[PATCH v6 0/4] MR4761: ntdll: Implement NtContinueEx()

List overview All Threads

newer

older

[PATCH v2 0/13] MR6910: mshtml:...

[PATCH v3 0/9] MR6800:...

Dāvis Mosāns (davispuh) (＠davispuh)

6 Feb 2024 6 Feb '24

7:40 p.m.

This MR implements `NtContinueEx(PCONTEXT, PCONTINUE_OPTIONS)` which was added in Windows 10 20H1.

Also added basic test reusing existing `test_continue()` (included from !4720)

League of Legends game hooks `NtContinue()` and `NtContinueEx()` by putting `jmp` instruction in front of it.

Note that LoL doesn't actually use `NtContinueEx()` itself and game will work fine without it but if game doesn't find `NtContinueEx()` it will permanently ban your account due to detecting "scripting program"

-- v6: ntdll/tests: Implement APC test for NtContinue() ntdll/tests: Add basic test for NtContinueEx() ntdll: Implement NtContinueEx()

https://gitlab.winehq.org/wine/wine/-/merge_requests/4761

Show replies by date

Dāvis Mosāns

6 Feb 6 Feb

7:40 p.m.

New subject: [PATCH v6 1/4] ntdll/tests: Unify APC test functions

From: Dāvis Mosāns davispuh@gmail.com

This reduces duplication since they all do same thing --- dlls/ntdll/tests/exception.c | 75 ++++++++++-------------------------- 1 file changed, 20 insertions(+), 55 deletions(-)

diff --git a/dlls/ntdll/tests/exception.c b/dlls/ntdll/tests/exception.c index b6d22092a11..c09d54c1445 100644 --- a/dlls/ntdll/tests/exception.c +++ b/dlls/ntdll/tests/exception.c @@ -109,6 +109,16 @@ static void (WINAPI *pRtlGetUnloadEventTraceEx)(ULONG **element_size, ULONG **el #define EH_NESTED_CALL 0x10 #endif

+static UINT apc_count; + +static void CALLBACK apc_func( ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3 ) +{ + ok( arg1 == 0x1234 + apc_count, "wrong arg1 %Ix\n", arg1 ); + ok( arg2 == 0x5678, "wrong arg2 %Ix\n", arg2 ); + ok( arg3 == 0xdeadbeef, "wrong arg3 %Ix\n", arg3 ); + apc_count++; +} + #if defined(__x86_64__) typedef struct { @@ -2071,15 +2081,6 @@ static void test_KiUserExceptionDispatcher(void) }

static BYTE saved_KiUserApcDispatcher[7]; -static UINT apc_count; - -static void CALLBACK apc_func( ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3 ) -{ - ok( arg1 == 0x1234 + apc_count, "wrong arg1 %Ix\n", arg1 ); - ok( arg2 == 0x5678, "wrong arg2 %Ix\n", arg2 ); - ok( arg3 == 0xdeadbeef, "wrong arg3 %Ix\n", arg3 ); - apc_count++; -}

static void * CDECL hook_KiUserApcDispatcher( void *func, ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3 ) { @@ -2158,7 +2159,7 @@ static void test_KiUserApcDispatcher(void)

apc_count = 0; hook_called = FALSE; - pNtQueueApcThread( GetCurrentThread(), apc_func, 0x1234, 0x5678, 0xdeadbeef ); + pNtQueueApcThread( GetCurrentThread(), apc_func, 0x1234 + apc_count, 0x5678, 0xdeadbeef ); SleepEx( 0, TRUE ); ok( apc_count == 1 || apc_count == 2, "APC count %u\n", apc_count ); ok( hook_called, "hook was not called\n" ); @@ -5238,15 +5239,6 @@ static void test_KiUserExceptionDispatcher(void)

static BYTE saved_KiUserApcDispatcher[12]; -static BOOL apc_called; - -static void CALLBACK apc_func( ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3 ) -{ - ok( arg1 == 0x1234, "wrong arg1 %Ix\n", arg1 ); - ok( arg2 == 0x5678, "wrong arg2 %Ix\n", arg2 ); - ok( arg3 == 0xdeadbeef, "wrong arg3 %Ix\n", arg3 ); - apc_called = TRUE; -}

static void * WINAPI hook_KiUserApcDispatcher(CONTEXT *context) { @@ -5312,10 +5304,10 @@ static void test_KiUserApcDispatcher(void) memcpy( pKiUserApcDispatcher, patched_KiUserApcDispatcher, sizeof(patched_KiUserApcDispatcher) );

hook_called = FALSE; - apc_called = FALSE; - pNtQueueApcThread( GetCurrentThread(), apc_func, 0x1234, 0x5678, 0xdeadbeef ); + apc_count = 0; + pNtQueueApcThread( GetCurrentThread(), apc_func, 0x1234 + apc_count, 0x5678, 0xdeadbeef ); SleepEx( 0, TRUE ); - ok( apc_called, "APC was not called\n" ); + ok( apc_count > 0, "APC was not called\n" ); ok( hook_called, "hook was not called\n" );

VirtualProtect( pKiUserApcDispatcher, sizeof(saved_KiUserApcDispatcher), old_protect, &old_protect ); @@ -7625,17 +7617,8 @@ static void test_KiUserExceptionDispatcher(void) VirtualProtect(code_ptr, sizeof(saved_code), old_protect, &old_protect); }

-static UINT apc_count; static UINT alertable_supported;

-static void CALLBACK apc_func( ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3 ) -{ - ok( arg1 == 0x1234 + apc_count, "wrong arg1 %Ix\n", arg1 ); - ok( arg2 == 0x5678, "wrong arg2 %Ix\n", arg2 ); - ok( arg3 == 0xdeadbeef, "wrong arg3 %Ix\n", arg3 ); - apc_count++; -} - static void * WINAPI hook_KiUserApcDispatcher(void *stack) { struct @@ -9460,17 +9443,6 @@ static void test_KiUserExceptionDispatcher(void) VirtualProtect(pKiUserExceptionDispatcher, sizeof(saved_code), old_protect, &old_protect); }

- -static UINT apc_count; - -static void CALLBACK apc_func( ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3 ) -{ - ok( arg1 == 0x1234 + apc_count, "wrong arg1 %Ix\n", arg1 ); - ok( arg2 == 0x5678, "wrong arg2 %Ix\n", arg2 ); - ok( arg3 == 0xdeadbeef, "wrong arg3 %Ix\n", arg3 ); - apc_count++; -} - static void * WINAPI hook_KiUserApcDispatcher(void *stack) { struct @@ -10706,13 +10678,6 @@ static void test_vectored_continue_handler(void) ok(!ret, "RtlRemoveVectoredContinueHandler succeeded\n"); }

-static BOOL test_apc_called; - -static void CALLBACK test_apc(ULONG_PTR arg1, ULONG_PTR arg2, ULONG_PTR arg3) -{ - test_apc_called = TRUE; -} - static void test_user_apc(void) { NTSTATUS status; @@ -10775,13 +10740,13 @@ static void test_user_apc(void)

c[0] = context;

- test_apc_called = FALSE; - status = pNtQueueApcThread(GetCurrentThread(), test_apc, 0, 0, 0); + apc_count = 0; + status = pNtQueueApcThread(GetCurrentThread(), apc_func, 0x1234 + apc_count, 0x5678, 0xdeadbeef); ok(!status, "Got unexpected status %#lx.\n", status); SleepEx(0, TRUE); - ok(test_apc_called, "Test user APC was not called.\n"); - test_apc_called = FALSE; - status = pNtQueueApcThread(GetCurrentThread(), test_apc, 0, 0, 0); + ok(apc_count > 0, "Test user APC was not called.\n"); + apc_count = 0; + status = pNtQueueApcThread(GetCurrentThread(), apc_func, 0x1234 + apc_count, 0x5678, 0xdeadbeef); ok(!status, "Got unexpected status %#lx.\n", status); status = NtContinue(&c[0], TRUE );

@@ -10790,7 +10755,7 @@ static void test_user_apc(void) } ok(ret == 0xabacab, "Got return value %#x.\n", ret); ok(pass == 3, "Got unexpected pass %ld.\n", pass); - ok(test_apc_called, "Test user APC was not called.\n"); + ok(apc_count > 0, "Test user APC was not called.\n"); }

static void test_user_callback(void)

-- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/4761

Dāvis Mosāns

7:40 p.m.

New subject: [PATCH v6 2/4] ntdll: Implement NtContinueEx()

From: Dāvis Mosāns davispuh@gmail.com

Implement NtContinueEx(PCONTEXT, PCONTINUE_OPTIONS) which was added in Windows 10 20H1

Co-authored-by: Etaash Mathamsetty etaash.mathamsetty@gmail.com --- dlls/ntdll/ntdll.spec | 2 + dlls/ntdll/ntsyscalls.h | 840 ++++++++++++++++++++------------------- dlls/ntdll/unix/server.c | 27 ++ dlls/wow64/syscall.c | 14 +- include/winternl.h | 21 + 5 files changed, 483 insertions(+), 421 deletions(-)

