1: kd> dt nt!_KPCR +0x000 NtTib : _NT_TIB +0x000 Used_ExceptionList : Ptr32 _EXCEPTION_REGISTRATION_RECORD +0x004 Used_StackBase : Ptr32 Void +0x008 Spare2 : Ptr32 Void +0x00c TssCopy : Ptr32 Void +0x010 ContextSwitches : Uint4B +0x014 SetMemberCopy : Uint4B +0x018 Used_Self : Ptr32 Void +0x01c SelfPcr : Ptr32 _KPCR +0x020 Prcb : Ptr32 _KPRCB +0x024 Irql : UChar +0x028 IRR : Uint4B +0x02c IrrActive : Uint4B +0x030 IDR : Uint4B +0x034 KdVersionBlock : Ptr32 Void +0x038 IDT : Ptr32 _KIDTENTRY +0x03c GDT : Ptr32 _KGDTENTRY +0x040 TSS : Ptr32 _KTSS +0x044 MajorVersion : Uint2B +0x046 MinorVersion : Uint2B +0x048 SetMember : Uint4B +0x04c StallScaleFactor : Uint4B +0x050 SpareUnused : UChar +0x051 Number : UChar +0x052 Spare0 : UChar +0x053 SecondLevelCacheAssociativity : UChar +0x054 VdmAlert : Uint4B +0x058 KernelReserved : [14] Uint4B +0x090 SecondLevelCacheSize : Uint4B +0x094 HalReserved : [16] Uint4B +0x0d4 InterruptMode : Uint4B +0x0d8 Spare1 : UChar +0x0dc KernelReserved2 : [17] Uint4B +0x120 PrcbData : _KPRCB 1: kd> dt nt!_KPRCB +0x000 MinorVersion : Uint2B +0x002 MajorVersion : Uint2B +0x004 CurrentThread : Ptr32 _KTHREAD +0x008 NextThread : Ptr32 _KTHREAD +0x00c IdleThread : Ptr32 _KTHREAD +0x010 LegacyNumber : UChar +0x011 NestingLevel : UChar +0x012 BuildType : Uint2B +0x014 CpuType : Char +0x015 CpuID : Char +0x016 CpuStep : Uint2B +0x016 CpuStepping : UChar +0x017 CpuModel : UChar +0x018 ProcessorState : _KPROCESSOR_STATE +0x338 KernelReserved : [16] Uint4B +0x378 HalReserved : [16] Uint4B +0x3b8 CFlushSize : Uint4B +0x3bc CoresPerPhysicalProcessor : UChar +0x3bd LogicalProcessorsPerCore : UChar +0x3be PrcbPad0 : [2] UChar +0x3c0 MHz : Uint4B +0x3c4 CpuVendor : UChar +0x3c5 GroupIndex : UChar +0x3c6 Group : Uint2B +0x3c8 GroupSetMember : Uint4B +0x3cc Number : Uint4B +0x3d0 PrcbPad1 : [72] UChar +0x418 LockQueue : [49] _KSPIN_LOCK_QUEUE +0x5a0 NpxThread : Ptr32 _KTHREAD +0x5a4 InterruptCount : Uint4B +0x5a8 KernelTime : Uint4B +0x5ac UserTime : Uint4B +0x5b0 DpcTime : Uint4B +0x5b4 DpcTimeCount : Uint4B +0x5b8 InterruptTime : Uint4B +0x5bc AdjustDpcThreshold : Uint4B +0x5c0 PageColor : Uint4B +0x5c4 DebuggerSavedIRQL : UChar +0x5c5 NodeColor : UChar +0x5c6 PrcbPad20 : [2] UChar +0x5c8 NodeShiftedColor : Uint4B +0x5cc ParentNode : Ptr32 _KNODE +0x5d0 SecondaryColorMask : Uint4B +0x5d4 DpcTimeLimit : Uint4B +0x5d8 PrcbPad21 : [2] Uint4B +0x5e0 CcFastReadNoWait : Uint4B +0x5e4 CcFastReadWait : Uint4B +0x5e8 CcFastReadNotPossible : Uint4B +0x5ec CcCopyReadNoWait : Uint4B +0x5f0 CcCopyReadWait : Uint4B +0x5f4 CcCopyReadNoWaitMiss : Uint4B +0x5f8 MmSpinLockOrdering : Int4B +0x5fc IoReadOperationCount : Int4B +0x600 IoWriteOperationCount : Int4B +0x604 IoOtherOperationCount : Int4B +0x608 IoReadTransferCount : _LARGE_INTEGER +0x610 IoWriteTransferCount : _LARGE_INTEGER +0x618 IoOtherTransferCount : _LARGE_INTEGER +0x620 CcFastMdlReadNoWait : Uint4B +0x624 CcFastMdlReadWait : Uint4B +0x628 CcFastMdlReadNotPossible : Uint4B +0x62c CcMapDataNoWait : Uint4B +0x630 CcMapDataWait : Uint4B +0x634 CcPinMappedDataCount : Uint4B +0x638 CcPinReadNoWait : Uint4B +0x63c CcPinReadWait : Uint4B +0x640 CcMdlReadNoWait : Uint4B +0x644 CcMdlReadWait : Uint4B +0x648 CcLazyWriteHotSpots : Uint4B +0x64c CcLazyWriteIos : Uint4B +0x650 CcLazyWritePages : Uint4B +0x654 CcDataFlushes : Uint4B +0x658 CcDataPages : Uint4B +0x65c CcLostDelayedWrites : Uint4B +0x660 CcFastReadResourceMiss : Uint4B +0x664 CcCopyReadWaitMiss : Uint4B +0x668 CcFastMdlReadResourceMiss : Uint4B +0x66c CcMapDataNoWaitMiss : Uint4B +0x670 CcMapDataWaitMiss : Uint4B +0x674 CcPinReadNoWaitMiss : Uint4B +0x678 CcPinReadWaitMiss : Uint4B +0x67c CcMdlReadNoWaitMiss : Uint4B +0x680 CcMdlReadWaitMiss : Uint4B +0x684 CcReadAheadIos : Uint4B +0x688 KeAlignmentFixupCount : Uint4B +0x68c