTRAP_FRAME_LENGTH and save registers to it
+ */
+MACRO(EnterTrap, Flags)
+    LOCAL kernel_mode_entry
+
+    /* Save the trap flags for this trap */
+    CurrentTrapFlags = VAL(Flags)
+
+    /* Size of hardware trap frame */
+    if (Flags AND TF_HAS_ERROR_CODE)
+        .pushframe code
+        SIZE_INITIAL_FRAME = 6 * 8
+    else
+        .pushframe
+        SIZE_INITIAL_FRAME = 5 * 8
+    endif
+
+    /* Make room for a KTRAP_FRAME */
+    sub rsp, (KTRAP_FRAME_LENGTH - SIZE_INITIAL_FRAME)
+    .allocstack (KTRAP_FRAME_LENGTH - SIZE_INITIAL_FRAME)
+
+    /* Save rbp and rax */
+    mov [rsp + KTRAP_FRAME_Rbp], rbp
+    .savereg rbp, KTRAP_FRAME_Rbp
+    mov [rsp + KTRAP_FRAME_Rax], rax
+    .savereg rax, KTRAP_FRAME_Rax
+
+    /* Point rbp to the KTRAP_FRAME */
+    lea rbp, [rsp]
+    .setframe rbp, 0
+
+    if (Flags AND TF_NONVOLATILES)
+        /* Save non-volatile registers */
+        mov [rbp + KTRAP_FRAME_Rbx], rbx
+        .savereg rbx, KTRAP_FRAME_Rbx
+        mov [rbp + KTRAP_FRAME_Rdi], rdi
+        .savereg rdi, KTRAP_FRAME_Rdi
+        mov [rbp + KTRAP_FRAME_Rsi], rsi
+        .savereg rsi, KTRAP_FRAME_Rsi
+    endif
+
+    .endprolog
+
+    if (Flags AND TF_VOLATILES)
+        /* Save volatile registers */
+        mov [rbp + KTRAP_FRAME_Rcx], rcx
+        mov [rbp + KTRAP_FRAME_Rdx], rdx
+        mov [rbp + KTRAP_FRAME_R8], r8
+        mov [rbp + KTRAP_FRAME_R9], r9
+        mov [rbp + KTRAP_FRAME_R10], r10
+        mov [rbp + KTRAP_FRAME_R11], r11
+    endif
+
+    if (Flags AND TF_XMM)
+        /* Save xmm registers */
+        movdqa [rbp + KTRAP_FRAME_Xmm0], xmm0
+        movdqa [rbp + KTRAP_FRAME_Xmm1], xmm1
+        movdqa [rbp + KTRAP_FRAME_Xmm2], xmm2
+        movdqa [rbp + KTRAP_FRAME_Xmm3], xmm3
+        movdqa [rbp + KTRAP_FRAME_Xmm4], xmm4
+        movdqa [rbp + KTRAP_FRAME_Xmm5], xmm5
+    endif
+
+    if (Flags AND TF_SEGMENTS)
+        /* Save segment selectors */
+        mov [rbp + KTRAP_FRAME_SegDs], ds
+        mov [rbp + KTRAP_FRAME_SegEs], es
+        mov [rbp + KTRAP_FRAME_SegFs], fs
+        mov [rbp + KTRAP_FRAME_SegGs], gs
+    endif
+
+    /* Save previous mode and check if it was user mode */
+    mov ax, [rbp + KTRAP_FRAME_SegCs]
+    and al, 1
+    mov [rbp + KTRAP_FRAME_PreviousMode], al
+    jz kernel_mode_entry
+
+    /* Set sane segments */
+    mov ax, (KGDT64_R3_DATA or RPL_MASK)
+    mov ds, ax
+    mov es, ax
+    swapgs
+
+kernel_mode_entry:
+
+//    if (Flags AND TF_IRQL)
+        /* Save previous irql */
+        mov rax, cr8
+        mov [rbp + KTRAP_FRAME_PreviousIrql], al
+//    endif
+
+    if (Flags AND TF_DEBUG)
+        /* Save debug registers */
+        mov rax, dr0
+        mov [rbp + KTRAP_FRAME_Dr0], rax
+        mov rax, dr1
+        mov [rbp + KTRAP_FRAME_Dr1], rax
+        mov rax, dr2
+        mov [rbp + KTRAP_FRAME_Dr2], rax
+        mov rax, dr3
+        mov [rbp + KTRAP_FRAME_Dr3], rax