diff --git a/dlls/ntdll/ntdll.spec b/dlls/ntdll/ntdll.spec index 64fdb6fdb24..e522c87677d 100644 --- a/dlls/ntdll/ntdll.spec +++ b/dlls/ntdll/ntdll.spec @@ -167,6 +167,7 @@ # @ stub NtCompressKey @ stdcall -syscall NtConnectPort(ptr ptr ptr ptr ptr ptr ptr ptr) @ stdcall -syscall NtContinue(ptr long) +@ stdcall -syscall NtContinueEx(ptr ptr) @ stdcall -syscall NtCreateDebugObject(ptr long ptr long) @ stdcall -syscall NtCreateDirectoryObject(ptr long ptr) @ stdcall -syscall NtCreateEvent(ptr long ptr long long) @@ -1218,6 +1219,7 @@ # @ stub ZwCompressKey @ stdcall -private -syscall ZwConnectPort(ptr ptr ptr ptr ptr ptr ptr ptr) NtConnectPort @ stdcall -private -syscall ZwContinue(ptr long) NtContinue +@ stdcall -private -syscall ZwContinueEx(ptr ptr) NtContinueEx # @ stub ZwCreateDebugObject @ stdcall -private -syscall ZwCreateDirectoryObject(ptr long ptr) NtCreateDirectoryObject @ stdcall -private -syscall ZwCreateEvent(ptr long ptr long long) NtCreateEvent diff --git a/dlls/ntdll/ntsyscalls.h b/dlls/ntdll/ntsyscalls.h index 10813ee977d..d1ee16b2785 100644 --- a/dlls/ntdll/ntsyscalls.h +++ b/dlls/ntdll/ntsyscalls.h @@ -29,218 +29,219 @@ SYSCALL_ENTRY( 0x0019, NtCompleteConnectPort, 4 ) \ SYSCALL_ENTRY( 0x001a, NtConnectPort, 32 ) \ SYSCALL_ENTRY( 0x001b, NtContinue, 8 ) \ - SYSCALL_ENTRY( 0x001c, NtCreateDebugObject, 16 ) \ - SYSCALL_ENTRY( 0x001d, NtCreateDirectoryObject, 12 ) \ - SYSCALL_ENTRY( 0x001e, NtCreateEvent, 20 ) \ - SYSCALL_ENTRY( 0x001f, NtCreateFile, 44 ) \ - SYSCALL_ENTRY( 0x0020, NtCreateIoCompletion, 16 ) \ - SYSCALL_ENTRY( 0x0021, NtCreateJobObject, 12 ) \ - SYSCALL_ENTRY( 0x0022, NtCreateKey, 28 ) \ - SYSCALL_ENTRY( 0x0023, NtCreateKeyTransacted, 32 ) \ - SYSCALL_ENTRY( 0x0024, NtCreateKeyedEvent, 16 ) \ - SYSCALL_ENTRY( 0x0025, NtCreateLowBoxToken, 36 ) \ - SYSCALL_ENTRY( 0x0026, NtCreateMailslotFile, 32 ) \ - SYSCALL_ENTRY( 0x0027, NtCreateMutant, 16 ) \ - SYSCALL_ENTRY( 0x0028, NtCreateNamedPipeFile, 56 ) \ - SYSCALL_ENTRY( 0x0029, NtCreatePagingFile, 16 ) \ - SYSCALL_ENTRY( 0x002a, NtCreatePort, 20 ) \ - SYSCALL_ENTRY( 0x002b, NtCreateSection, 28 ) \ - SYSCALL_ENTRY( 0x002c, NtCreateSemaphore, 20 ) \ - SYSCALL_ENTRY( 0x002d, NtCreateSymbolicLinkObject, 16 ) \ - SYSCALL_ENTRY( 0x002e, NtCreateThread, 32 ) \ - SYSCALL_ENTRY( 0x002f, NtCreateThreadEx, 44 ) \ - SYSCALL_ENTRY( 0x0030, NtCreateTimer, 16 ) \ - SYSCALL_ENTRY( 0x0031, NtCreateToken, 52 ) \ - SYSCALL_ENTRY( 0x0032, NtCreateTransaction, 40 ) \ - SYSCALL_ENTRY( 0x0033, NtCreateUserProcess, 44 ) \ - SYSCALL_ENTRY( 0x0034, NtDebugActiveProcess, 8 ) \ - SYSCALL_ENTRY( 0x0035, NtDebugContinue, 12 ) \ - SYSCALL_ENTRY( 0x0036, NtDelayExecution, 8 ) \ - SYSCALL_ENTRY( 0x0037, NtDeleteAtom, 4 ) \ - SYSCALL_ENTRY( 0x0038, NtDeleteFile, 4 ) \ - SYSCALL_ENTRY( 0x0039, NtDeleteKey, 4 ) \ - SYSCALL_ENTRY( 0x003a, NtDeleteValueKey, 8 ) \ - SYSCALL_ENTRY( 0x003b, NtDeviceIoControlFile, 40 ) \ - SYSCALL_ENTRY( 0x003c, NtDisplayString, 4 ) \ - SYSCALL_ENTRY( 0x003d, NtDuplicateObject, 28 ) \ - SYSCALL_ENTRY( 0x003e, NtDuplicateToken, 24 ) \ - SYSCALL_ENTRY( 0x003f, NtEnumerateKey, 24 ) \ - SYSCALL_ENTRY( 0x0040, NtEnumerateValueKey, 24 ) \ - SYSCALL_ENTRY( 0x0041, NtFilterToken, 24 ) \ - SYSCALL_ENTRY( 0x0042, NtFindAtom, 12 ) \ - SYSCALL_ENTRY( 0x0043, NtFlushBuffersFile, 8 ) \ - SYSCALL_ENTRY( 0x0044, NtFlushInstructionCache, 12 ) \ - SYSCALL_ENTRY( 0x0045, NtFlushKey, 4 ) \ - SYSCALL_ENTRY( 0x0046, NtFlushProcessWriteBuffers, 0 ) \ - SYSCALL_ENTRY( 0x0047, NtFlushVirtualMemory, 16 ) \ - SYSCALL_ENTRY( 0x0048, NtFreeVirtualMemory, 16 ) \ - SYSCALL_ENTRY( 0x0049, NtFsControlFile, 40 ) \ - SYSCALL_ENTRY( 0x004a, NtGetContextThread, 8 ) \ - SYSCALL_ENTRY( 0x004b, NtGetCurrentProcessorNumber, 0 ) \ - SYSCALL_ENTRY( 0x004c, NtGetNextThread, 24 ) \ - SYSCALL_ENTRY( 0x004d, NtGetNlsSectionPtr, 20 ) \ - SYSCALL_ENTRY( 0x004e, NtGetWriteWatch, 28 ) \ - SYSCALL_ENTRY( 0x004f, NtImpersonateAnonymousToken, 4 ) \ - SYSCALL_ENTRY( 0x0050, NtInitializeNlsFiles, 12 ) \ - SYSCALL_ENTRY( 0x0051, NtInitiatePowerAction, 16 ) \ - SYSCALL_ENTRY( 0x0052, NtIsProcessInJob, 8 ) \ - SYSCALL_ENTRY( 0x0053, NtListenPort, 8 ) \ - SYSCALL_ENTRY( 0x0054, NtLoadDriver, 4 ) \ - SYSCALL_ENTRY( 0x0055, NtLoadKey, 8 ) \ - SYSCALL_ENTRY( 0x0056, NtLoadKey2, 12 ) \ - SYSCALL_ENTRY( 0x0057, NtLoadKeyEx, 32 ) \ - SYSCALL_ENTRY( 0x0058, NtLockFile, 40 ) \ - SYSCALL_ENTRY( 0x0059, NtLockVirtualMemory, 16 ) \ - SYSCALL_ENTRY( 0x005a, NtMakeTemporaryObject, 4 ) \ - SYSCALL_ENTRY( 0x005b, NtMapViewOfSection, 40 ) \ - SYSCALL_ENTRY( 0x005c, NtMapViewOfSectionEx, 36 ) \ - SYSCALL_ENTRY( 0x005d, NtNotifyChangeDirectoryFile, 36 ) \ - SYSCALL_ENTRY( 0x005e, NtNotifyChangeKey, 40 ) \ - SYSCALL_ENTRY( 0x005f, NtNotifyChangeMultipleKeys, 48 ) \ - SYSCALL_ENTRY( 0x0060, NtOpenDirectoryObject, 12 ) \ - SYSCALL_ENTRY( 0x0061, NtOpenEvent, 12 ) \ - SYSCALL_ENTRY( 0x0062, NtOpenFile, 24 ) \ - SYSCALL_ENTRY( 0x0063, NtOpenIoCompletion, 12 ) \ - SYSCALL_ENTRY( 0x0064, NtOpenJobObject, 12 ) \ - SYSCALL_ENTRY( 0x0065, NtOpenKey, 12 ) \ - SYSCALL_ENTRY( 0x0066, NtOpenKeyEx, 16 ) \ - SYSCALL_ENTRY( 0x0067, NtOpenKeyTransacted, 16 ) \ - SYSCALL_ENTRY( 0x0068, NtOpenKeyTransactedEx, 20 ) \ - SYSCALL_ENTRY( 0x0069, NtOpenKeyedEvent, 12 ) \ - SYSCALL_ENTRY( 0x006a, NtOpenMutant, 12 ) \ - SYSCALL_ENTRY( 0x006b, NtOpenProcess, 16 ) \ - SYSCALL_ENTRY( 0x006c, NtOpenProcessToken, 12 ) \ - SYSCALL_ENTRY( 0x006d, NtOpenProcessTokenEx, 16 ) \ - SYSCALL_ENTRY( 0x006e, NtOpenSection, 12 ) \ - SYSCALL_ENTRY( 0x006f, NtOpenSemaphore, 12 ) \ - SYSCALL_ENTRY( 0x0070, NtOpenSymbolicLinkObject, 12 ) \ - SYSCALL_ENTRY( 0x0071, NtOpenThread, 16 ) \ - SYSCALL_ENTRY( 0x0072, NtOpenThreadToken, 16 ) \ - SYSCALL_ENTRY( 0x0073, NtOpenThreadTokenEx, 20 ) \ - SYSCALL_ENTRY( 0x0074, NtOpenTimer, 12 ) \ - SYSCALL_ENTRY( 0x0075, NtPowerInformation, 20 ) \ - SYSCALL_ENTRY( 0x0076, NtPrivilegeCheck, 12 ) \ - SYSCALL_ENTRY( 0x0077, NtProtectVirtualMemory, 20 ) \ - SYSCALL_ENTRY( 0x0078, NtPulseEvent, 8 ) \ - SYSCALL_ENTRY( 0x0079, NtQueryAttributesFile, 8 ) \ - SYSCALL_ENTRY( 0x007a, NtQueryDefaultLocale, 8 ) \ - SYSCALL_ENTRY( 0x007b, NtQueryDefaultUILanguage, 4 ) \ - SYSCALL_ENTRY( 0x007c, NtQueryDirectoryFile, 44 ) \ - SYSCALL_ENTRY( 0x007d, NtQueryDirectoryObject, 28 ) \ - SYSCALL_ENTRY( 0x007e, NtQueryEaFile, 36 ) \ - SYSCALL_ENTRY( 0x007f, NtQueryEvent, 20 ) \ - SYSCALL_ENTRY( 0x0080, NtQueryFullAttributesFile, 8 ) \ - SYSCALL_ENTRY( 0x0081, NtQueryInformationAtom, 20 ) \ - SYSCALL_ENTRY( 0x0082, NtQueryInformationFile, 20 ) \ - SYSCALL_ENTRY( 0x0083, NtQueryInformationJobObject, 20 ) \ - SYSCALL_ENTRY( 0x0084, NtQueryInformationProcess, 20 ) \ - SYSCALL_ENTRY( 0x0085, NtQueryInformationThread, 20 ) \ - SYSCALL_ENTRY( 0x0086, NtQueryInformationToken, 20 ) \ - SYSCALL_ENTRY( 0x0087, NtQueryInstallUILanguage, 4 ) \ - SYSCALL_ENTRY( 0x0088, NtQueryIoCompletion, 20 ) \ - SYSCALL_ENTRY( 0x0089, NtQueryKey, 20 ) \ - SYSCALL_ENTRY( 0x008a, NtQueryLicenseValue, 20 ) \ - SYSCALL_ENTRY( 0x008b, NtQueryMultipleValueKey, 24 ) \ - SYSCALL_ENTRY( 0x008c, NtQueryMutant, 20 ) \ - SYSCALL_ENTRY( 0x008d, NtQueryObject, 20 ) \ - SYSCALL_ENTRY( 0x008e, NtQueryPerformanceCounter, 8 ) \ - SYSCALL_ENTRY( 0x008f, NtQuerySection, 20 ) \ - SYSCALL_ENTRY( 0x0090, NtQuerySecurityObject, 20 ) \ - SYSCALL_ENTRY( 0x0091, NtQuerySemaphore, 20 ) \ - SYSCALL_ENTRY( 0x0092, NtQuerySymbolicLinkObject, 12 ) \ - SYSCALL_ENTRY( 0x0093, NtQuerySystemEnvironmentValue, 16 ) \ - SYSCALL_ENTRY( 0x0094, NtQuerySystemEnvironmentValueEx, 20 ) \ - SYSCALL_ENTRY( 0x0095, NtQuerySystemInformation, 16 ) \ - SYSCALL_ENTRY( 0x0096, NtQuerySystemInformationEx, 24 ) \ - SYSCALL_ENTRY( 0x0097, NtQuerySystemTime, 4 ) \ - SYSCALL_ENTRY( 0x0098, NtQueryTimer, 20 ) \ - SYSCALL_ENTRY( 0x0099, NtQueryTimerResolution, 12 ) \ - SYSCALL_ENTRY( 