KeExceptionDispatchCount : Uint4B +0x690 KeSystemCalls : Uint4B +0x694 AvailableTime : Uint4B +0x698 PrcbPad22 : [2] Uint4B +0x6a0 PPLookasideList : [16] _PP_LOOKASIDE_LIST +0x720 PPNPagedLookasideList : [32] _GENERAL_LOOKASIDE_POOL +0x1020 PPPagedLookasideList : [32] _GENERAL_LOOKASIDE_POOL +0x1920 PacketBarrier : Uint4B +0x1924 ReverseStall : Int4B +0x1928 IpiFrame : Ptr32 Void +0x192c PrcbPad3 : [52] UChar +0x1960 CurrentPacket : [3] Ptr32 Void +0x196c TargetSet : Uint4B +0x1970 WorkerRoutine : Ptr32 void +0x1974 IpiFrozen : Uint4B +0x1978 PrcbPad4 : [40] UChar +0x19a0 RequestSummary : Uint4B +0x19a4 SignalDone : Ptr32 _KPRCB +0x19a8 PrcbPad50 : [56] UChar +0x19e0 DpcData : [2] _KDPC_DATA +0x1a08 DpcStack : Ptr32 Void +0x1a0c MaximumDpcQueueDepth : Int4B +0x1a10 DpcRequestRate : Uint4B +0x1a14 MinimumDpcRate : Uint4B +0x1a18 PrcbPad41 : Uint4B +0x1a1c PrcbLock : Uint4B +0x1a20 DpcLastCount : Uint4B +0x1a24 TimerHand : Uint4B +0x1a28 TimerRequest : Uint4B +0x1a2c TimerExpiry : Ptr32 Ptr32 _KTIMER +0x1a30 DpcGate : _KGATE +0x1a40 ThreadDpcEnable : UChar +0x1a41 QuantumEnd : UChar +0x1a42 DpcRoutineActive : UChar +0x1a43 IdleSchedule : UChar +0x1a44 DpcRequestSummary : Int4B +0x1a44 DpcRequestSlot : [2] Int2B +0x1a44 NormalDpcState : Int2B +0x1a46 DpcThreadActive : Pos 0, 1 Bit +0x1a46 ThreadDpcState : Int2B +0x1a48 PrcbPad42 : Uint4B +0x1a4c PeriodicCount : Uint4B +0x1a50 PeriodicBias : Uint4B +0x1a58 TickOffset : Uint8B +0x1a60 CallDpc : _KDPC +0x1a80 ClockKeepAlive : Int4B +0x1a84 ClockCheckSlot : UChar +0x1a85 ClockPollCycle : UChar +0x1a86 PrcbPad6 : [2] UChar +0x1a88 DpcWatchdogPeriod : Int4B +0x1a8c DpcWatchdogCount : Int4B +0x1a90 ThreadWatchdogPeriod : Int4B +0x1a94 ThreadWatchdogCount : Int4B +0x1a98 KeSpinLockOrdering : Int4B +0x1a9c PrcbPad70 : [1] Uint4B +0x1aa0 WaitListHead : _LIST_ENTRY +0x1aa8 WaitLock : Uint4B +0x1aac ReadySummary : Uint4B +0x1ab0 QueueIndex : Uint4B +0x1ab4 DeferredReadyListHead : _SINGLE_LIST_ENTRY +0x1ab8 StartCycles : Uint8B +0x1ac0 CycleTime : Uint8B +0x1ac8 HighCycleTime : Uint4B +0x1acc PrcbPad71 : Uint4B +0x1ad0 PrcbPad72 : [2] Uint8B +0x1ae0 DispatcherReadyListHead : [32] _LIST_ENTRY +0x1be0 ChainedInterruptList : Ptr32 Void +0x1be4 LookasideIrpFloat : Int4B +0x1be8 MmPageFaultCount : Int4B +0x1bec MmCopyOnWriteCount : Int4B +0x1bf0 MmTransitionCount : Int4B +0x1bf4 MmCacheTransitionCount : Int4B +0x1bf8 MmDemandZeroCount : Int4B +0x1bfc MmPageReadCount : Int4B +0x1c00 MmPageReadIoCount : Int4B +0x1c04 MmCacheReadCount : Int4B +0x1c08 MmCacheIoCount : Int4B +0x1c0c MmDirtyPagesWriteCount : Int4B +0x1c10 MmDirtyWriteIoCount : Int4B +0x1c14 MmMappedPagesWriteCount : Int4B +0x1c18 MmMappedWriteIoCount : Int4B +0x1c1c CachedCommit : Uint4B +0x1c20 CachedResidentAvailable : Uint4B +0x1c24 HyperPte : Ptr32 Void +0x1c28 PrcbPad8 : [4] UChar +0x1c2c VendorString : [13] UChar +0x1c39 InitialApicId : UChar +0x1c3a LogicalProcessorsPerPhysicalProcessor : UChar +0x1c3b PrcbPad9 : [5] UChar +0x1c40 FeatureBits : Uint4B +0x1c48 UpdateSignature : _LARGE_INTEGER +0x1c50 IsrTime : Uint8B +0x1c58 RuntimeAccumulation : Uint8B +0x1c60 PowerState : _PROCESSOR_POWER_STATE +0x1d30 DpcWatchdogDpc : _KDPC +0x1d50 DpcWatchdogTimer : _KTIMER +0x1d78 WheaInfo : Ptr32 Void +0x1d7c EtwSupport : Ptr32 Void +0x1d80 InterruptObjectPool : _SLIST_HEADER +0x1d88 HypercallPageList : _SLIST_HEADER +0x1d90 HypercallPageVirtual : Ptr32 Void +0x1d94 VirtualApicAssist : Ptr32 Void +0x1d98 StatisticsPage : Ptr32 Uint8B +0x1d9c RateControl : Ptr32 Void +0x1da0 Cache : [5] _CACHE_DESCRIPTOR +0x1ddc CacheCount : Uint4B +0x1de0 CacheProcessorMask : [5] Uint4B +0x1df4 PackageProcessorSet : Uint4B +0x1df8 CoreProcessorSet : Uint4B +0x1dfc PrcbPad10 : [36] UChar +0x1e20 SpinLockAcquireCount : Uint4B +0x1e24 SpinLockContentionCount : Uint4B +0x1e28 SpinLockSpinCount : Uint4B +0x1e2c IpiSendRequestBroadcastCount : Uint4B +0x1e30 IpiSendRequestRoutineCount : Uint4B +0x1e34 IpiSendSoftwareInterruptCount : Uint4B +0x1e38 ExInitializeResourceCount : Uint4B +0x1e3c ExReInitializeResourceCount : Uint4B +0x1e40 ExDeleteResourceCount : Uint4B +0x1e44 ExecutiveResourceAcquiresCount : Uint4B +0x1e48 ExecutiveResourceContentionsCount : Uint4B +0x1e4c ExecutiveResourceReleaseExclusiveCount : Uint4B +0x1e50 ExecutiveResourceReleaseSharedCount : Uint4B +0x1e54 ExecutiveResourceConvertsCount : Uint4B +0x1e58 ExAcqResExclusiveAttempts : Uint4B +0x1e5c ExAcqResExclusiveAcquiresExclusive : Uint4B +0x1e60 ExAcqResExclusiveAcquiresExclusiveRecursive : Uint4B +0x1e64 ExAcqResExclusiveWaits : Uint4B +0x1e68 ExAcqResExclusiveNotAcquires : Uint4B +0x1e6c ExAcqResSharedAttempts : Uint4B +0x1e70 ExAcqResSharedAcquiresExclusive : Uint4B +0x1e74 ExAcqResSharedAcquiresShared : Uint4B +0x1e78 ExAcqResSharedAcquiresSharedRecursive : Uint4B +0x1e7c ExAcqResSharedWaits : Uint4B +0x1e80 ExAcqResSharedNotAcquires : Uint4B +0x1e84 ExAcqResSharedStarveExclusiveAttempts : Uint4B +0x1e88 ExAcqResSharedStarveExclusiveAcquiresExclusive : Uint4B +0x1e8c ExAcqResSharedStarveExclusiveAcquiresShared : Uint4B +0x1e90 ExAcqResSharedStarveExclusiveAcquiresSharedRecursive : Uint4B +0x1e94 ExAcqResSharedStarveExclusiveWaits : Uint4B +0x1e98 ExAcqResSharedStarveExclusiveNotAcquires : Uint4B +0x1e9c ExAcqResSharedWaitForExclusiveAttempts : Uint4B +0x1ea0 ExAcqResSharedWaitForExclusiveAcquiresExclusive : Uint4B +0x1ea4 ExAcqResSharedWaitForExclusiveAcquiresShared : Uint4B +0x1ea8 ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive : Uint4B +0x1eac ExAcqResSharedWaitForExclusiveWaits : Uint4B +0x1eb0 ExAcqResSharedWaitForExclusiveNotAcquires : Uint4B +0x1eb4 ExSetResOwnerPointerExclusive : Uint4B +0x1eb8 ExSetResOwnerPointerSharedNew : Uint4B +0x1ebc ExSetResOwnerPointerSharedOld : Uint4B +0x1ec0 ExTryToAcqExclusiveAttempts : Uint4B +0x1ec4 ExTryToAcqExclusiveAcquires : Uint4B +0x1ec8 ExBoostExclusiveOwner : Uint4B +0x1ecc ExBoostSharedOwners : Uint4B +0x1ed0 ExEtwSynchTrackingNotificationsCount : Uint4B +0x1ed4 ExEtwSynchTrackingNotificationsAccountedCount : Uint4B +0x1ed8 Context : Ptr32 _CONTEXT +0x1edc ContextFlags : Uint4B +0x1ee0 ExtendedState : Ptr32 _XSAVE_AREA 1: kd> dt nt!_KTHREAD +0x000 Header : _DISPATCHER_HEADER +0x010 CycleTime : Uint8B +0x018 HighCycleTime : Uint4B +0x020 QuantumTarget : Uint8B +0x028 InitialStack : Ptr32 Void +0x02c StackLimit : Ptr32 Void +0x030 KernelStack : Ptr32 Void +0x034 ThreadLock : Uint4B +0x038 WaitRegister : _KWAIT_STATUS_REGISTER +0x039 Running : UChar +0x03a Alerted : [2] UChar +0x03c KernelStackResident : Pos 0, 1 Bit +0x03c ReadyTransition : Pos 1, 1 Bit +0x03c ProcessReadyQueue : Pos 2, 1 Bit +0x03c WaitNext : Pos 3, 1 Bit +0x03c SystemAffinityActive : Pos 4, 1 Bit +0x03c Alertable : Pos 5, 1 Bit +0x03c GdiFlushActive : Pos 6, 1 Bit +0x03c UserStackWalkActive : Pos 7, 1 Bit +0x03c ApcInterruptRequest : Pos 8, 1 Bit +0x03c ForceDeferSchedule : Pos 9, 1 Bit +0x03c QuantumEndMigrate : Pos 10, 1 Bit +0x03c Reserved1 : Pos 11, 1 Bit +0x03c Reserved2 : Pos 12, 20 Bits +0x03c MiscFlags : Int4B +0x040 ApcState : _KAPC_STATE +0x040 ApcStateFill : [23] UChar +0x057 Priority : Char +0x058 NextProcessor : Uint4B +0x05c DeferredProcessor : Uint4B +0x060 ApcQueueLock : Uint4B +0x064 ContextSwitches : Uint4B +0x068 State : UChar +0x069 NpxState : Char +0x06a WaitIrql : UChar +0x06b WaitMode : Char +0x06c WaitStatus : Int4B +0x070 WaitBlockList : Ptr32 _KWAIT_BLOCK +0x074 WaitListEntry : _LIST_ENTRY +0x074 SwapListEntry : _SINGLE_LIST_ENTRY +0x07c Queue : Ptr32 _KQUEUE +0x080 WaitTime : Uint4B +0x084 KernelApcDisable : Int2B +0x086 SpecialApcDisable : Int2B +0x084 CombinedApcDisable : Uint4B +0x088 Teb : Ptr32 Void +0x090 Timer : _KTIMER +0x090 TimerFill : [40] UChar +0x0b8 AutoAlignment : Pos 0, 1 Bit +0x0b8 DisableBoost : Pos 1, 1 Bit +0x0b8 EtwStackTraceApc1Inserted : Pos 2, 1 Bit +0x0b8 EtwStackTraceApc2Inserted : Pos 3, 1 Bit +0x0b8 CalloutActive : Pos 4, 1 Bit +0x0b8 ApcQueueable : Pos 5, 1 Bit +0x0b8 EnableStackSwap : Pos 6, 1 Bit +0x0b8 GuiThread : Pos 7, 1 Bit +0x0b8 ReservedFlags : Pos 8, 24 Bits +0x0b8 ThreadFlags : Int4B +0x0c0 WaitBlock : [4] _KWAIT_BLOCK +0x120 QueueListEntry : _LIST_ENTRY +0x128 TrapFrame : Ptr32 _KTRAP_FRAME +0x12c FirstArgument : Ptr32 Void +0x130 CallbackStack : Ptr32 Void +0x130 CallbackDepth : Uint4B +0x134 ServiceTable : Ptr32 Void +0x138 ApcStateIndex : UChar +0x139 BasePriority : Char +0x13a PriorityDecrement : Char +0x13a ForegroundBoost : Pos 0, 4 Bits +0x13a UnusualBoost : Pos 4, 4 Bits +0x13b Preempted : UChar +0x13c AdjustReason : UChar +0x13d AdjustIncrement : Char +0x13e PreviousMode : Char +0x13f Saturation : Char +0x140 SystemCallNumber : Uint4B +0x144 FreezeCount : Uint4B +0x148 UserAffinity : _GROUP_AFFINITY +0x154 Process : Ptr32 _KPROCESS +0x158 Affinity : _GROUP_AFFINITY +0x164 IdealProcessor : Uint4B +0x168 UserIdealProcessor : Uint4B +0x16c ApcStatePointer : [2] Ptr32 _KAPC_STATE +0x174 SavedApcState : _KAPC_STATE +0x174 SavedApcStateFill : [23] UChar +0x18b WaitReason : UChar +0x18c SuspendCount : Char +0x18d Spare1 : Char +0x18e OtherPlatformFill : UChar +0x190 Win32Thread : Ptr32 Void +0x194 StackBase : Ptr32 Void +0x198 SuspendApc : _KAPC +0x198 SuspendApcFill0 : [1] UChar +0x199 ResourceIndex : UChar +0x198 SuspendApcFill1 : [3] UChar +0x19b QuantumReset : UChar +0x198 SuspendApcFill2 : [4] UChar +0x19c KernelTime : Uint4B +0x198 SuspendApcFill3 : [36] UChar +0x1bc WaitPrcb : Ptr32 _KPRCB +0x198 SuspendApcFill4 : [40] UChar +0x1c0 LegoData : Ptr32 Void +0x198 SuspendApcFill5 : [47] UChar +0x1c7 LargeStack : UChar +0x1c8 UserTime : Uint4B +0x1cc SuspendSemaphore : _KSEMAPHORE +0x1cc SuspendSemaphorefill : [20] UChar +0x1e0 SListFaultCount : Uint4B +0x1e4 ThreadListEntry : _LIST_ENTRY +0x1ec MutantListHead : _LIST_ENTRY +0x1f4 SListFaultAddress : Ptr32 Void +0x1f8 ThreadCounters : Ptr32 _KTHREAD_COUNTERS +0x1fc XStateSave : Ptr32 _XSTATE_SAVE 1: kd> dt nt!_ETHREAD +0x000 Tcb : _KTHREAD +0x200 CreateTime : _LARGE_INTEGER +0x208 ExitTime : _LARGE_INTEGER +0x208 KeyedWaitChain : _LIST_ENTRY +0x210 ExitStatus : Int4B +0x210 OfsChain : Ptr32 Void +0x214 PostBlockList : _LIST_ENTRY +0x214 ForwardLinkShadow : Ptr32 Void +0x218 StartAddress : Ptr32 Void +0x21c TerminationPort : Ptr32 _TERMINATION_PORT +0x21c ReaperLink : Ptr32 _ETHREAD +0x21c KeyedWaitValue : Ptr32 Void +0x220 ActiveTimerListLock : Uint4B +0x224 ActiveTimerListHead : _LIST_ENTRY +0x22c Cid : _CLIENT_ID +0x234 KeyedWaitSemaphore : _KSEMAPHORE +0x234 AlpcWaitSemaphore : _KSEMAPHORE +0x248 ClientSecurity : _PS_CLIENT_SECURITY_CONTEXT +0x24c IrpList : _LIST_ENTRY +0x254 TopLevelIrp : Uint4B +0x258 DeviceToVerify : Ptr32 _DEVICE_OBJECT +0x25c CpuQuotaApc : Ptr32 _PSP_CPU_QUOTA_APC +0x260 Win32StartAddress : Ptr32 Void +0x264 LegacyPowerObject : Ptr32 Void +0x268 ThreadListEntry : _LIST_ENTRY +0x270 RundownProtect : _EX_RUNDOWN_REF +0x274 ThreadLock : _EX_PUSH_LOCK +0x278 ReadClusterSize : Uint4B +0x27c MmLockOrdering : Int4B +0x280 CrossThreadFlags : Uint4B +0x280 Terminated : Pos 0, 1 Bit +0x280 ThreadInserted : Pos 1, 1 Bit +0x280 HideFromDebugger : Pos 2, 1 Bit +0x280 ActiveImpersonationInfo : Pos 3, 1 Bit +0x280 SystemThread : Pos 4, 1 Bit +0x280 HardErrorsAreDisabled : Pos 5, 1 Bit +0x280 BreakOnTermination : Pos 6, 1 Bit +0x280 SkipCreationMsg : Pos 7, 1 Bit +0x280 SkipTerminationMsg : Pos 8, 1 Bit +0x280 CopyTokenOnOpen : Pos 9, 1 Bit +0x280 ThreadIoPriority : Pos 10, 3 Bits +0x280 ThreadPagePriority : Pos 13, 3 Bits +0x280 RundownFail : Pos 16, 1 Bit +0x284 SameThreadPassiveFlags : Uint4B +0x284 ActiveExWorker : Pos 0, 1 Bit +0x284 ExWorkerCanWaitUser : Pos 1, 1 Bit +0x284 MemoryMaker : Pos 2, 1 Bit +0x284 ClonedThread : Pos 3, 1 Bit +0x284 KeyedEventInUse : Pos 4, 1 Bit +0x284 RateApcState : Pos 5, 2 Bits +0x284 SelfTerminate : Pos 7, 1 Bit +0x288 SameThreadApcFlags : Uint4B +0x288 Spare : Pos 0, 1 Bit +0x288 StartAddressInvalid : Pos 1, 1 Bit +0x288 EtwPageFaultCalloutActive : Pos 2, 1 Bit +0x288 OwnsProcessWorkingSetExclusive : Pos 3, 1 Bit +0x288 OwnsProcessWorkingSetShared : Pos 4, 1 Bit +0x288 OwnsSystemCacheWorkingSetExclusive : Pos 5, 1 Bit +0x288 OwnsSystemCacheWorkingSetShared : Pos 6, 1 Bit +0x288 OwnsSessionWorkingSetExclusive : Pos 7, 1 Bit +0x289 OwnsSessionWorkingSetShared : Pos 0, 1 Bit +0x289 OwnsProcessAddressSpaceExclusive : Pos 1, 1 Bit +0x289 OwnsProcessAddressSpaceShared : Pos 2, 1 Bit +0x289 SuppressSymbolLoad : Pos 3, 1 Bit +0x289 Prefetching : Pos 4, 1 Bit +0x289 OwnsDynamicMemoryShared : Pos 5, 1 Bit +0x289 OwnsChangeControlAreaExclusive : Pos 6, 1 Bit +0x289 OwnsChangeControlAreaShared : Pos 7, 1 Bit +0x28a OwnsPagedPoolWorkingSetExclusive : Pos 0, 1 Bit +0x28a OwnsPagedPoolWorkingSetShared : Pos 1, 1 Bit +0x28a OwnsSystemPtesWorkingSetExclusive : Pos 2, 1 Bit +0x28a OwnsSystemPtesWorkingSetShared : Pos 3, 1 Bit +0x28a Spare1 : Pos 4, 4 Bits +0x28b PriorityRegionActive : UChar +0x28c CacheManagerActive : UChar +0x28d DisablePageFaultClustering : UChar +0x28e ActiveFaultCount : UChar +0x28f LockOrderState : UChar +0x290 AlpcMessageId : Uint4B +0x294 AlpcMessage : Ptr32 Void +0x294 AlpcReceiveAttributeSet : Uint4B +0x298 AlpcWaitListEntry : _LIST_ENTRY +0x2a0 CacheManagerCount : Uint4B +0x2a4 CmCallbackCount : Uint4B +0x2a8 IrpListLock : Uint4B +0x2ac IoBoostCount : Uint4B +0x2b0 ReservedForSynchTracking : Ptr32 Void 1: kd> dt nt!_KPROCESS +0x000 Header : _DISPATCHER_HEADER +0x010 ProfileListHead : _LIST_ENTRY +0x018 DirectoryTableBase : Uint4B +0x01c LdtDescriptor : _KGDTENTRY +0x024 Int21Descriptor : _KIDTENTRY +0x02c ActiveProcessors : _KAFFINITY_EX +0x038 KernelTime : Uint4B +0x03c UserTime : Uint4B +0x040 ReadyListHead : _LIST_ENTRY +0x048 SwapListEntry : _SINGLE_LIST_ENTRY +0x04c VdmTrapcHandler : Ptr32 Void +0x050 ThreadListHead : _LIST_ENTRY +0x058 ProcessLock : Uint4B +0x05c Affinity : _KAFFINITY_EX +0x068 AutoAlignment : Pos 0, 1 Bit +0x068 DisableBoost : Pos 1, 1 Bit +0x068 DisableQuantum : Pos 2, 1 Bit +0x068 ActiveGroupsMask : Pos 3, 1 Bit +0x068 ReservedFlags : Pos 4, 28 Bits +0x068 ProcessFlags : Int4B +0x06c BasePriority : Char +0x06d QuantumReset : Char +0x06e Visited : UChar +0x06f Unused3 : UChar +0x070 ThreadSeed : [1] Uint4B +0x074 IdealNode : [1] Uint2B +0x076 IdealGlobalNode : Uint2B +0x078 Flags : _KEXECUTE_OPTIONS +0x078 ExecuteOptions : UChar +0x079 Unused1 : UChar +0x07a IopmOffset : Uint2B +0x07c Unused4 : Uint4B +0x080 StackCount : _KSTACK_COUNT +0x084 ProcessListEntry : _LIST_ENTRY +0x090 CycleTime : Uint8B 1: kd> dt nt!_EPROCESS +0x000 Pcb : _KPROCESS +0x098 ProcessLock : _EX_PUSH_LOCK +0x0a0 CreateTime : _LARGE_INTEGER +0x0a8 ExitTime : _LARGE_INTEGER +0x0b0 RundownProtect : _EX_RUNDOWN_REF +0x0b4 UniqueProcessId : Ptr32 Void +0x0b8 ActiveProcessLinks : _LIST_ENTRY +0x0c0 ProcessQuotaUsage : [2] Uint4B +0x0c8 ProcessQuotaPeak : [2] Uint4B +0x0d0 CommitCharge : Uint4B +0x0d4 SpareUlongPtr : [2] Uint4B +0x0dc PeakVirtualSize : Uint4B +0x0e0 VirtualSize : Uint4B +0x0e4 SessionProcessLinks : _LIST_ENTRY +0x0ec DebugPort : Ptr32 Void +0x0f0 ExceptionPortData : Ptr32 Void +0x0f0 ExceptionPortValue : Uint4B +0x0f0 ExceptionPortState : Pos 0, 3 Bits +0x0f4 ObjectTable : Ptr32 _HANDLE_TABLE +0x0f8 Token : _EX_FAST_REF +0x0fc WorkingSetPage : Uint4B +0x100 AddressCreationLock : _EX_PUSH_LOCK +0x104 RotateInProgress : Ptr32 _ETHREAD +0x108 ForkInProgress : Ptr32 _ETHREAD +0x10c HardwareTrigger : Uint4B +0x110 PhysicalVadRoot : Ptr32 _MM_AVL_TABLE +0x114 CloneRoot : Ptr32 Void +0x118 NumberOfPrivatePages : Uint4B +0x11c NumberOfLockedPages : Uint4B +0x120 Win32Process : Ptr32 Void +0x124 Job : Ptr32 _EJOB +0x128 SectionObject : Ptr32 Void +0x12c SectionBaseAddress : Ptr32 Void +0x130 QuotaBlock : Ptr32 _EPROCESS_QUOTA_BLOCK +0x134 WorkingSetWatch : Ptr32 _PAGEFAULT_HISTORY +0x138 Win32WindowStation : Ptr32 Void +0x13c InheritedFromUniqueProcessId : Ptr32 Void +0x140 LdtInformation : Ptr32 Void +0x144 Spare : Ptr32 Void +0x148 VdmObjects : Ptr32 Void +0x14c DeviceMap : Ptr32 Void +0x150 EtwDataSource : Ptr32 Void +0x154 FreeTebHint : Ptr32 Void +0x158 PageDirectoryPte : _HARDWARE_PTE +0x158 Filler : Uint8B +0x160 Session : Ptr32 Void +0x164 ImageFileName : [16] UChar +0x174 JobLinks : _LIST_ENTRY +0x17c LockedPagesList : Ptr32 Void +0x180 ThreadListHead : _LIST_ENTRY +0x188 SecurityPort : Ptr32 Void +0x18c PaeTop : Ptr32 Void +0x190 ActiveThreads : Uint4B +0x194 ImagePathHash : Uint4B +0x198 DefaultHardErrorProcessing : Uint4B +0x19c LastThreadExitStatus : Int4B +0x1a0 Peb : Ptr32 _PEB +0x1a4 PrefetchTrace : _EX_FAST_REF +0x1a8 ReadOperationCount : _LARGE_INTEGER +0x1b0 WriteOperationCount : _LARGE_INTEGER +0x1b8 OtherOperationCount : _LARGE_INTEGER +0x1c0 ReadTransferCount : _LARGE_INTEGER +0x1c8 WriteTransferCount : _LARGE_INTEGER +0x1d0 OtherTransferCount : _LARGE_INTEGER +0x1d8 CommitChargeLimit : Uint4B +0x1dc CommitChargePeak : Uint4B +0x1e0 AweInfo : Ptr32 Void +0x1e4 SeAuditProcessCreationInfo : _SE_AUDIT_PROCESS_CREATION_INFO +0x1e8 Vm : _MMSUPPORT +0x250 MmProcessLinks : _LIST_ENTRY +0x258 ModifiedPageCount : Uint4B +0x25c Flags2 : Uint4B +0x25c JobNotReallyActive : Pos 0, 1 Bit +0x25c AccountingFolded : Pos 1, 1 Bit +0x25c NewProcessReported : Pos 2, 1 Bit +0x25c ExitProcessReported : Pos 3, 1 Bit +0x25c ReportCommitChanges : Pos 4, 1 Bit +0x25c LastReportMemory : Pos 5, 1 Bit +0x25c ReportPhysicalPageChanges : Pos 6, 1 Bit +0x25c HandleTableRundown : Pos 7, 1 Bit +0x25c NeedsHandleRundown : Pos 8, 1 Bit +0x25c RefTraceEnabled : Pos 9, 1 Bit +0x25c NumaAware : Pos 10, 1 Bit +0x25c ProtectedProcess : Pos 11, 1 Bit +0x25c DefaultPagePriority : Pos 12, 3 Bits +0x25c PrimaryTokenFrozen : Pos 15, 1 Bit +0x25c ProcessVerifierTarget : Pos 16, 1 Bit +0x25c StackRandomizationDisabled : Pos 17, 1 Bit +0x25c AffinityPermanent : Pos 18, 1 Bit +0x25c AffinityUpdateEnable : Pos 19, 1 Bit +0x25c CrossSessionCreate : Pos 20, 1 Bit +0x260 Flags : Uint4B +0x260 CreateReported : Pos 0, 1 Bit +0x260 NoDebugInherit : Pos 1, 1 Bit +0x260 ProcessExiting : Pos 2, 1 Bit +0x260 ProcessDelete : Pos 3, 1 Bit +0x260 Wow64SplitPages : Pos 4, 1 Bit +0x260 VmDeleted : Pos 5, 1 Bit +0x260 OutswapEnabled : Pos 6, 1 Bit +0x260 Outswapped : Pos 7, 1 Bit +0x260 ForkFailed : Pos 8, 1 Bit +0x260 Wow64VaSpace4Gb : Pos 9, 1 Bit +0x260 AddressSpaceInitialized : Pos 10, 2 Bits +0x260 SetTimerResolution : Pos 12, 1 Bit +0x260 BreakOnTermination : Pos 13, 1 Bit +0x260 DeprioritizeViews : Pos 14, 1 Bit +0x260 WriteWatch : Pos 15, 1 Bit +0x260 ProcessInSession : Pos 16, 1 Bit +0x260 OverrideAddressSpace : Pos 17, 1 Bit +0x260 HasAddressSpace : Pos 18, 1 Bit +0x260 LaunchPrefetched : Pos 19, 1 Bit +0x260 InjectInpageErrors : Pos 20, 1 Bit +0x260 VmTopDown : Pos 21, 1 Bit +0x260 ImageNotifyDone : Pos 22, 1 Bit +0x260 PdeUpdateNeeded : Pos 23, 1 Bit +0x260 VdmAllowed : Pos 24, 1 Bit +0x260 PropagateNode : Pos 25, 1 Bit +0x260 ProcessInserted : Pos 26, 1 Bit +0x260 DefaultIoPriority : Pos 27, 3 Bits +0x260 ProcessSelfDelete : Pos 30, 1 Bit +0x260 SpareProcessFlags : Pos 31, 1 Bit +0x264 ExitStatus : Int4B +0x268 Spare7 : Uint2B +0x26a SubSystemMinorVersion : UChar +0x26b SubSystemMajorVersion : UChar +0x26a SubSystemVersion : Uint2B +0x26c PriorityClass : UChar +0x270 VadRoot : _MM_AVL_TABLE +0x290 Cookie : Uint4B +0x294 Spare8 : Uint4B +0x298 AlpcContext : _ALPC_PROCESS_CONTEXT +0x2a8 TimerResolutionLink : _LIST_ENTRY +0x2b0 RequestedTimerResolution : Uint4B +0x2b4 ActiveThreadsHighWatermark : Uint4B +0x2b8 ConsoleHostProcess : Uint4B +0x2bc CpuQuotaBlock : Ptr32 _PS_CPU_QUOTA_BLOCK 1: kd> dt nt!