+        mov rax, dr6
+        mov [rbp + KTRAP_FRAME_Dr6], rax
+        mov rax, dr7
+        mov [rbp + KTRAP_FRAME_Dr7], rax
+    endif
+
+    /* Make sure the direction flag is cleared */
+    cld
+ENDM
+
+/*
+ *  ExitTrap - Restore registers and free stack space
+ */
+MACRO(ExitTrap, Flags)
+    LOCAL kernel_mode_return
+
+#if DBG
+        /* Check previous irql */
+        mov rax, cr8
+        cmp [rbp + KTRAP_FRAME_PreviousIrql], al
+        je .irql_ok
+        int 3
+    .irql_ok:
+#endif
+
+    if (Flags AND TF_SEGMENTS)
+        /* Restore segment selectors */
+        mov ds, [rbp + KTRAP_FRAME_SegDs]
+        mov es, [rbp + KTRAP_FRAME_SegEs]
+        mov fs, [rbp + KTRAP_FRAME_SegFs]
+    endif
+
+    if (Flags AND TF_IRQL)
+        /* Restore previous irql */
+        movzx rax, byte ptr [rbp + KTRAP_FRAME_PreviousIrql]
+        mov cr8, rax
+    endif
+
+    /* Check if we came from user mode */
+    test byte ptr [rbp + KTRAP_FRAME_SegCs], 1
+    jz kernel_mode_return
+
+    if (Flags AND TF_CHECKUSERAPC)
+        /* Load current thread into r10 */
+        mov r10, gs:[PcCurrentThread]
+        cmp byte ptr [r10 + KTHREAD_UserApcPending], 0
+        jne KiExitToUserApc
+
+    endif
+
+    /* Swap gs to user mode */
+    swapgs
+
+kernel_mode_return:
+
+    if (Flags AND TF_NONVOLATILES)
+        /* Restore non-volatile registers */
+        mov rbx, [rbp + KTRAP_FRAME_Rbx]
+        mov rdi, [rbp + KTRAP_FRAME_Rdi]
+        mov rsi, [rbp + KTRAP_FRAME_Rsi]
+    endif
+
+    if (Flags AND TF_VOLATILES)
+        /* Restore volatile registers */
+        mov rax, [rbp + KTRAP_FRAME_Rax]
+        mov rcx, [rbp + KTRAP_FRAME_Rcx]
+        mov rdx, [rbp + KTRAP_FRAME_Rdx]
+        mov r8, [rbp + KTRAP_FRAME_R8]
+        mov r9, [rbp + KTRAP_FRAME_R9]
+        mov r10, [rbp + KTRAP_FRAME_R10]
+        mov r11, [rbp + KTRAP_FRAME_R11]
+    endif
+
+    if (Flags AND TF_XMM)
+        /* Restore xmm registers */
+        movdqa xmm0, [rbp + KTRAP_FRAME_Xmm0]
+        movdqa xmm1, [rbp + KTRAP_FRAME_Xmm1]
+        movdqa xmm2, [rbp + KTRAP_FRAME_Xmm2]
+        movdqa xmm3, [rbp + KTRAP_FRAME_Xmm3]
+        movdqa xmm4, [rbp + KTRAP_FRAME_Xmm4]
+        movdqa xmm5, [rbp + KTRAP_FRAME_Xmm5]
+    endif
+
+    /* Restore rbp */
+    mov rbp, [rbp + KTRAP_FRAME_Rbp]
+
+    /* Adjust stack pointer */
+    add rsp, KTRAP_FRAME_Rip
+
+    if (Flags AND TF_SEND_EOI)
+        /* Write 0 to the local APIC EOI register */
+        mov dword ptr [APIC_EOI], 0
+    endif
+
+    /* Return from the trap */
+    iretq
+ENDM
+
+
+MACRO(TRAP_ENTRY, Trap, Flags)
+    EXTERN Trap&Handler :PROC
+    PUBLIC &Trap
+    FUNC &Trap
+        /* Common code to create the trap frame */
+        EnterTrap Flags
+
+        /* Call the C handler */
+        mov rcx, rbp
+        call Trap&Handler
+
+        /* Leave */
+        ExitTrap Flags
+    ENDFUNC
+ENDM
+