0x009a, NtQueryValueKey, 24 ) \ - SYSCALL_ENTRY( 0x009b, NtQueryVirtualMemory, 24 ) \ - SYSCALL_ENTRY( 0x009c, NtQueryVolumeInformationFile, 20 ) \ - SYSCALL_ENTRY( 0x009d, NtQueueApcThread, 20 ) \ - SYSCALL_ENTRY( 0x009e, NtRaiseException, 12 ) \ - SYSCALL_ENTRY( 0x009f, NtRaiseHardError, 24 ) \ - SYSCALL_ENTRY( 0x00a0, NtReadFile, 36 ) \ - SYSCALL_ENTRY( 0x00a1, NtReadFileScatter, 36 ) \ - SYSCALL_ENTRY( 0x00a2, NtReadVirtualMemory, 20 ) \ - SYSCALL_ENTRY( 0x00a3, NtRegisterThreadTerminatePort, 4 ) \ - SYSCALL_ENTRY( 0x00a4, NtReleaseKeyedEvent, 16 ) \ - SYSCALL_ENTRY( 0x00a5, NtReleaseMutant, 8 ) \ - SYSCALL_ENTRY( 0x00a6, NtReleaseSemaphore, 12 ) \ - SYSCALL_ENTRY( 0x00a7, NtRemoveIoCompletion, 20 ) \ - SYSCALL_ENTRY( 0x00a8, NtRemoveIoCompletionEx, 24 ) \ - SYSCALL_ENTRY( 0x00a9, NtRemoveProcessDebug, 8 ) \ - SYSCALL_ENTRY( 0x00aa, NtRenameKey, 8 ) \ - SYSCALL_ENTRY( 0x00ab, NtReplaceKey, 12 ) \ - SYSCALL_ENTRY( 0x00ac, NtReplyWaitReceivePort, 16 ) \ - SYSCALL_ENTRY( 0x00ad, NtRequestWaitReplyPort, 12 ) \ - SYSCALL_ENTRY( 0x00ae, NtResetEvent, 8 ) \ - SYSCALL_ENTRY( 0x00af, NtResetWriteWatch, 12 ) \ - SYSCALL_ENTRY( 0x00b0, NtRestoreKey, 12 ) \ - SYSCALL_ENTRY( 0x00b1, NtResumeProcess, 4 ) \ - SYSCALL_ENTRY( 0x00b2, NtResumeThread, 8 ) \ - SYSCALL_ENTRY( 0x00b3, NtRollbackTransaction, 8 ) \ - SYSCALL_ENTRY( 0x00b4, NtSaveKey, 8 ) \ - SYSCALL_ENTRY( 0x00b5, NtSecureConnectPort, 36 ) \ - SYSCALL_ENTRY( 0x00b6, NtSetContextThread, 8 ) \ - SYSCALL_ENTRY( 0x00b7, NtSetDebugFilterState, 12 ) \ - SYSCALL_ENTRY( 0x00b8, NtSetDefaultLocale, 8 ) \ - SYSCALL_ENTRY( 0x00b9, NtSetDefaultUILanguage, 4 ) \ - SYSCALL_ENTRY( 0x00ba, NtSetEaFile, 16 ) \ - SYSCALL_ENTRY( 0x00bb, NtSetEvent, 8 ) \ - SYSCALL_ENTRY( 0x00bc, NtSetInformationDebugObject, 20 ) \ - SYSCALL_ENTRY( 0x00bd, NtSetInformationFile, 20 ) \ - SYSCALL_ENTRY( 0x00be, NtSetInformationJobObject, 16 ) \ - SYSCALL_ENTRY( 0x00bf, NtSetInformationKey, 16 ) \ - SYSCALL_ENTRY( 0x00c0, NtSetInformationObject, 16 ) \ - SYSCALL_ENTRY( 0x00c1, NtSetInformationProcess, 16 ) \ - SYSCALL_ENTRY( 0x00c2, NtSetInformationThread, 16 ) \ - SYSCALL_ENTRY( 0x00c3, NtSetInformationToken, 16 ) \ - SYSCALL_ENTRY( 0x00c4, NtSetInformationVirtualMemory, 24 ) \ - SYSCALL_ENTRY( 0x00c5, NtSetIntervalProfile, 8 ) \ - SYSCALL_ENTRY( 0x00c6, NtSetIoCompletion, 20 ) \ - SYSCALL_ENTRY( 0x00c7, NtSetLdtEntries, 24 ) \ - SYSCALL_ENTRY( 0x00c8, NtSetSecurityObject, 12 ) \ - SYSCALL_ENTRY( 0x00c9, NtSetSystemInformation, 12 ) \ - SYSCALL_ENTRY( 0x00ca, NtSetSystemTime, 8 ) \ - SYSCALL_ENTRY( 0x00cb, NtSetThreadExecutionState, 8 ) \ - SYSCALL_ENTRY( 0x00cc, NtSetTimer, 28 ) \ - SYSCALL_ENTRY( 0x00cd, NtSetTimerResolution, 12 ) \ - SYSCALL_ENTRY( 0x00ce, NtSetValueKey, 24 ) \ - SYSCALL_ENTRY( 0x00cf, NtSetVolumeInformationFile, 20 ) \ - SYSCALL_ENTRY( 0x00d0, NtShutdownSystem, 4 ) \ - SYSCALL_ENTRY( 0x00d1, NtSignalAndWaitForSingleObject, 16 ) \ - SYSCALL_ENTRY( 0x00d2, NtSuspendProcess, 4 ) \ - SYSCALL_ENTRY( 0x00d3, NtSuspendThread, 8 ) \ - SYSCALL_ENTRY( 0x00d4, NtSystemDebugControl, 24 ) \ - SYSCALL_ENTRY( 0x00d5, NtTerminateJobObject, 8 ) \ - SYSCALL_ENTRY( 0x00d6, NtTerminateProcess, 8 ) \ - SYSCALL_ENTRY( 0x00d7, NtTerminateThread, 8 ) \ - SYSCALL_ENTRY( 0x00d8, NtTestAlert, 0 ) \ - SYSCALL_ENTRY( 0x00d9, NtTraceControl, 24 ) \ - SYSCALL_ENTRY( 0x00da, NtUnloadDriver, 4 ) \ - SYSCALL_ENTRY( 0x00db, NtUnloadKey, 4 ) \ - SYSCALL_ENTRY( 0x00dc, NtUnlockFile, 20 ) \ - SYSCALL_ENTRY( 0x00dd, NtUnlockVirtualMemory, 16 ) \ - SYSCALL_ENTRY( 0x00de, NtUnmapViewOfSection, 8 ) \ - SYSCALL_ENTRY( 0x00df, NtUnmapViewOfSectionEx, 12 ) \ - SYSCALL_ENTRY( 0x00e0, NtWaitForAlertByThreadId, 8 ) \ - SYSCALL_ENTRY( 0x00e1, NtWaitForDebugEvent, 16 ) \ - SYSCALL_ENTRY( 0x00e2, NtWaitForKeyedEvent, 16 ) \ - SYSCALL_ENTRY( 0x00e3, NtWaitForMultipleObjects, 20 ) \ - SYSCALL_ENTRY( 0x00e4, NtWaitForSingleObject, 12 ) \ - SYSCALL_ENTRY( 0x00e5, NtWow64AllocateVirtualMemory64, 28 ) \ - SYSCALL_ENTRY( 0x00e6, NtWow64GetNativeSystemInformation, 16 ) \ - SYSCALL_ENTRY( 0x00e7, NtWow64IsProcessorFeaturePresent, 4 ) \ - SYSCALL_ENTRY( 0x00e8, NtWow64ReadVirtualMemory64, 28 ) \ - SYSCALL_ENTRY( 0x00e9, NtWow64WriteVirtualMemory64, 28 ) \ - SYSCALL_ENTRY( 0x00ea, NtWriteFile, 36 ) \ - SYSCALL_ENTRY( 0x00eb, NtWriteFileGather, 36 ) \ - SYSCALL_ENTRY( 0x00ec, NtWriteVirtualMemory, 20 ) \ - SYSCALL_ENTRY( 0x00ed, NtYieldExecution, 0 ) \ - SYSCALL_ENTRY( 0x00ee, wine_nt_to_unix_file_name, 16 ) \ - SYSCALL_ENTRY( 0x00ef, wine_unix_to_nt_file_name, 12 ) + SYSCALL_ENTRY( 0x001c, NtContinueEx, 8 ) \ + SYSCALL_ENTRY( 0x001d, NtCreateDebugObject, 16 ) \ + SYSCALL_ENTRY( 0x001e, NtCreateDirectoryObject, 12 ) \ + SYSCALL_ENTRY( 0x001f, NtCreateEvent, 20 ) \ + SYSCALL_ENTRY( 0x0020, NtCreateFile, 44 ) \ + SYSCALL_ENTRY( 0x0021, NtCreateIoCompletion, 16 ) \ + SYSCALL_ENTRY( 0x0022, NtCreateJobObject, 12 ) \ + SYSCALL_ENTRY( 0x0023, NtCreateKey, 28 ) \ + SYSCALL_ENTRY( 0x0024, NtCreateKeyTransacted, 32 ) \ + SYSCALL_ENTRY( 0x0025, NtCreateKeyedEvent, 16 ) \ + SYSCALL_ENTRY( 0x0026, NtCreateLowBoxToken, 36 ) \ + SYSCALL_ENTRY( 0x0027, NtCreateMailslotFile, 32 ) \ + SYSCALL_ENTRY( 0x0028, NtCreateMutant, 16 ) \ + SYSCALL_ENTRY( 0x0029, NtCreateNamedPipeFile, 56 ) \ + SYSCALL_ENTRY( 0x002a, NtCreatePagingFile, 16 ) \ + SYSCALL_ENTRY( 0x002b, NtCreatePort, 20 ) \ + SYSCALL_ENTRY( 0x002c, NtCreateSection, 28 ) \ + SYSCALL_ENTRY( 0x002d, NtCreateSemaphore, 20 ) \ + SYSCALL_ENTRY( 0x002e, NtCreateSymbolicLinkObject, 16 ) \ + SYSCALL_ENTRY( 0x002f, NtCreateThread, 32 ) \ + SYSCALL_ENTRY( 0x0030, NtCreateThreadEx, 44 ) \ + SYSCALL_ENTRY( 0x0031, NtCreateTimer, 16 ) \ + SYSCALL_ENTRY( 0x0032, NtCreateToken, 52 ) \ + SYSCALL_ENTRY( 0x0033, NtCreateTransaction, 40 ) \ + SYSCALL_ENTRY( 0x0034, NtCreateUserProcess, 44 ) \ + SYSCALL_ENTRY( 0x0035, NtDebugActiveProcess, 8 ) \ + SYSCALL_ENTRY( 0x0036, NtDebugContinue, 12 ) \ + SYSCALL_ENTRY( 0x0037, NtDelayExecution, 8 ) \ + SYSCALL_ENTRY( 0x0038, NtDeleteAtom, 4 ) \ + SYSCALL_ENTRY( 0x0039, NtDeleteFile, 4 ) \ + SYSCALL_ENTRY( 0x003a, NtDeleteKey, 4 ) \ + SYSCALL_ENTRY( 0x003b, NtDeleteValueKey, 8 ) \ + SYSCALL_ENTRY( 0x003c, NtDeviceIoControlFile, 40 ) \ + SYSCALL_ENTRY( 0x003d, NtDisplayString, 4 ) \ + SYSCALL_ENTRY( 0x003e, NtDuplicateObject, 28 ) \ + SYSCALL_ENTRY( 0x003f, NtDuplicateToken, 24 ) \ + SYSCALL_ENTRY( 0x0040, NtEnumerateKey, 24 ) \ + SYSCALL_ENTRY( 0x0041, NtEnumerateValueKey, 24 ) \ + SYSCALL_ENTRY( 0x0042, NtFilterToken, 24 ) \ + SYSCALL_ENTRY( 0x0043, NtFindAtom, 12 ) \ + SYSCALL_ENTRY( 0x0044, NtFlushBuffersFile, 8 ) \ + SYSCALL_ENTRY( 0x0045, NtFlushInstructionCache, 12 ) \ + SYSCALL_ENTRY( 0x0046, NtFlushKey, 4 ) \ + SYSCALL_ENTRY( 0x0047, NtFlushProcessWriteBuffers, 0 ) \ + SYSCALL_ENTRY( 0x0048, NtFlushVirtualMemory, 16 ) \ + SYSCALL_ENTRY( 0x0049, NtFreeVirtualMemory, 16 ) \ + SYSCALL_ENTRY( 0x004a, NtFsControlFile, 40 ) \ + SYSCALL_ENTRY( 0x004b, NtGetContextThread, 8 ) \ + SYSCALL_ENTRY( 0x004c, NtGetCurrentProcessorNumber, 0 ) \ + SYSCALL_ENTRY( 0x004d, NtGetNextThread, 24 ) \ + SYSCALL_ENTRY( 0x004e, NtGetNlsSectionPtr, 20 ) \ + SYSCALL_ENTRY( 0x004f, NtGetWriteWatch, 28 ) \ + SYSCALL_ENTRY( 0x0050, NtImpersonateAnonymousToken, 4 ) \ + SYSCALL_ENTRY( 0x0051, NtInitializeNlsFiles, 12 ) \ + SYSCALL_ENTRY( 0x0052, NtInitiatePowerAction, 16 ) \ + SYSCALL_ENTRY( 0x0053, NtIsProcessInJob, 8 ) \ + SYSCALL_ENTRY( 0x0054, NtListenPort, 8 ) \ + SYSCALL_ENTRY( 0x0055, NtLoadDriver, 4 ) \ + SYSCALL_ENTRY( 0x0056, NtLoadKey, 8 ) \ + SYSCALL_ENTRY( 0x0057, NtLoadKey2, 12 ) \ + SYSCALL_ENTRY( 0x0058, NtLoadKeyEx, 32 ) \ + SYSCALL_ENTRY( 0x0059, NtLockFile, 40 ) \ + SYSCALL_ENTRY( 0x005a, NtLockVirtualMemory, 16 ) \ + SYSCALL_ENTRY( 0x005b, NtMakeTemporaryObject, 4 ) \ + SYSCALL_ENTRY( 0x005c, NtMapViewOfSection, 40 ) \ + SYSCALL_ENTRY( 0x005d, NtMapViewOfSectionEx, 36 ) \ + SYSCALL_ENTRY( 0x005e, NtNotifyChangeDirectoryFile, 36 ) \ + SYSCALL_ENTRY( 0x005f, NtNotifyChangeKey, 40 ) \ + SYSCALL_ENTRY( 0x0060, NtNotifyChangeMultipleKeys, 48 ) \ + SYSCALL_ENTRY( 0x0061, NtOpenDirectoryObject, 12 ) \ + SYSCALL_ENTRY( 0x0062, NtOpenEvent, 12 ) \ + SYSCALL_ENTRY( 0x0063, NtOpenFile, 24 ) \ + SYSCALL_ENTRY( 0x0064, NtOpenIoCompletion, 12 ) \ + SYSCALL_ENTRY( 0x0065, NtOpenJobObject, 12 ) \ + SYSCALL_ENTRY( 0x0066, NtOpenKey, 12 ) \ + SYSCALL_ENTRY( 0x0067, NtOpenKeyEx, 16 ) \ + SYSCALL_ENTRY( 0x0068, NtOpenKeyTransacted, 16 ) \ + SYSCALL_ENTRY( 0x0069, NtOpenKeyTransactedEx, 20 ) \ + SYSCALL_ENTRY( 0x006a, NtOpenKeyedEvent, 12 ) \ + SYSCALL_ENTRY( 0x006b, NtOpenMutant, 12 ) \ + SYSCALL_ENTRY( 0x006c, NtOpenProcess, 16 ) \ + SYSCALL_ENTRY( 0x006d, NtOpenProcessToken, 12 ) \ + SYSCALL_ENTRY( 0x006e, NtOpenProcessTokenEx, 16 ) \ + SYSCALL_ENTRY( 0x006f, NtOpenSection, 12 ) \ + SYSCALL_ENTRY( 0x0070, NtOpenSemaphore, 12 ) \ + SYSCALL_ENTRY( 0x0071, NtOpenSymbolicLinkObject, 12 ) \ + SYSCALL_ENTRY( 0x0072, NtOpenThread, 16 ) \ + SYSCALL_ENTRY( 0x0073, NtOpenThreadToken, 16 ) \ + SYSCALL_ENTRY( 0x0074, NtOpenThreadTokenEx, 20 ) \ + SYSCALL_ENTRY( 0x0075, NtOpenTimer, 12 ) \ + SYSCALL_ENTRY( 0x0076, NtPowerInformation, 20 ) \ + SYSCALL_ENTRY( 0x0077, NtPrivilegeCheck, 12 ) \ + SYSCALL_ENTRY( 0x0078, NtProtectVirtualMemory, 20 ) \ + SYSCALL_ENTRY( 0x0079, NtPulseEvent, 8 ) \ + SYSCALL_ENTRY( 0x007a, NtQueryAttributesFile, 8 ) \ + SYSCALL_ENTRY( 0x007b, NtQueryDefaultLocale, 8 ) \ + SYSCALL_ENTRY( 0x007c, NtQueryDefaultUILanguage, 4 ) \ + SYSCALL_ENTRY( 0x007d, NtQueryDirectoryFile, 44 ) \ + SYSCALL_ENTRY( 0x007e, NtQueryDirectoryObject, 28 ) \ + SYSCALL_ENTRY( 0x007f, NtQueryEaFile, 36 ) \ + SYSCALL_ENTRY( 0x0080, NtQueryEvent, 20 ) \ + SYSCALL_ENTRY( 0x0081, NtQueryFullAttributesFile, 8 ) \ + SYSCALL_ENTRY( 0x0082, NtQueryInformationAtom, 20 ) \ + SYSCALL_ENTRY( 0x0083, NtQueryInformationFile, 20 ) \ + SYSCALL_ENTRY( 0x0084, NtQueryInformationJobObject, 20 ) \ + SYSCALL_ENTRY( 0x0085, NtQueryInformationProcess, 20 ) \ + SYSCALL_ENTRY( 0x0086, NtQueryInformationThread, 20 ) \ + SYSCALL_ENTRY( 0x0087, NtQueryInformationToken, 20 ) \ + SYSCALL_ENTRY( 0x0088, NtQueryInstallUILanguage, 4 ) \ + SYSCALL_ENTRY( 0x0089, NtQueryIoCompletion, 20 ) \ + SYSCALL_ENTRY( 0x008a, NtQueryKey, 20 ) \ + SYSCALL_ENTRY( 0x008b, NtQueryLicenseValue, 20 ) \ + SYSCALL_ENTRY( 0x008c, NtQueryMultipleValueKey, 24 ) \ + SYSCALL_ENTRY( 0x008d, NtQueryMutant, 20 ) \ + SYSCALL_ENTRY( 0x008e, NtQueryObject, 20 ) \ + SYSCALL_ENTRY( 0x008f, NtQueryPerformanceCounter, 8 ) \ + SYSCALL_ENTRY( 0x0090, NtQuerySection, 20 ) \ + SYSCALL_ENTRY( 0x0091, NtQuerySecurityObject, 20 ) \ + SYSCALL_ENTRY( 0x0092, NtQuerySemaphore, 20 ) \ + SYSCALL_ENTRY( 0x0093, NtQuerySymbolicLinkObject, 12 ) \ + SYSCALL_ENTRY( 0x0094, NtQuerySystemEnvironmentValue, 16 ) \ + SYSCALL_ENTRY( 0x0095, NtQuerySystemEnvironmentValueEx, 20 ) \ + SYSCALL_ENTRY( 0x0096, NtQuerySystemInformation, 16 ) \ + SYSCALL_ENTRY( 0x0097, NtQuerySystemInformationEx, 24 ) \ + SYSCALL_ENTRY( 0x0098, NtQuerySystemTime, 4 ) \ + SYSCALL_ENTRY( 0x0099, NtQueryTimer, 20 ) \ + SYSCALL_ENTRY( 0x009a, NtQueryTimerResolution, 12 ) \ + SYSCALL_ENTRY( 0x009b, NtQueryValueKey, 24 ) \ + SYSCALL_ENTRY( 0x009c, NtQueryVirtualMemory, 24 ) \ + SYSCALL_ENTRY( 0x009d, NtQueryVolumeInformationFile, 20 ) \ + SYSCALL_ENTRY( 0x009e, NtQueueApcThread, 20 ) \ + SYSCALL_ENTRY( 0x009f, NtRaiseException, 12 ) \ + SYSCALL_ENTRY( 0x00a0, NtRaiseHardError, 24 ) \ + SYSCALL_ENTRY( 0x00a1, NtReadFile, 36 ) \ + SYSCALL_ENTRY( 0x00a2, NtReadFileScatter, 36 ) \ + SYSCALL_ENTRY( 0x00a3, NtReadVirtualMemory, 20 ) \ + SYSCALL_ENTRY( 0x00a4, NtRegisterThreadTerminatePort, 4 ) \ + SYSCALL_ENTRY( 0x00a5, NtReleaseKeyedEvent, 16 ) \ + SYSCALL_ENTRY( 0x00a6, NtReleaseMutant, 8 ) \ + SYSCALL_ENTRY( 0x00a7, NtReleaseSemaphore, 12 ) \ + SYSCALL_ENTRY( 0x00a8, NtRemoveIoCompletion, 20 ) \ + SYSCALL_ENTRY( 0x00a9, NtRemoveIoCompletionEx, 24 ) \ + SYSCALL_ENTRY( 0x00aa, NtRemoveProcessDebug, 8 ) \ + SYSCALL_ENTRY( 0x00ab, NtRenameKey, 8 ) \ + SYSCALL_ENTRY( 0x00ac, NtReplaceKey, 12 ) \ + SYSCALL_ENTRY( 0x00ad, NtReplyWaitReceivePort, 16 ) \ + SYSCALL_ENTRY( 0x00ae, NtRequestWaitReplyPort, 12 ) \ + SYSCALL_ENTRY( 0x00af, NtResetEvent, 8 ) \ + SYSCALL_ENTRY( 0x00b0, NtResetWriteWatch, 12 ) \ + SYSCALL_ENTRY( 0x00b1, NtRestoreKey, 12 ) \ + SYSCALL_ENTRY( 0x00b2, NtResumeProcess, 4 ) \ + SYSCALL_ENTRY( 0x00b3, NtResumeThread, 8 ) \ + SYSCALL_ENTRY( 0x00b4, NtRollbackTransaction, 8 ) \ + SYSCALL_ENTRY( 0x00b5, NtSaveKey, 8 ) \ + SYSCALL_ENTRY( 0x00b6, NtSecureConnectPort, 36 ) \ + SYSCALL_ENTRY( 0x00b7, NtSetContextThread, 8 ) \ + SYSCALL_ENTRY( 0x00b8, NtSetDebugFilterState, 12 ) \ + SYSCALL_ENTRY( 0x00b9, NtSetDefaultLocale, 8 ) \ + SYSCALL_ENTRY( 0x00ba, NtSetDefaultUILanguage, 4 ) \ + SYSCALL_ENTRY( 0x00bb, NtSetEaFile, 16 ) \ + SYSCALL_ENTRY( 0x00bc, NtSetEvent, 8 ) \ + SYSCALL_ENTRY( 0x00bd, NtSetInformationDebugObject, 20 ) \ + SYSCALL_ENTRY( 0x00be, NtSetInformationFile, 20 ) \ + SYSCALL_ENTRY( 0x00bf, NtSetInformationJobObject, 16 ) \ + SYSCALL_ENTRY( 0x00c0, NtSetInformationKey, 16 ) \ + SYSCALL_ENTRY( 0x00c1, NtSetInformationObject, 16 ) \ + SYSCALL_ENTRY( 0x00c2, NtSetInformationProcess, 16 ) \ + SYSCALL_ENTRY( 0x00c3, NtSetInformationThread, 16 ) \ + SYSCALL_ENTRY( 0x00c4, NtSetInformationToken, 16 ) \ + SYSCALL_ENTRY( 0x00c5, NtSetInformationVirtualMemory, 24 ) \ + SYSCALL_ENTRY( 0x00c6, NtSetIntervalProfile, 8 ) \ + SYSCALL_ENTRY( 0x00c7, NtSetIoCompletion, 20 ) \ + SYSCALL_ENTRY( 0x00c8, NtSetLdtEntries, 24 ) \ + SYSCALL_ENTRY( 0x00c9, NtSetSecurityObject, 12 ) \ + SYSCALL_ENTRY( 0x00ca, NtSetSystemInformation, 12 ) \ + SYSCALL_ENTRY( 0x00cb, NtSetSystemTime, 8 ) \ + SYSCALL_ENTRY( 0x00cc, NtSetThreadExecutionState, 8 ) \ + SYSCALL_ENTRY( 0x00cd, NtSetTimer, 28 ) \ + SYSCALL_ENTRY( 0x00ce, NtSetTimerResolution, 12 ) \ + SYSCALL_ENTRY( 0x00cf, NtSetValueKey, 24 ) \ + SYSCALL_ENTRY( 0x00d0, NtSetVolumeInformationFile, 20 ) \ + SYSCALL_ENTRY( 0x00d1, NtShutdownSystem, 4 ) \ + SYSCALL_ENTRY( 0x00d2, NtSignalAndWaitForSingleObject, 16 ) \ + SYSCALL_ENTRY( 0x00d3, NtSuspendProcess, 4 ) \ + SYSCALL_ENTRY( 0x00d4, NtSuspendThread, 8 ) \ + SYSCALL_ENTRY( 0x00d5, NtSystemDebugControl, 24 ) \ + SYSCALL_ENTRY( 0x00d6, NtTerminateJobObject, 8 ) \ + SYSCALL_ENTRY( 0x00d7, NtTerminateProcess, 8 ) \ + SYSCALL_ENTRY( 0x00d8, NtTerminateThread, 8 ) \ + SYSCALL_ENTRY( 0x00d9, NtTestAlert, 0 ) \ + SYSCALL_ENTRY( 0x00da, NtTraceControl, 24 ) \ + SYSCALL_ENTRY( 0x00db, NtUnloadDriver, 4 ) \ + SYSCALL_ENTRY( 0x00dc, NtUnloadKey, 4 ) \ + SYSCALL_ENTRY( 0x00dd, NtUnlockFile, 20 ) \ + SYSCALL_ENTRY( 0x00de, NtUnlockVirtualMemory, 16 ) \ + SYSCALL_ENTRY( 0x00df, NtUnmapViewOfSection, 8 ) \ + SYSCALL_ENTRY( 0x00e0, NtUnmapViewOfSectionEx, 12 ) \ + SYSCALL_ENTRY( 0x00e1, NtWaitForAlertByThreadId, 8 ) \ + SYSCALL_ENTRY( 0x00e2, NtWaitForDebugEvent, 16 ) \ + SYSCALL_ENTRY( 0x00e3, NtWaitForKeyedEvent, 16 ) \ + SYSCALL_ENTRY( 0x00e4, NtWaitForMultipleObjects, 20 ) \ + SYSCALL_ENTRY( 0x00e5, NtWaitForSingleObject, 12 ) \ + SYSCALL_ENTRY( 0x00e6, NtWow64AllocateVirtualMemory64, 28 ) \ + SYSCALL_ENTRY( 0x00e7, NtWow64GetNativeSystemInformation, 16 ) \ + SYSCALL_ENTRY( 0x00e8, NtWow64IsProcessorFeaturePresent, 4 ) \ + SYSCALL_ENTRY( 0x00e9, NtWow64ReadVirtualMemory64, 28 ) \ + SYSCALL_ENTRY( 0x00ea, NtWow64WriteVirtualMemory64, 28 ) \ + SYSCALL_ENTRY( 0x00eb, NtWriteFile, 36 ) \ + SYSCALL_ENTRY( 0x00ec, NtWriteFileGather, 36 ) \ + SYSCALL_ENTRY( 0x00ed, NtWriteVirtualMemory, 20 ) \ + SYSCALL_ENTRY( 0x00ee, NtYieldExecution, 0 ) \ + SYSCALL_ENTRY( 0x00ef, wine_nt_to_unix_file_name, 16 ) \ + SYSCALL_ENTRY( 0x00f0, wine_unix_to_nt_file_name, 12 )

