HACKE-RC · May 31, 2022 15:21
diff --git a/KTHREAD.c b/KTHREAD.c
 struct _KTHREAD {
  struct _DISPATCHER_HEADER Header;
  void *SListFaultAddress;
  unsigned int QuantumTarget;
  void *InitialStack;
  void *StackLimit;
  void *StackBase;
  unsigned int ThreadLock;
  unsigned int CycleTime;
  unsigned long CurrentRunTime;
  unsigned long ExpectedRunTime;
  void *KernelStack;
  struct _KSCHEDULING_GROUP *SchedulingGroup;
  union _KWAIT_STATUS_REGISTER WaitRegister;
  unsigned int Running;
  unsigned int Alerted[2];
  unsigned long AutoBoostActive : 1;
  unsigned long ReadyTransition : 1;
  unsigned long WaitNext : 1;
  unsigned long SystemAffinityActive : 1;
  unsigned long Alertable : 1;
  unsigned long UserStackWalkActive : 1;
  unsigned long ApcInterruptRequest : 1;
  unsigned long QuantumEndMigrate : 1;
  unsigned long UmsDirectedSwitchEnable : 1;
  unsigned long TimerActive : 1;
  unsigned long SystemThread : 1;
  unsigned long ProcessDetachActive : 1;
  unsigned long CalloutActive : 1;
  unsigned long ScbReadyQueue : 1;
  unsigned long ApcQueueable : 1;
  unsigned long ReservedStackInUse : 1;
  unsigned long UmsPerformingSyscall : 1;
  unsigned long TimerSuspended : 1;
  unsigned long SuspendedWaitMode : 1;
  unsigned long SuspendSchedulerApcWait : 1;
  unsigned long Reserved : 12;
  long MiscFlags;
  unsigned long AutoAlignment : 1;
  unsigned long DisableBoost : 1;
  unsigned long ThreadFlagsSpare0 : 1;
  unsigned long AlertedByThreadId : 1;
  unsigned long QuantumDonation : 1;
  unsigned long EnableStackSwap : 1;
  unsigned long GuiThread : 1;
  unsigned long DisableQuantum : 1;
  unsigned long ChargeOnlySchedulingGroup : 1;
  unsigned long DeferPreemption : 1;
  unsigned long QueueDeferPreemption : 1;
  unsigned long ForceDeferSchedule : 1;
  unsigned long SharedReadyQueueAffinity : 1;
  unsigned long FreezeCount : 1;
  unsigned long TerminationApcRequest : 1;
  unsigned long AutoBoostEntriesExhausted : 1;
  unsigned long KernelStackResident : 1;
  unsigned long CommitFailTerminateRequest : 1;
  unsigned long ProcessStackCountDecremented : 1;
  unsigned long RestrictedGuiThread : 1;
  unsigned long ThreadFlagsSpare : 4;
  unsigned long EtwStackTraceApcInserted : 8;
  long ThreadFlags;
  unsigned int Tag;
  unsigned int SystemHeteroCpuPolicy;
  unsigned int UserHeteroCpuPolicy : 7;
  unsigned int ExplicitSystemHeteroCpuPolicy : 1;
  unsigned int Spare0;
  unsigned long SystemCallNumber;
  unsigned long Spare10;
  void *FirstArgument;
  struct _KTRAP_FRAME *TrapFrame;
  struct _KAPC_STATE ApcState;
  unsigned int ApcStateFill[43];
  char Priority;
  unsigned long UserIdealProcessor;
  int WaitStatus;
  struct _KWAIT_BLOCK *WaitBlockList;
  struct _LIST_ENTRY WaitListEntry;
  struct _SINGLE_LIST_ENTRY SwapListEntry;
  struct _DISPATCHER_HEADER *Queue;
  void *Teb;
  unsigned int RelativeTimerBias;
  struct _KTIMER Timer;
  struct _KWAIT_BLOCK WaitBlock[4];
  unsigned int WaitBlockFill4[20];