_PEB +0x000 InheritedAddressSpace : UChar +0x001 ReadImageFileExecOptions : UChar +0x002 BeingDebugged : UChar +0x003 BitField : UChar +0x003 ImageUsesLargePages : Pos 0, 1 Bit +0x003 IsProtectedProcess : Pos 1, 1 Bit +0x003 IsLegacyProcess : Pos 2, 1 Bit +0x003 IsImageDynamicallyRelocated : Pos 3, 1 Bit +0x003 SkipPatchingUser32Forwarders : Pos 4, 1 Bit +0x003 SpareBits : Pos 5, 3 Bits +0x004 Mutant : Ptr32 Void +0x008 ImageBaseAddress : Ptr32 Void +0x00c Ldr : Ptr32 _PEB_LDR_DATA +0x010 ProcessParameters : Ptr32 _RTL_USER_PROCESS_PARAMETERS +0x014 SubSystemData : Ptr32 Void +0x018 ProcessHeap : Ptr32 Void +0x01c FastPebLock : Ptr32 _RTL_CRITICAL_SECTION +0x020 AtlThunkSListPtr : Ptr32 Void +0x024 IFEOKey : Ptr32 Void +0x028 CrossProcessFlags : Uint4B +0x028 ProcessInJob : Pos 0, 1 Bit +0x028 ProcessInitializing : Pos 1, 1 Bit +0x028 ProcessUsingVEH : Pos 2, 1 Bit +0x028 ProcessUsingVCH : Pos 3, 1 Bit +0x028 ProcessUsingFTH : Pos 4, 1 Bit +0x028 ReservedBits0 : Pos 5, 27 Bits +0x02c KernelCallbackTable : Ptr32 Void +0x02c UserSharedInfoPtr : Ptr32 Void +0x030 SystemReserved : [1] Uint4B +0x034 TracingFlags : Uint4B +0x034 HeapTracingEnabled : Pos 0, 1 Bit +0x034 CritSecTracingEnabled : Pos 1, 1 Bit +0x034 SpareTracingBits : Pos 2, 30 Bits +0x038 ApiSetMap : Ptr32 Void +0x03c TlsExpansionCounter : Uint4B +0x040 TlsBitmap : Ptr32 Void +0x044 TlsBitmapBits : [2] Uint4B +0x04c ReadOnlySharedMemoryBase : Ptr32 Void +0x050 HotpatchInformation : Ptr32 Void +0x054 ReadOnlyStaticServerData : Ptr32 Ptr32 Void +0x058 AnsiCodePageData : Ptr32 Void +0x05c OemCodePageData : Ptr32 Void +0x060 UnicodeCaseTableData : Ptr32 Void +0x064 NumberOfProcessors : Uint4B +0x068 NtGlobalFlag : Uint4B +0x070 CriticalSectionTimeout : _LARGE_INTEGER +0x078 HeapSegmentReserve : Uint4B +0x07c HeapSegmentCommit : Uint4B +0x080 HeapDeCommitTotalFreeThreshold : Uint4B +0x084 HeapDeCommitFreeBlockThreshold : Uint4B +0x088 NumberOfHeaps : Uint4B +0x08c MaximumNumberOfHeaps : Uint4B +0x090 ProcessHeaps : Ptr32 Ptr32 Void +0x094 GdiSharedHandleTable : Ptr32 Void +0x098 ProcessStarterHelper : Ptr32 Void +0x09c GdiDCAttributeList : Uint4B +0x0a0 LoaderLock : Ptr32 _RTL_CRITICAL_SECTION +0x0a4 OSMajorVersion : Uint4B +0x0a8 OSMinorVersion : Uint4B +0x0ac OSBuildNumber : Uint2B +0x0ae OSCSDVersion : Uint2B +0x0b0 OSPlatformId : Uint4B +0x0b4 ImageSubsystem : Uint4B +0x0b8 ImageSubsystemMajorVersion : Uint4B +0x0bc ImageSubsystemMinorVersion : Uint4B +0x0c0 ActiveProcessAffinityMask : Uint4B +0x0c4 GdiHandleBuffer : [34] Uint4B +0x14c PostProcessInitRoutine : Ptr32 void +0x150 TlsExpansionBitmap : Ptr32 Void +0x154 TlsExpansionBitmapBits : [32] Uint4B +0x1d4 SessionId : Uint4B +0x1d8 AppCompatFlags : _ULARGE_INTEGER +0x1e0 AppCompatFlagsUser : _ULARGE_INTEGER +0x1e8 pShimData : Ptr32 Void +0x1ec AppCompatInfo : Ptr32 Void +0x1f0 CSDVersion : _UNICODE_STRING +0x1f8 ActivationContextData : Ptr32 _ACTIVATION_CONTEXT_DATA +0x1fc ProcessAssemblyStorageMap : Ptr32 _ASSEMBLY_STORAGE_MAP +0x200 SystemDefaultActivationContextData : Ptr32 _ACTIVATION_CONTEXT_DATA +0x204 SystemAssemblyStorageMap : Ptr32 _ASSEMBLY_STORAGE_MAP +0x208 MinimumStackCommit : Uint4B +0x20c FlsCallback : Ptr32 _FLS_CALLBACK_INFO +0x210 FlsListHead : _LIST_ENTRY +0x218 FlsBitmap : Ptr32 Void +0x21c FlsBitmapBits : [4] Uint4B +0x22c FlsHighIndex : Uint4B +0x230 WerRegistrationData : Ptr32 Void +0x234 WerShipAssertPtr : Ptr32 Void +0x238 pContextData : Ptr32 Void +0x23c pImageHeaderHash : Ptr32 Void 1: kd> dt nt!