#define ALL_SYSCALLS64 \ SYSCALL_ENTRY( 0x0000, NtAcceptConnectPort, 48 ) \ @@ -271,210 +272,211 @@ SYSCALL_ENTRY( 0x0019, NtCompleteConnectPort, 8 ) \ SYSCALL_ENTRY( 0x001a, NtConnectPort, 64 ) \ SYSCALL_ENTRY( 0x001b, NtContinue, 16 ) \ - SYSCALL_ENTRY( 0x001c, NtCreateDebugObject, 32 ) \ - SYSCALL_ENTRY( 0x001d, NtCreateDirectoryObject, 24 ) \ - SYSCALL_ENTRY( 0x001e, NtCreateEvent, 40 ) \ - SYSCALL_ENTRY( 0x001f, NtCreateFile, 88 ) \ - SYSCALL_ENTRY( 0x0020, NtCreateIoCompletion, 32 ) \ - SYSCALL_ENTRY( 0x0021, NtCreateJobObject, 24 ) \ - SYSCALL_ENTRY( 0x0022, NtCreateKey, 56 ) \ - SYSCALL_ENTRY( 0x0023, NtCreateKeyTransacted, 64 ) \ - SYSCALL_ENTRY( 0x0024, NtCreateKeyedEvent, 32 ) \ - SYSCALL_ENTRY( 0x0025, NtCreateLowBoxToken, 72 ) \ - SYSCALL_ENTRY( 0x0026, NtCreateMailslotFile, 64 ) \ - SYSCALL_ENTRY( 0x0027, NtCreateMutant, 32 ) \ - SYSCALL_ENTRY( 0x0028, NtCreateNamedPipeFile, 112 ) \ - SYSCALL_ENTRY( 0x0029, NtCreatePagingFile, 32 ) \ - SYSCALL_ENTRY( 0x002a, NtCreatePort, 40 ) \ - SYSCALL_ENTRY( 0x002b, NtCreateSection, 56 ) \ - SYSCALL_ENTRY( 0x002c, NtCreateSemaphore, 40 ) \ - SYSCALL_ENTRY( 0x002d, NtCreateSymbolicLinkObject, 32 ) \ - SYSCALL_ENTRY( 0x002e, NtCreateThread, 64 ) \ - SYSCALL_ENTRY( 0x002f, NtCreateThreadEx, 88 ) \ - SYSCALL_ENTRY( 0x0030, NtCreateTimer, 32 ) \ - SYSCALL_ENTRY( 0x0031, NtCreateToken, 104 ) \ - SYSCALL_ENTRY( 0x0032, NtCreateTransaction, 80 ) \ - SYSCALL_ENTRY( 0x0033, NtCreateUserProcess, 88 ) \ - SYSCALL_ENTRY( 0x0034, NtDebugActiveProcess, 16 ) \ - SYSCALL_ENTRY( 0x0035, NtDebugContinue, 24 ) \ - SYSCALL_ENTRY( 0x0036, NtDelayExecution, 16 ) \ - SYSCALL_ENTRY( 0x0037, NtDeleteAtom, 8 ) \ - SYSCALL_ENTRY( 0x0038, NtDeleteFile, 8 ) \ - SYSCALL_ENTRY( 0x0039, NtDeleteKey, 8 ) \ - SYSCALL_ENTRY( 0x003a, NtDeleteValueKey, 16 ) \ - SYSCALL_ENTRY( 0x003b, NtDeviceIoControlFile, 80 ) \ - SYSCALL_ENTRY( 0x003c, NtDisplayString, 8 ) \ - SYSCALL_ENTRY( 0x003d, NtDuplicateObject, 56 ) \ - SYSCALL_ENTRY( 0x003e, NtDuplicateToken, 48 ) \ - SYSCALL_ENTRY( 0x003f, NtEnumerateKey, 48 ) \ - SYSCALL_ENTRY( 0x0040, NtEnumerateValueKey, 48 ) \ - SYSCALL_ENTRY( 0x0041, NtFilterToken, 48 ) \ - SYSCALL_ENTRY( 0x0042, NtFindAtom, 24 ) \ - SYSCALL_ENTRY( 0x0043, NtFlushBuffersFile, 16 ) \ - SYSCALL_ENTRY( 0x0044, NtFlushInstructionCache, 24 ) \ - SYSCALL_ENTRY( 0x0045, NtFlushKey, 8 ) \ - SYSCALL_ENTRY( 0x0046, NtFlushProcessWriteBuffers, 0 ) \ - SYSCALL_ENTRY( 0x0047, NtFlushVirtualMemory, 32 ) \ - SYSCALL_ENTRY( 0x0048, NtFreeVirtualMemory, 32 ) \ - SYSCALL_ENTRY( 0x0049, NtFsControlFile, 80 ) \ - SYSCALL_ENTRY( 0x004a, NtGetContextThread, 16 ) \ - SYSCALL_ENTRY( 0x004b, NtGetCurrentProcessorNumber, 0 ) \ - SYSCALL_ENTRY( 0x004c, NtGetNextThread, 48 ) \ - SYSCALL_ENTRY( 0x004d, NtGetNlsSectionPtr, 40 ) \ - SYSCALL_ENTRY( 0x004e, NtGetWriteWatch, 56 ) \ - SYSCALL_ENTRY( 0x004f, NtImpersonateAnonymousToken, 8 ) \ - SYSCALL_ENTRY( 0x0050, NtInitializeNlsFiles, 24 ) \ - SYSCALL_ENTRY( 0x0051, NtInitiatePowerAction, 32 ) \ - SYSCALL_ENTRY( 0x0052, NtIsProcessInJob, 16 ) \ - SYSCALL_ENTRY( 0x0053, NtListenPort, 16 ) \ - SYSCALL_ENTRY( 0x0054, NtLoadDriver, 8 ) \ - SYSCALL_ENTRY( 0x0055, NtLoadKey, 16 ) \ - SYSCALL_ENTRY( 0x0056, NtLoadKey2, 24 ) \ - SYSCALL_ENTRY( 0x0057, NtLoadKeyEx, 64 ) \ - SYSCALL_ENTRY( 0x0058, NtLockFile, 80 ) \ - SYSCALL_ENTRY( 0x0059, NtLockVirtualMemory, 32 ) \ - SYSCALL_ENTRY( 0x005a, NtMakeTemporaryObject, 8 ) \ - SYSCALL_ENTRY( 0x005b, NtMapViewOfSection, 80 ) \ - SYSCALL_ENTRY( 0x005c, NtMapViewOfSectionEx, 72 ) \ - SYSCALL_ENTRY( 0x005d, NtNotifyChangeDirectoryFile, 72 ) \ - SYSCALL_ENTRY( 0x005e, NtNotifyChangeKey, 80 ) \ - SYSCALL_ENTRY( 0x005f, NtNotifyChangeMultipleKeys, 96 ) \ - SYSCALL_ENTRY( 0x0060, NtOpenDirectoryObject, 24 ) \ - SYSCALL_ENTRY( 0x0061, NtOpenEvent, 24 ) \ - SYSCALL_ENTRY( 0x0062, NtOpenFile, 48 ) \ - SYSCALL_ENTRY( 0x0063, NtOpenIoCompletion, 24 ) \ - SYSCALL_ENTRY( 0x0064, NtOpenJobObject, 24 ) \ - SYSCALL_ENTRY( 0x0065, NtOpenKey, 24 ) \ - SYSCALL_ENTRY( 0x0066, NtOpenKeyEx, 32 ) \ - SYSCALL_ENTRY( 0x0067, NtOpenKeyTransacted, 32 ) \ - SYSCALL_ENTRY( 0x0068, NtOpenKeyTransactedEx, 40 ) \ - SYSCALL_ENTRY( 0x0069, NtOpenKeyedEvent, 24 ) \ - SYSCALL_ENTRY( 0x006a, NtOpenMutant, 24 ) \ - SYSCALL_ENTRY( 0x006b, NtOpenProcess, 32 ) \ - SYSCALL_ENTRY( 0x006c, NtOpenProcessToken, 24 ) \ - SYSCALL_ENTRY( 0x006d, NtOpenProcessTokenEx, 32 ) \ - SYSCALL_ENTRY( 0x006e, NtOpenSection, 24 ) \ - SYSCALL_ENTRY( 0x006f, NtOpenSemaphore, 24 ) \ - SYSCALL_ENTRY( 0x0070, NtOpenSymbolicLinkObject, 24 ) \ - SYSCALL_ENTRY( 0x0071, NtOpenThread, 32 ) \ - SYSCALL_ENTRY( 0x0072, NtOpenThreadToken, 32 ) \ - SYSCALL_ENTRY( 0x0073, NtOpenThreadTokenEx, 40 ) \ - SYSCALL_ENTRY( 0x0074, NtOpenTimer, 24 ) \ - SYSCALL_ENTRY( 0x0075, NtPowerInformation, 40 ) \ - SYSCALL_ENTRY( 0x0076, NtPrivilegeCheck, 24 ) \ - SYSCALL_ENTRY( 0x0077, NtProtectVirtualMemory, 40 ) \ - SYSCALL_ENTRY( 0x0078, NtPulseEvent, 16 ) \ - SYSCALL_ENTRY( 0x0079, NtQueryAttributesFile, 16 ) \ - SYSCALL_ENTRY( 0x007a, NtQueryDefaultLocale, 16 ) \ - SYSCALL_ENTRY( 0x007b, NtQueryDefaultUILanguage, 8 ) \ - SYSCALL_ENTRY( 0x007c, NtQueryDirectoryFile, 88 ) \ - SYSCALL_ENTRY( 0x007d, NtQueryDirectoryObject, 56 ) \ - SYSCALL_ENTRY( 0x007e, NtQueryEaFile, 72 ) \ - SYSCALL_ENTRY( 0x007f, NtQueryEvent, 40 ) \ - SYSCALL_ENTRY( 0x0080, NtQueryFullAttributesFile, 16 ) \ - SYSCALL_ENTRY( 0x0081, NtQueryInformationAtom, 40 ) \ - SYSCALL_ENTRY( 0x0082, NtQueryInformationFile, 40 ) \ - SYSCALL_ENTRY( 0x0083, NtQueryInformationJobObject, 40 ) \ - SYSCALL_ENTRY( 0x0084, NtQueryInformationProcess, 40 ) \ - SYSCALL_ENTRY( 0x0085, NtQueryInformationThread, 40 ) \ - SYSCALL_ENTRY( 0x0086, NtQueryInformationToken, 40 ) \ - SYSCALL_ENTRY( 0x0087, NtQueryInstallUILanguage, 8 ) \ - SYSCALL_ENTRY( 0x0088, NtQueryIoCompletion, 40 ) \ - SYSCALL_ENTRY( 0x0089, NtQueryKey, 40 ) \ - SYSCALL_ENTRY( 0x008a, NtQueryLicenseValue, 40 ) \ - SYSCALL_ENTRY( 0x008b, NtQueryMultipleValueKey, 48 ) \ - SYSCALL_ENTRY( 0x008c, NtQueryMutant, 40 ) \ - SYSCALL_ENTRY( 0x008d, NtQueryObject, 40 ) \ - SYSCALL_ENTRY( 0x008e, NtQueryPerformanceCounter, 16 ) \ - SYSCALL_ENTRY( 0x008f, NtQuerySection, 40 ) \ - SYSCALL_ENTRY( 0x0090, NtQuerySecurityObject, 40 ) \ - SYSCALL_ENTRY( 0x0091, NtQuerySemaphore, 40 ) \ - SYSCALL_ENTRY( 0x0092, NtQuerySymbolicLinkObject, 24 ) \ - SYSCALL_ENTRY( 0x0093, NtQuerySystemEnvironmentValue, 32 ) \ - SYSCALL_ENTRY( 0x0094, NtQuerySystemEnvironmentValueEx, 40 ) \ - SYSCALL_ENTRY( 0x0095, NtQuerySystemInformation, 32 ) \ - SYSCALL_ENTRY( 0x0096, NtQuerySystemInformationEx, 48 ) \ - SYSCALL_ENTRY( 0x0097, NtQuerySystemTime, 8 ) \ - SYSCALL_ENTRY( 0x0098, NtQueryTimer, 40 ) \ - SYSCALL_ENTRY( 0x0099, NtQueryTimerResolution, 24 ) \ - SYSCALL_ENTRY( 0x009a, NtQueryValueKey, 48 ) \ - SYSCALL_ENTRY( 0x009b, NtQueryVirtualMemory, 48 ) \ - SYSCALL_ENTRY( 0x009c, NtQueryVolumeInformationFile, 40 ) \ - SYSCALL_ENTRY( 0x009d, NtQueueApcThread, 40 ) \ - SYSCALL_ENTRY( 0x009e, NtRaiseException, 24 ) \ - SYSCALL_ENTRY( 0x009f, NtRaiseHardError, 48 ) \ - SYSCALL_ENTRY( 0x00a0, NtReadFile, 72 ) \ - SYSCALL_ENTRY( 0x00a1, NtReadFileScatter, 72 ) \ - SYSCALL_ENTRY( 0x00a2, NtReadVirtualMemory, 40 ) \ - SYSCALL_ENTRY( 0x00a3, NtRegisterThreadTerminatePort, 8 ) \ - SYSCALL_ENTRY( 0x00a4, NtReleaseKeyedEvent, 32 ) \ - SYSCALL_ENTRY( 0x00a5, NtReleaseMutant, 16 ) \ - SYSCALL_ENTRY( 0x00a6, NtReleaseSemaphore, 24 ) \ - SYSCALL_ENTRY( 0x00a7, NtRemoveIoCompletion, 40 ) \ - SYSCALL_ENTRY( 0x00a8, NtRemoveIoCompletionEx, 48 ) \ - SYSCALL_ENTRY( 0x00a9, NtRemoveProcessDebug, 16 ) \ - SYSCALL_ENTRY( 0x00aa, NtRenameKey, 16 ) \ - SYSCALL_ENTRY( 0x00ab, NtReplaceKey, 24 ) \ - SYSCALL_ENTRY( 0x00ac, NtReplyWaitReceivePort, 32 ) \ - SYSCALL_ENTRY( 0x00ad, NtRequestWaitReplyPort, 24 ) \ - SYSCALL_ENTRY( 0x00ae, NtResetEvent, 16 ) \ - SYSCALL_ENTRY( 0x00af, NtResetWriteWatch, 24 ) \ - SYSCALL_ENTRY( 0x00b0, NtRestoreKey, 24 ) \ - SYSCALL_ENTRY( 0x00b1, NtResumeProcess, 8 ) \ - SYSCALL_ENTRY( 0x00b2, NtResumeThread, 16 ) \ - SYSCALL_ENTRY( 0x00b3, NtRollbackTransaction, 16 ) \ - SYSCALL_ENTRY( 0x00b4, NtSaveKey, 16 ) \ - SYSCALL_ENTRY( 0x00b5, NtSecureConnectPort, 72 ) \ - SYSCALL_ENTRY( 0x00b6, NtSetContextThread, 16 ) \ - SYSCALL_ENTRY( 0x00b7, NtSetDebugFilterState, 24 ) \ - SYSCALL_ENTRY( 0x00b8, NtSetDefaultLocale, 16 ) \ - SYSCALL_ENTRY( 0x00b9, NtSetDefaultUILanguage, 8 ) \ - SYSCALL_ENTRY( 0x00ba, NtSetEaFile, 32 ) \ - SYSCALL_ENTRY( 0x00bb, NtSetEvent, 16 ) \ - SYSCALL_ENTRY( 0x00bc, NtSetInformationDebugObject, 40 ) \ - SYSCALL_ENTRY( 0x00bd, NtSetInformationFile, 40 ) \ - SYSCALL_ENTRY( 0x00be, NtSetInformationJobObject, 32 ) \ - SYSCALL_ENTRY( 0x00bf, NtSetInformationKey, 32 ) \ - SYSCALL_ENTRY( 0x00c0, NtSetInformationObject, 32 ) \ - SYSCALL_ENTRY( 0x00c1, NtSetInformationProcess, 32 ) \ - SYSCALL_ENTRY( 0x00c2, NtSetInformationThread, 32 ) \ - SYSCALL_ENTRY( 0x00c3, NtSetInformationToken, 32 ) \ - SYSCALL_ENTRY( 0x00c4, NtSetInformationVirtualMemory, 48 ) \ - SYSCALL_ENTRY( 0x00c5, NtSetIntervalProfile, 16 ) \ - SYSCALL_ENTRY( 0x00c6, NtSetIoCompletion, 40 ) \ - SYSCALL_ENTRY( 0x00c7, NtSetLdtEntries, 32 ) \ - SYSCALL_ENTRY( 0x00c8, NtSetSecurityObject, 24 ) \ - SYSCALL_ENTRY( 0x00c9, NtSetSystemInformation, 24 ) \ - SYSCALL_ENTRY( 0x00ca, NtSetSystemTime, 16 ) \ - SYSCALL_ENTRY( 0x00cb, NtSetThreadExecutionState, 16 ) \ - SYSCALL_ENTRY( 0x00cc, NtSetTimer, 56 ) \ - SYSCALL_ENTRY( 0x00cd, NtSetTimerResolution, 24 ) \ - SYSCALL_ENTRY( 0x00ce, NtSetValueKey, 48 ) \ - SYSCALL_ENTRY( 0x00cf, NtSetVolumeInformationFile, 40 ) \ - SYSCALL_ENTRY( 0x00d0, NtShutdownSystem, 8 ) \ - SYSCALL_ENTRY( 0x00d1, NtSignalAndWaitForSingleObject, 32 ) \ - SYSCALL_ENTRY( 0x00d2, NtSuspendProcess, 8 ) \ - SYSCALL_ENTRY( 0x00d3, NtSuspendThread, 16 ) \ - SYSCALL_ENTRY( 0x00d4, NtSystemDebugControl, 48 ) \ - SYSCALL_ENTRY( 0x00d5, NtTerminateJobObject, 16 ) \ - SYSCALL_ENTRY( 0x00d6, NtTerminateProcess, 16 ) \ - SYSCALL_ENTRY( 0x00d7, NtTerminateThread, 16 ) \ - SYSCALL_ENTRY( 0x00d8, NtTestAlert, 0 ) \ - SYSCALL_ENTRY( 0x00d9, NtTraceControl, 48 ) \ - SYSCALL_ENTRY( 0x00da, NtUnloadDriver, 8 ) \ - SYSCALL_ENTRY( 0x00db, NtUnloadKey, 8 ) \ - SYSCALL_ENTRY( 0x00dc, NtUnlockFile, 40 ) \ - SYSCALL_ENTRY( 0x00dd, NtUnlockVirtualMemory, 32 ) \ - SYSCALL_ENTRY( 0x00de, NtUnmapViewOfSection, 16 ) \ - SYSCALL_ENTRY( 0x00df, NtUnmapViewOfSectionEx, 24 ) \ - SYSCALL_ENTRY( 0x00e0, NtWaitForAlertByThreadId, 16 ) \ - SYSCALL_ENTRY( 0x00e1, NtWaitForDebugEvent, 32 ) \ - SYSCALL_ENTRY( 0x00e2, NtWaitForKeyedEvent, 32 ) \ - SYSCALL_ENTRY( 0x00e3, NtWaitForMultipleObjects, 40 ) \ - SYSCALL_ENTRY( 0x00e4, NtWaitForSingleObject, 24 ) \ - SYSCALL_ENTRY( 0x00e5, NtWriteFile, 72 ) \ - SYSCALL_ENTRY( 0x00e6, NtWriteFileGather, 72 ) \ - SYSCALL_ENTRY( 0x00e7, NtWriteVirtualMemory, 40 ) \ - SYSCALL_ENTRY( 0x00e8, NtYieldExecution, 0 ) \ - SYSCALL_ENTRY( 0x00e9, wine_nt_to_unix_file_name, 32 ) \ - SYSCALL_ENTRY( 0x00ea, wine_unix_to_nt_file_name, 24 ) + SYSCALL_ENTRY( 0x001c, NtContinueEx, 16 ) \ + SYSCALL_ENTRY( 0x001d, NtCreateDebugObject, 32 ) \ + SYSCALL_ENTRY( 0x001e, NtCreateDirectoryObject, 24 ) \ + SYSCALL_ENTRY( 0x001f, NtCreateEvent, 40 ) \ + SYSCALL_ENTRY( 0x0020, NtCreateFile, 88 ) \ + SYSCALL_ENTRY( 0x0021, NtCreateIoCompletion, 32 ) \ + SYSCALL_ENTRY( 0x0022, NtCreateJobObject, 24 ) \ + SYSCALL_ENTRY( 0x0023, NtCreateKey, 56 ) \ + SYSCALL_ENTRY( 0x0024, NtCreateKeyTransacted, 64 ) \ + SYSCALL_ENTRY( 0x0025, NtCreateKeyedEvent, 