  unsigned long ContextSwitches;
  unsigned int WaitBlockFill5[68];
  unsigned int State;
  char Spare13;
  unsigned int WaitIrql;
  char WaitMode;
  unsigned int WaitBlockFill6[116];
  unsigned long WaitTime;
  unsigned int WaitBlockFill7[164];
  int KernelApcDisable;
  int SpecialApcDisable;
  unsigned long CombinedApcDisable;
  unsigned int WaitBlockFill8[40];
  struct _KTHREAD_COUNTERS *ThreadCounters;
  unsigned int WaitBlockFill9[88];
  struct _XSTATE_SAVE *XStateSave;
  unsigned int WaitBlockFill10[136];
  void *Win32Thread;
  unsigned int WaitBlockFill11[176];
  struct _UMS_CONTROL_BLOCK *Ucb;
  struct _KUMS_CONTEXT_HEADER *Uch;
  void *TebMappedLowVa;
  struct _LIST_ENTRY QueueListEntry;
  struct _KSWITCH_FRAME SwitchFrame;
  struct _KARM64_VFP_STATE *VfpState;
  unsigned long NextProcessor;
  unsigned long NextProcessorNumber : 31;
  unsigned long SharedReadyQueue : 1;
  long QueuePriority;
  struct _KPROCESS *Process;
  struct _GROUP_AFFINITY UserAffinity;
  unsigned int UserAffinityFill[10];
  char PreviousMode;
  char BasePriority;
  char PriorityDecrement;
  unsigned int ForegroundBoost : 4;
  unsigned int UnusualBoost : 4;
  unsigned int Preempted;
  unsigned int AdjustReason;
  char AdjustIncrement;
  unsigned int AffinityVersion;
  struct _GROUP_AFFINITY Affinity;
  unsigned int AffinityFill[10];
  unsigned int ApcStateIndex;
  unsigned int WaitBlockCount;
  unsigned long IdealProcessor;
  unsigned int Spare15[1];
  struct _KAPC_STATE SavedApcState;
  unsigned int SavedApcStateFill[43];
  unsigned int WaitReason;
  char SuspendCount;
  char Saturation;
  unsigned int SListFaultCount;
  struct _KAPC SchedulerApc;
  unsigned int SchedulerApcFill0[1];
  unsigned int ResourceIndex;
  unsigned int SchedulerApcFill1[3];
  unsigned int QuantumReset;
  unsigned int SchedulerApcFill2[4];
  unsigned long KernelTime;
  unsigned int SchedulerApcFill3[64];
  struct _KPRCB *WaitPrcb;
  unsigned int SchedulerApcFill4[72];
  void *LegoData;
  unsigned int SchedulerApcFill5[83];
  unsigned int CallbackNestingLevel;
  unsigned long UserTime;
  struct _KEVENT SuspendEvent;
  struct _LIST_ENTRY ThreadListEntry;
  struct _LIST_ENTRY MutantListHead;
  unsigned int AbEntrySummary;
  unsigned int AbWaitEntryCount;
  unsigned int Spare20;
  unsigned long SecureThreadCookie;
  struct _KLOCK_ENTRY LockEntries[6];
  struct _SINGLE_LIST_ENTRY PropagateBoostsEntry;
  struct _SINGLE_LIST_ENTRY IoSelfBoostsEntry;
  unsigned int PriorityFloorCounts[16];
  unsigned long PriorityFloorSummary;
  long AbCompletedIoBoostCount;
  long AbCompletedIoQoSBoostCount;
  int KeReferenceCount;
  unsigned int AbOrphanedEntrySummary;
  unsigned int AbOwnedEntryCount;
  unsigned long ForegroundLossTime;
  struct _LIST_ENTRY GlobalForegroundListEntry;
  struct _SINGLE_LIST_ENTRY ForegroundDpcStackListEntry;
  unsigned int InGlobalForegroundList;
  int ReadOperationCount;
  int WriteOperationCount;