_TEB +0x000 NtTib : _NT_TIB +0x01c EnvironmentPointer : Ptr32 Void +0x020 ClientId : _CLIENT_ID +0x028 ActiveRpcHandle : Ptr32 Void +0x02c ThreadLocalStoragePointer : Ptr32 Void +0x030 ProcessEnvironmentBlock : Ptr32 _PEB +0x034 LastErrorValue : Uint4B +0x038 CountOfOwnedCriticalSections : Uint4B +0x03c CsrClientThread : Ptr32 Void +0x040 Win32ThreadInfo : Ptr32 Void +0x044 User32Reserved : [26] Uint4B +0x0ac UserReserved : [5] Uint4B +0x0c0 WOW32Reserved : Ptr32 Void +0x0c4 CurrentLocale : Uint4B +0x0c8 FpSoftwareStatusRegister : Uint4B +0x0cc SystemReserved1 : [54] Ptr32 Void +0x1a4 ExceptionCode : Int4B +0x1a8 ActivationContextStackPointer : Ptr32 _ACTIVATION_CONTEXT_STACK +0x1ac SpareBytes1 : [2] UChar +0x1ae SpareBytes2 : [34] UChar +0x1d0 TxFsContext : Uint4B +0x1d4 GdiTebBatch : _GDI_TEB_BATCH +0x6b4 RealClientId : _CLIENT_ID +0x6bc GdiCachedProcessHandle : Ptr32 Void +0x6c0 GdiClientPID : Uint4B +0x6c4 GdiClientTID : Uint4B +0x6c8 GdiThreadLocalInfo : Ptr32 Void +0x6cc Win32ClientInfo : [62] Uint4B +0x7c4 glDispatchTable : [233] Ptr32 Void +0xb68 glReserved1 : [29] Uint4B +0xbdc glReserved2 : Ptr32 Void +0xbe0 glSectionInfo : Ptr32 Void +0xbe4 glSection : Ptr32 Void +0xbe8 glTable : Ptr32 Void +0xbec glCurrentRC : Ptr32 Void +0xbf0 glContext : Ptr32 Void +0xbf4 LastStatusValue : Uint4B +0xbf8 StaticUnicodeString : _UNICODE_STRING +0xc00 StaticUnicodeBuffer : [261] Wchar +0xe0c DeallocationStack : Ptr32 Void +0xe10 TlsSlots : [64] Ptr32 Void +0xf10 TlsLinks : _LIST_ENTRY +0xf18 Vdm : Ptr32 Void +0xf1c ReservedForNtRpc : Ptr32 Void +0xf20 DbgSsReserved : [2] Ptr32 Void +0xf28 HardErrorMode : Uint4B +0xf2c Instrumentation : [9] Ptr32 Void +0xf50 ActivityId : _GUID +0xf60 SubProcessTag : Ptr32 Void +0xf64 EtwLocalData : Ptr32 Void +0xf68 EtwTraceData : Ptr32 Void +0xf6c WinSockData : Ptr32 Void +0xf70 GdiBatchCount : Uint4B +0xf74 CurrentIdealProcessor : _PROCESSOR_NUMBER +0xf74 IdealProcessorValue : Uint4B +0xf74 ReservedPad0 : UChar +0xf75 ReservedPad1 : UChar +0xf76 ReservedPad2 : UChar +0xf77 IdealProcessor : UChar +0xf78 GuaranteedStackBytes : Uint4B +0xf7c ReservedForPerf : Ptr32 Void +0xf80 ReservedForOle : Ptr32 Void +0xf84 WaitingOnLoaderLock : Uint4B +0xf88 SavedPriorityState : Ptr32 Void +0xf8c SoftPatchPtr1 : Uint4B +0xf90 ThreadPoolData : Ptr32 Void +0xf94 TlsExpansionSlots : Ptr32 Ptr32 Void +0xf98 MuiGeneration : Uint4B +0xf9c IsImpersonating : Uint4B +0xfa0 NlsCache : Ptr32 Void +0xfa4 pShimData : Ptr32 Void +0xfa8 HeapVirtualAffinity : Uint4B +0xfac CurrentTransactionHandle : Ptr32 Void +0xfb0 ActiveFrame : Ptr32 _TEB_ACTIVE_FRAME +0xfb4 FlsData : Ptr32 Void +0xfb8 PreferredLanguages : Ptr32 Void +0xfbc UserPrefLanguages : Ptr32 Void +0xfc0 MergedPrefLanguages : Ptr32 Void +0xfc4 MuiImpersonation : Uint4B +0xfc8 CrossTebFlags : Uint2B +0xfc8 SpareCrossTebBits : Pos 0, 16 Bits +0xfca SameTebFlags : Uint2B +0xfca SafeThunkCall : Pos 0, 1 Bit +0xfca InDebugPrint : Pos 1, 1 Bit +0xfca HasFiberData : Pos 2, 1 Bit +0xfca SkipThreadAttach : Pos 3, 1 Bit +0xfca WerInShipAssertCode : Pos 4, 1 Bit +0xfca RanProcessInit : Pos 5, 1 Bit +0xfca ClonedThread : Pos 6, 1 Bit +0xfca SuppressDebugMsg : Pos 7, 1 Bit +0xfca DisableUserStackWalk : Pos 8, 1 Bit +0xfca RtlExceptionAttached : Pos 9, 1 Bit +0xfca SpareSameTebBits : Pos 10, 6 Bits +0xfcc TxnScopeEnterCallback : Ptr32 Void +0xfd0 TxnScopeExitCallback : Ptr32 Void +0xfd4 TxnScopeContext : Ptr32 Void +0xfd8 LockCount : Uint4B +0xfdc SpareUlong0 : Uint4B +0xfe0 ResourceRetValue : Ptr32 Void
There are 31,314 total registered users.
[+] expand
Printer Friendly ...
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}