32 ) \ + SYSCALL_ENTRY( 0x0026, NtCreateLowBoxToken, 72 ) \ + SYSCALL_ENTRY( 0x0027, NtCreateMailslotFile, 64 ) \ + SYSCALL_ENTRY( 0x0028, NtCreateMutant, 32 ) \ + SYSCALL_ENTRY( 0x0029, NtCreateNamedPipeFile, 112 ) \ + SYSCALL_ENTRY( 0x002a, NtCreatePagingFile, 32 ) \ + SYSCALL_ENTRY( 0x002b, NtCreatePort, 40 ) \ + SYSCALL_ENTRY( 0x002c, NtCreateSection, 56 ) \ + SYSCALL_ENTRY( 0x002d, NtCreateSemaphore, 40 ) \ + SYSCALL_ENTRY( 0x002e, NtCreateSymbolicLinkObject, 32 ) \ + SYSCALL_ENTRY( 0x002f, NtCreateThread, 64 ) \ + SYSCALL_ENTRY( 0x0030, NtCreateThreadEx, 88 ) \ + SYSCALL_ENTRY( 0x0031, NtCreateTimer, 32 ) \ + SYSCALL_ENTRY( 0x0032, NtCreateToken, 104 ) \ + SYSCALL_ENTRY( 0x0033, NtCreateTransaction, 80 ) \ + SYSCALL_ENTRY( 0x0034, NtCreateUserProcess, 88 ) \ + SYSCALL_ENTRY( 0x0035, NtDebugActiveProcess, 16 ) \ + SYSCALL_ENTRY( 0x0036, NtDebugContinue, 24 ) \ + SYSCALL_ENTRY( 0x0037, NtDelayExecution, 16 ) \ + SYSCALL_ENTRY( 0x0038, NtDeleteAtom, 8 ) \ + SYSCALL_ENTRY( 0x0039, NtDeleteFile, 8 ) \ + SYSCALL_ENTRY( 0x003a, NtDeleteKey, 8 ) \ + SYSCALL_ENTRY( 0x003b, NtDeleteValueKey, 16 ) \ + SYSCALL_ENTRY( 0x003c, NtDeviceIoControlFile, 80 ) \ + SYSCALL_ENTRY( 0x003d, NtDisplayString, 8 ) \ + SYSCALL_ENTRY( 0x003e, NtDuplicateObject, 56 ) \ + SYSCALL_ENTRY( 0x003f, NtDuplicateToken, 48 ) \ + SYSCALL_ENTRY( 0x0040, NtEnumerateKey, 48 ) \ + SYSCALL_ENTRY( 0x0041, NtEnumerateValueKey, 48 ) \ + SYSCALL_ENTRY( 0x0042, NtFilterToken, 48 ) \ + SYSCALL_ENTRY( 0x0043, NtFindAtom, 24 ) \ + SYSCALL_ENTRY( 0x0044, NtFlushBuffersFile, 16 ) \ + SYSCALL_ENTRY( 0x0045, NtFlushInstructionCache, 24 ) \ + SYSCALL_ENTRY( 0x0046, NtFlushKey, 8 ) \ + SYSCALL_ENTRY( 0x0047, NtFlushProcessWriteBuffers, 0 ) \ + SYSCALL_ENTRY( 0x0048, NtFlushVirtualMemory, 32 ) \ + SYSCALL_ENTRY( 0x0049, NtFreeVirtualMemory, 32 ) \ + SYSCALL_ENTRY( 0x004a, NtFsControlFile, 80 ) \ + SYSCALL_ENTRY( 0x004b, NtGetContextThread, 16 ) \ + SYSCALL_ENTRY( 0x004c, NtGetCurrentProcessorNumber, 0 ) \ + SYSCALL_ENTRY( 0x004d, NtGetNextThread, 48 ) \ + SYSCALL_ENTRY( 0x004e, NtGetNlsSectionPtr, 40 ) \ + SYSCALL_ENTRY( 0x004f, NtGetWriteWatch, 56 ) \ + SYSCALL_ENTRY( 0x0050, NtImpersonateAnonymousToken, 8 ) \ + SYSCALL_ENTRY( 0x0051, NtInitializeNlsFiles, 24 ) \ + SYSCALL_ENTRY( 0x0052, NtInitiatePowerAction, 32 ) \ + SYSCALL_ENTRY( 0x0053, NtIsProcessInJob, 16 ) \ + SYSCALL_ENTRY( 0x0054, NtListenPort, 16 ) \ + SYSCALL_ENTRY( 0x0055, NtLoadDriver, 8 ) \ + SYSCALL_ENTRY( 0x0056, NtLoadKey, 16 ) \ + SYSCALL_ENTRY( 0x0057, NtLoadKey2, 24 ) \ + SYSCALL_ENTRY( 0x0058, NtLoadKeyEx, 64 ) \ + SYSCALL_ENTRY( 0x0059, NtLockFile, 80 ) \ + SYSCALL_ENTRY( 0x005a, NtLockVirtualMemory, 32 ) \ + SYSCALL_ENTRY( 0x005b, NtMakeTemporaryObject, 8 ) \ + SYSCALL_ENTRY( 0x005c, NtMapViewOfSection, 80 ) \ + SYSCALL_ENTRY( 0x005d, NtMapViewOfSectionEx, 72 ) \ + SYSCALL_ENTRY( 0x005e, NtNotifyChangeDirectoryFile, 72 ) \ + SYSCALL_ENTRY( 0x005f, NtNotifyChangeKey, 80 ) \ + SYSCALL_ENTRY( 0x0060, NtNotifyChangeMultipleKeys, 96 ) \ + SYSCALL_ENTRY( 0x0061, NtOpenDirectoryObject, 24 ) \ + SYSCALL_ENTRY( 0x0062, NtOpenEvent, 24 ) \ + SYSCALL_ENTRY( 0x0063, NtOpenFile, 48 ) \ + SYSCALL_ENTRY( 0x0064, NtOpenIoCompletion, 24 ) \ + SYSCALL_ENTRY( 0x0065, NtOpenJobObject, 24 ) \ + SYSCALL_ENTRY( 0x0066, NtOpenKey, 24 ) \ + SYSCALL_ENTRY( 0x0067, NtOpenKeyEx, 32 ) \ + SYSCALL_ENTRY( 0x0068, NtOpenKeyTransacted, 32 ) \ + SYSCALL_ENTRY( 0x0069, NtOpenKeyTransactedEx, 40 ) \ + SYSCALL_ENTRY( 0x006a, NtOpenKeyedEvent, 24 ) \ + SYSCALL_ENTRY( 0x006b, NtOpenMutant, 24 ) \ + SYSCALL_ENTRY( 0x006c, NtOpenProcess, 32 ) \ + SYSCALL_ENTRY( 0x006d, NtOpenProcessToken, 24 ) \ + SYSCALL_ENTRY( 0x006e, NtOpenProcessTokenEx, 32 ) \ + SYSCALL_ENTRY( 0x006f, NtOpenSection, 24 ) \ + SYSCALL_ENTRY( 0x0070, NtOpenSemaphore, 24 ) \ + SYSCALL_ENTRY( 0x0071, NtOpenSymbolicLinkObject, 24 ) \ + SYSCALL_ENTRY( 0x0072, NtOpenThread, 32 ) \ + SYSCALL_ENTRY( 0x0073, NtOpenThreadToken, 32 ) \ + SYSCALL_ENTRY( 0x0074, NtOpenThreadTokenEx, 40 ) \ + SYSCALL_ENTRY( 0x0075, NtOpenTimer, 24 ) \ + SYSCALL_ENTRY( 0x0076, NtPowerInformation, 40 ) \ + SYSCALL_ENTRY( 0x0077, NtPrivilegeCheck, 24 ) \ + SYSCALL_ENTRY( 0x0078, NtProtectVirtualMemory, 40 ) \ + SYSCALL_ENTRY( 0x0079, NtPulseEvent, 16 ) \ + SYSCALL_ENTRY( 0x007a, NtQueryAttributesFile, 16 ) \ + SYSCALL_ENTRY( 0x007b, NtQueryDefaultLocale, 16 ) \ + SYSCALL_ENTRY( 0x007c, NtQueryDefaultUILanguage, 8 ) \ + SYSCALL_ENTRY( 0x007d, NtQueryDirectoryFile, 88 ) \ + SYSCALL_ENTRY( 0x007e, NtQueryDirectoryObject, 56 ) \ + SYSCALL_ENTRY( 0x007f, NtQueryEaFile, 72 ) \ + SYSCALL_ENTRY( 0x0080, NtQueryEvent, 40 ) \ + SYSCALL_ENTRY( 0x0081, NtQueryFullAttributesFile, 16 ) \ + SYSCALL_ENTRY( 0x0082, NtQueryInformationAtom, 40 ) \ + SYSCALL_ENTRY( 0x0083, NtQueryInformationFile, 40 ) \ + SYSCALL_ENTRY( 0x0084, NtQueryInformationJobObject, 40 ) \ + SYSCALL_ENTRY( 0x0085, NtQueryInformationProcess, 40 ) \ + SYSCALL_ENTRY( 0x0086, NtQueryInformationThread, 40 ) \ + SYSCALL_ENTRY( 0x0087, NtQueryInformationToken, 40 ) \ + SYSCALL_ENTRY( 0x0088, NtQueryInstallUILanguage, 8 ) \ + SYSCALL_ENTRY( 0x0089, NtQueryIoCompletion, 40 ) \ + SYSCALL_ENTRY( 0x008a, NtQueryKey, 40 ) \ + SYSCALL_ENTRY( 0x008b, NtQueryLicenseValue, 40 ) \ + SYSCALL_ENTRY( 0x008c, NtQueryMultipleValueKey, 48 ) \ + SYSCALL_ENTRY( 0x008d, NtQueryMutant, 40 ) \ + SYSCALL_ENTRY( 0x008e, NtQueryObject, 40 ) \ + SYSCALL_ENTRY( 0x008f, NtQueryPerformanceCounter, 16 ) \ + SYSCALL_ENTRY( 0x0090, NtQuerySection, 40 ) \ + SYSCALL_ENTRY( 0x0091, NtQuerySecurityObject, 40 ) \ + SYSCALL_ENTRY( 0x0092, NtQuerySemaphore, 40 ) \ + SYSCALL_ENTRY( 0x0093, NtQuerySymbolicLinkObject, 24 ) \ + SYSCALL_ENTRY( 0x0094, NtQuerySystemEnvironmentValue, 32 ) \ + SYSCALL_ENTRY( 0x0095, NtQuerySystemEnvironmentValueEx, 40 ) \ + SYSCALL_ENTRY( 0x0096, NtQuerySystemInformation, 32 ) \ + SYSCALL_ENTRY( 0x0097, NtQuerySystemInformationEx, 48 ) \ + SYSCALL_ENTRY( 0x0098, NtQuerySystemTime, 8 ) \ + SYSCALL_ENTRY( 0x0099, NtQueryTimer, 40 ) \ + SYSCALL_ENTRY( 0x009a, NtQueryTimerResolution, 24 ) \ + SYSCALL_ENTRY( 0x009b, NtQueryValueKey, 48 ) \ + SYSCALL_ENTRY( 0x009c, NtQueryVirtualMemory, 48 ) \ + SYSCALL_ENTRY( 0x009d, NtQueryVolumeInformationFile, 40 ) \ + SYSCALL_ENTRY( 0x009e, NtQueueApcThread, 40 ) \ + SYSCALL_ENTRY( 0x009f, NtRaiseException, 24 ) \ + SYSCALL_ENTRY( 0x00a0, NtRaiseHardError, 48 ) \ + SYSCALL_ENTRY( 0x00a1, NtReadFile, 72 ) \ + SYSCALL_ENTRY( 0x00a2, NtReadFileScatter, 72 ) \ + SYSCALL_ENTRY( 0x00a3, NtReadVirtualMemory, 40 ) \ + SYSCALL_ENTRY( 0x00a4, NtRegisterThreadTerminatePort, 8 ) \ + SYSCALL_ENTRY( 0x00a5, NtReleaseKeyedEvent, 32 ) \ + SYSCALL_ENTRY( 0x00a6, NtReleaseMutant, 16 ) \ + SYSCALL_ENTRY( 0x00a7, NtReleaseSemaphore, 24 ) \ + SYSCALL_ENTRY( 0x00a8, NtRemoveIoCompletion, 40 ) \ + SYSCALL_ENTRY( 0x00a9, NtRemoveIoCompletionEx, 48 ) \ + SYSCALL_ENTRY( 0x00aa, NtRemoveProcessDebug, 16 ) \ + SYSCALL_ENTRY( 0x00ab, NtRenameKey, 16 ) \ + SYSCALL_ENTRY( 0x00ac, NtReplaceKey, 24 ) \ + SYSCALL_ENTRY( 0x00ad, NtReplyWaitReceivePort, 32 ) \ + SYSCALL_ENTRY( 0x00ae, NtRequestWaitReplyPort, 24 ) \ + SYSCALL_ENTRY( 0x00af, NtResetEvent, 16 ) \ + SYSCALL_ENTRY( 0x00b0, NtResetWriteWatch, 24 ) \ + SYSCALL_ENTRY( 0x00b1, NtRestoreKey, 24 ) \ + SYSCALL_ENTRY( 0x00b2, NtResumeProcess, 8 ) \ + SYSCALL_ENTRY( 0x00b3, NtResumeThread, 16 ) \ + SYSCALL_ENTRY( 0x00b4, NtRollbackTransaction, 16 ) \ + SYSCALL_ENTRY( 0x00b5, NtSaveKey, 16 ) \ + SYSCALL_ENTRY( 0x00b6, NtSecureConnectPort, 72 ) \ + SYSCALL_ENTRY( 0x00b7, NtSetContextThread, 16 ) \ + SYSCALL_ENTRY( 0x00b8, NtSetDebugFilterState, 24 ) \ + SYSCALL_ENTRY( 0x00b9, NtSetDefaultLocale, 16 ) \ + SYSCALL_ENTRY( 0x00ba, NtSetDefaultUILanguage, 8 ) \ + SYSCALL_ENTRY( 0x00bb, NtSetEaFile, 32 ) \ + SYSCALL_ENTRY( 0x00bc, NtSetEvent, 16 ) \ + SYSCALL_ENTRY( 0x00bd, NtSetInformationDebugObject, 40 ) \ + SYSCALL_ENTRY( 0x00be, NtSetInformationFile, 40 ) \ + SYSCALL_ENTRY( 0x00bf, NtSetInformationJobObject, 32 ) \ + SYSCALL_ENTRY( 0x00c0, NtSetInformationKey, 32 ) \ + SYSCALL_ENTRY( 0x00c1, NtSetInformationObject, 32 ) \ + SYSCALL_ENTRY( 0x00c2, NtSetInformationProcess, 32 ) \ + SYSCALL_ENTRY( 0x00c3, NtSetInformationThread, 32 ) \ + SYSCALL_ENTRY( 0x00c4, NtSetInformationToken, 32 ) \ + SYSCALL_ENTRY( 0x00c5, NtSetInformationVirtualMemory, 48 ) \ + SYSCALL_ENTRY( 0x00c6, NtSetIntervalProfile, 16 ) \ + SYSCALL_ENTRY( 0x00c7, NtSetIoCompletion, 40 ) \ + SYSCALL_ENTRY( 0x00c8, NtSetLdtEntries, 32 ) \ + SYSCALL_ENTRY( 0x00c9, NtSetSecurityObject, 24 ) \ + SYSCALL_ENTRY( 0x00ca, NtSetSystemInformation, 24 ) \ + SYSCALL_ENTRY( 0x00cb, NtSetSystemTime, 16 ) \ + SYSCALL_ENTRY( 0x00cc, NtSetThreadExecutionState, 16 ) \ + SYSCALL_ENTRY( 0x00cd, NtSetTimer, 56 ) \ + SYSCALL_ENTRY( 0x00ce, NtSetTimerResolution, 24 ) \ + SYSCALL_ENTRY( 0x00cf, NtSetValueKey, 48 ) \ + SYSCALL_ENTRY( 0x00d0, NtSetVolumeInformationFile, 40 ) \ + SYSCALL_ENTRY( 0x00d1, NtShutdownSystem, 8 ) \ + SYSCALL_ENTRY( 0x00d2, NtSignalAndWaitForSingleObject, 32 ) \ + SYSCALL_ENTRY( 0x00d3, NtSuspendProcess, 8 ) \ + SYSCALL_ENTRY( 0x00d4, NtSuspendThread, 16 ) \ + SYSCALL_ENTRY( 0x00d5, NtSystemDebugControl, 48 ) \ + SYSCALL_ENTRY( 0x00d6, NtTerminateJobObject, 16 ) \ + SYSCALL_ENTRY( 0x00d7, NtTerminateProcess, 16 ) \ + SYSCALL_ENTRY( 0x00d8, NtTerminateThread, 16 ) \ + SYSCALL_ENTRY( 0x00d9, NtTestAlert, 0 ) \ + SYSCALL_ENTRY( 0x00da, NtTraceControl, 48 ) \ + SYSCALL_ENTRY( 0x00db, NtUnloadDriver, 8 ) \ + SYSCALL_ENTRY( 0x00dc, NtUnloadKey, 8 ) \ + SYSCALL_ENTRY( 0x00dd, NtUnlockFile, 40 ) \ + SYSCALL_ENTRY( 0x00de, NtUnlockVirtualMemory, 32 ) \ + SYSCALL_ENTRY( 0x00df, NtUnmapViewOfSection, 16 ) \ + SYSCALL_ENTRY( 0x00e0, NtUnmapViewOfSectionEx, 24 ) \ + SYSCALL_ENTRY( 0x00e1, NtWaitForAlertByThreadId, 16 ) \ + SYSCALL_ENTRY( 0x00e2, NtWaitForDebugEvent, 32 ) \ + SYSCALL_ENTRY( 0x00e3, NtWaitForKeyedEvent, 32 ) \ + SYSCALL_ENTRY( 0x00e4, NtWaitForMultipleObjects, 40 ) \ + SYSCALL_ENTRY( 0x00e5, NtWaitForSingleObject, 24 ) \ + SYSCALL_ENTRY( 0x00e6, NtWriteFile, 72 ) \ + SYSCALL_ENTRY( 0x00e7, NtWriteFileGather, 72 ) \ + SYSCALL_ENTRY( 0x00e8, NtWriteVirtualMemory, 40 ) \ + SYSCALL_ENTRY( 0x00e9, NtYieldExecution, 0 ) \ + SYSCALL_ENTRY( 0x00ea, wine_nt_to_unix_file_name, 32 ) \ + SYSCALL_ENTRY( 0x00eb, wine_unix_to_nt_file_name, 24 ) diff --git a/dlls/ntdll/unix/server.c b/dlls/ntdll/unix/server.c index 69e6567c911..717747ff3f0 100644 --- a/dlls/ntdll/unix/server.c +++ b/dlls/ntdll/unix/server.c @@ -789,9 +789,36 @@ unsigned int server_wait( const select_op_t *select_op, data_size_t size, UINT f * NtContinue (NTDLL.@) */ NTSTATUS WINAPI NtContinue( CONTEXT *context, BOOLEAN alertable ) +{ + /* NtContinueEx accepts both */ + return NtContinueEx(context, (CONTINUE_OPTIONS *)(intptr_t)alertable); +} + + +/*********************************************************************** + * NtContinueEx (NTDLL.@) + */ +NTSTATUS WINAPI NtContinueEx( CONTEXT *context, CONTINUE_OPTIONS *options ) { user_apc_t apc; NTSTATUS status; + BOOLEAN alertable; + + if ((ULONG_PTR)options <= 0xff) + { + alertable = (BOOLEAN)(intptr_t)options; + } else + { + alertable = !!(options->ContinueFlags & CONTINUE_FLAG_TEST_ALERT); + + /* FIXME: no idea how to handle rest of CONTINUE_OPTIONS stuff */ + if (options->ContinueType != CONTINUE_UNWIND || + options->ContinueFlags > CONTINUE_FLAG_TEST_ALERT || + options->Reserved[0] > 0 || options->Reserved[1] > 0) + { + FIXME("(PCONTEXT, PCONTINUE_OPTIONS) is not implemented!\n"); + } + }