  int OtherOperationCount;
  int ReadTransferCount;
  int WriteTransferCount;
  int OtherTransferCount;
  struct _KSCB *QueuedScb;
 };
	struct _KTHREAD {
	struct _DISPATCHER_HEADER Header;
	void *SListFaultAddress;
	unsigned int QuantumTarget;
	void *InitialStack;
	void *StackLimit;
	void *StackBase;
	unsigned int ThreadLock;
	unsigned int CycleTime;
	unsigned long CurrentRunTime;
	unsigned long ExpectedRunTime;
	void *KernelStack;
	struct _KSCHEDULING_GROUP *SchedulingGroup;
	union _KWAIT_STATUS_REGISTER WaitRegister;
	unsigned int Running;
	unsigned int Alerted[2];
	unsigned long AutoBoostActive : 1;
	unsigned long ReadyTransition : 1;
	unsigned long WaitNext : 1;
	unsigned long SystemAffinityActive : 1;
	unsigned long Alertable : 1;
	unsigned long UserStackWalkActive : 1;
	unsigned long ApcInterruptRequest : 1;
	unsigned long QuantumEndMigrate : 1;
	unsigned long UmsDirectedSwitchEnable : 1;
	unsigned long TimerActive : 1;
	unsigned long SystemThread : 1;
	unsigned long ProcessDetachActive : 1;
	unsigned long CalloutActive : 1;
	unsigned long ScbReadyQueue : 1;
	unsigned long ApcQueueable : 1;
	unsigned long ReservedStackInUse : 1;
	unsigned long UmsPerformingSyscall : 1;
	unsigned long TimerSuspended : 1;
	unsigned long SuspendedWaitMode : 1;
	unsigned long SuspendSchedulerApcWait : 1;
	unsigned long Reserved : 12;
	long MiscFlags;
	unsigned long AutoAlignment : 1;
	unsigned long DisableBoost : 1;
	unsigned long ThreadFlagsSpare0 : 1;
	unsigned long AlertedByThreadId : 1;
	unsigned long QuantumDonation : 1;
	unsigned long EnableStackSwap : 1;
	unsigned long GuiThread : 1;
	unsigned long DisableQuantum : 1;
	unsigned long ChargeOnlySchedulingGroup : 1;
	unsigned long DeferPreemption : 1;
	unsigned long QueueDeferPreemption : 1;
	unsigned long ForceDeferSchedule : 1;
	unsigned long SharedReadyQueueAffinity : 1;
	unsigned long FreezeCount : 1;
	unsigned long TerminationApcRequest : 1;
	unsigned long AutoBoostEntriesExhausted : 1;
	unsigned long KernelStackResident : 1;
	unsigned long CommitFailTerminateRequest : 1;
	unsigned long ProcessStackCountDecremented : 1;
	unsigned long RestrictedGuiThread : 1;
	unsigned long ThreadFlagsSpare : 4;
	unsigned long EtwStackTraceApcInserted : 8;
	long ThreadFlags;
	unsigned int Tag;
	unsigned int SystemHeteroCpuPolicy;
	unsigned int UserHeteroCpuPolicy : 7;
	unsigned int ExplicitSystemHeteroCpuPolicy : 1;
	unsigned int Spare0;
	unsigned long SystemCallNumber;
	unsigned long Spare10;
	void *FirstArgument;
	struct _KTRAP_FRAME *TrapFrame;
	struct _KAPC_STATE ApcState;
	unsigned int ApcStateFill[43];
	char Priority;
	unsigned long UserIdealProcessor;
	int WaitStatus;
	struct _KWAIT_BLOCK *WaitBlockList;
	struct _LIST_ENTRY WaitListEntry;
	struct _SINGLE_LIST_ENTRY SwapListEntry;
	struct _DISPATCHER_HEADER *Queue;
	void *Teb;
	unsigned int RelativeTimerBias;
	struct _KTIMER Timer;
	struct _KWAIT_BLOCK WaitBlock[4];
	unsigned int WaitBlockFill4[20];
	unsigned long ContextSwitches;