if (alertable) { diff --git a/dlls/wow64/syscall.c b/dlls/wow64/syscall.c index db51948057f..7da65cedbc6 100644 --- a/dlls/wow64/syscall.c +++ b/dlls/wow64/syscall.c @@ -441,9 +441,19 @@ NTSTATUS WINAPI wow64_NtClose( UINT *args ) * wow64_NtContinue */ NTSTATUS WINAPI wow64_NtContinue( UINT *args ) +{ + return wow64_NtContinueEx( args ); +} + + +/********************************************************************** + * wow64_NtContinueEx + */ +NTSTATUS WINAPI wow64_NtContinueEx( UINT *args ) { void *context = get_ptr( &args ); - BOOLEAN alertable = get_ulong( &args ); + CONTINUE_OPTIONS *options = get_ptr( &args ); + BOOL alertable = (ULONG_PTR)options > 0xff ? options->ContinueFlags & CONTINUE_FLAG_TEST_ALERT : !!options;

NTSTATUS status = get_context_return_value( context ); struct user_apc_frame *frame = NtCurrentTeb()->TlsSlots[WOW64_TLS_APCLIST]; @@ -452,7 +462,7 @@ NTSTATUS WINAPI wow64_NtContinue( UINT *args )

while (frame && frame->wow_context != context) frame = frame->prev_frame; NtCurrentTeb()->TlsSlots[WOW64_TLS_APCLIST] = frame ? frame->prev_frame : NULL; - if (frame) NtContinue( frame->context, alertable ); + if (frame) NtContinueEx( frame->context, options );