	unsigned int WaitBlockFill5[68];
	unsigned int State;
	char Spare13;
	unsigned int WaitIrql;
	char WaitMode;
	unsigned int WaitBlockFill6[116];
	unsigned long WaitTime;
	unsigned int WaitBlockFill7[164];
	int KernelApcDisable;
	int SpecialApcDisable;
	unsigned long CombinedApcDisable;
	unsigned int WaitBlockFill8[40];
	struct _KTHREAD_COUNTERS *ThreadCounters;
	unsigned int WaitBlockFill9[88];
	struct _XSTATE_SAVE *XStateSave;
	unsigned int WaitBlockFill10[136];
	void *Win32Thread;
	unsigned int WaitBlockFill11[176];
	struct _UMS_CONTROL_BLOCK *Ucb;
	struct _KUMS_CONTEXT_HEADER *Uch;
	void *TebMappedLowVa;
	struct _LIST_ENTRY QueueListEntry;
	struct _KSWITCH_FRAME SwitchFrame;
	struct _KARM64_VFP_STATE *VfpState;
	unsigned long NextProcessor;
	unsigned long NextProcessorNumber : 31;
	unsigned long SharedReadyQueue : 1;
	long QueuePriority;
	struct _KPROCESS *Process;
	struct _GROUP_AFFINITY UserAffinity;
	unsigned int UserAffinityFill[10];
	char PreviousMode;
	char BasePriority;
	char PriorityDecrement;
	unsigned int ForegroundBoost : 4;
	unsigned int UnusualBoost : 4;
	unsigned int Preempted;
	unsigned int AdjustReason;
	char AdjustIncrement;
	unsigned int AffinityVersion;
	struct _GROUP_AFFINITY Affinity;
	unsigned int AffinityFill[10];
	unsigned int ApcStateIndex;
	unsigned int WaitBlockCount;
	unsigned long IdealProcessor;
	unsigned int Spare15[1];
	struct _KAPC_STATE SavedApcState;
	unsigned int SavedApcStateFill[43];
	unsigned int WaitReason;
	char SuspendCount;
	char Saturation;
	unsigned int SListFaultCount;
	struct _KAPC SchedulerApc;
	unsigned int SchedulerApcFill0[1];
	unsigned int ResourceIndex;
	unsigned int SchedulerApcFill1[3];
	unsigned int QuantumReset;
	unsigned int SchedulerApcFill2[4];
	unsigned long KernelTime;
	unsigned int SchedulerApcFill3[64];
	struct _KPRCB *WaitPrcb;
	unsigned int SchedulerApcFill4[72];
	void *LegoData;
	unsigned int SchedulerApcFill5[83];
	unsigned int CallbackNestingLevel;
	unsigned long UserTime;
	struct _KEVENT SuspendEvent;
	struct _LIST_ENTRY ThreadListEntry;
	struct _LIST_ENTRY MutantListHead;
	unsigned int AbEntrySummary;
	unsigned int AbWaitEntryCount;
	unsigned int Spare20;
	unsigned long SecureThreadCookie;
	struct _KLOCK_ENTRY LockEntries[6];
	struct _SINGLE_LIST_ENTRY PropagateBoostsEntry;
	struct _SINGLE_LIST_ENTRY IoSelfBoostsEntry;
	unsigned int PriorityFloorCounts[16];
	unsigned long PriorityFloorSummary;
	long AbCompletedIoBoostCount;
	long AbCompletedIoQoSBoostCount;
	int KeReferenceCount;
	unsigned int AbOrphanedEntrySummary;
	unsigned int AbOwnedEntryCount;
	unsigned long ForegroundLossTime;
	struct _LIST_ENTRY GlobalForegroundListEntry;
	struct _SINGLE_LIST_ENTRY ForegroundDpcStackListEntry;
	unsigned int InGlobalForegroundList;
	int ReadOperationCount;
	int WriteOperationCount;
	int OtherOperationCount;
	int ReadTransferCount;
	int WriteTransferCount;
	int OtherTransferCount;
	struct _KSCB *QueuedScb;
	};