if (alertable) NtTestAlert(); return status; diff --git a/include/winternl.h b/include/winternl.h index 52af87320a5..21e4c5e70be 100644 --- a/include/winternl.h +++ b/include/winternl.h @@ -4317,6 +4317,26 @@ typedef struct _API_SET_VALUE_ENTRY ULONG ValueLength; } API_SET_VALUE_ENTRY;

+typedef enum _CONTINUE_TYPE +{ + CONTINUE_UNWIND, + CONTINUE_RESUME, + CONTINUE_LONGJUMP, + CONTINUE_SET, + CONTINUE_LAST, +} CONTINUE_TYPE; + +typedef struct _CONTINUE_OPTIONS +{ + CONTINUE_TYPE ContinueType; + ULONG ContinueFlags; + ULONGLONG Reserved[2]; +} CONTINUE_OPTIONS, *PCONTINUE_OPTIONS; + +#define CONTINUE_FLAG_TEST_ALERT 0x00000001 +#define CONTINUE_FLAG_DELIVER_APC 0x00000002 + + /*********************************************************************** * Function declarations */ @@ -4393,6 +4413,7 @@ NTSYSAPI NTSTATUS WINAPI NtCompareTokens(HANDLE,HANDLE,BOOLEAN*); NTSYSAPI NTSTATUS WINAPI NtCompleteConnectPort(HANDLE); NTSYSAPI NTSTATUS WINAPI NtConnectPort(PHANDLE,PUNICODE_STRING,PSECURITY_QUALITY_OF_SERVICE,PLPC_SECTION_WRITE,PLPC_SECTION_READ,PULONG,PVOID,PULONG); NTSYSAPI NTSTATUS WINAPI NtContinue(PCONTEXT,BOOLEAN); +NTSYSAPI NTSTATUS WINAPI NtContinueEx(PCONTEXT,PCONTINUE_OPTIONS); /* PCONTINUE_OPTIONS can also be BOOLEAN */ NTSYSAPI NTSTATUS WINAPI NtCreateDebugObject(HANDLE*,ACCESS_MASK,OBJECT_ATTRIBUTES*,ULONG); NTSYSAPI NTSTATUS WINAPI NtCreateDirectoryObject(PHANDLE,ACCESS_MASK,POBJECT_ATTRIBUTES); NTSYSAPI NTSTATUS WINAPI NtCreateEvent(PHANDLE,ACCESS_MASK,const OBJECT_ATTRIBUTES *,EVENT_TYPE,BOOLEAN);

-- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/4761

Dāvis Mosāns

7:40 p.m.

New subject: [PATCH v6 3/4] ntdll/tests: Add basic test for NtContinueEx()

From: Dāvis Mosāns davispuh@gmail.com

--- dlls/ntdll/tests/exception.c | 38 +++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-)

diff --git a/dlls/ntdll/tests/exception.c b/dlls/ntdll/tests/exception.c index c09d54c1445..0a4a3644f50 100644 --- a/dlls/ntdll/tests/exception.c +++ b/dlls/ntdll/tests/exception.c @@ -4434,13 +4434,13 @@ static void test_thread_context(void) #undef COMPARE }

-static void test_continue(void) +static void test_continue(BOOL testContinueEx) { struct context_pair { CONTEXT before; CONTEXT after; } contexts; - NTSTATUS (*func_ptr)( struct context_pair *, BOOL alertable, void *continue_func, void *capture_func ) = code_mem; + NTSTATUS (*func_ptr)( struct context_pair *, void *arg2, void *continue_func, void *capture_func ) = code_mem; int i;

static const BYTE call_func[] = @@ -4509,7 +4509,7 @@ static void test_continue(void)

/* load args */ 0x48, 0x8b, 0x4c, 0x24, 0x70, /* mov 8*14(%rsp), %rcx; context */ - 0x48, 0x8b, 0x54, 0x24, 0x78, /* mov 8*15(%rsp), %rdx; alertable */ + 0x48, 0x8b, 0x54, 0x24, 0x78, /* mov 8*15(%rsp), %rdx; arg2 */ 0x48, 0x83, 0xec, 0x70, /* sub $0x70, %rsp; change stack */

/* setup context to return to label 1 */ @@ -4569,7 +4569,16 @@ static void test_continue(void) memcpy( func_ptr, call_func, sizeof(call_func) ); FlushInstructionCache( GetCurrentProcess(), func_ptr, sizeof(call_func) );

- func_ptr( &contexts, FALSE, NtContinue, pRtlCaptureContext ); + if (testContinueEx) + { + CONTINUE_OPTIONS opts = { 0 }; + opts.ContinueType = CONTINUE_UNWIND; /* Nothing else is implemented */ + opts.ContinueFlags = 0; /* Disable test alert */ + func_ptr( &contexts, &opts, NtContinueEx, pRtlCaptureContext ); + } else + { + func_ptr( &contexts, FALSE, NtContinue, pRtlCaptureContext ); + }

#define COMPARE(reg) \ ok( contexts.before.reg == contexts.after.reg, "wrong " #reg " %p/%p\n", (void *)(ULONG64)contexts.before.reg, (void *)(ULONG64)contexts.after.reg ) @@ -9223,14 +9232,14 @@ static void test_debug_service(DWORD numexc) /* not supported */ }

-static void test_continue(void) +static void test_continue(BOOL testContinueEx) { struct context_pair { CONTEXT before; CONTEXT after; } contexts; unsigned int i; - NTSTATUS (*func_ptr)( struct context_pair *, BOOL alertable, void *continue_func, void *capture_func ) = code_mem; + NTSTATUS (*func_ptr)( struct context_pair *, void *arg2, void *continue_func, void *capture_func ) = code_mem;

static const DWORD call_func[] = { @@ -9330,7 +9339,16 @@ static void test_continue(void) #define COMPARE_INDEXED(reg) \ ok( contexts.before.reg == contexts.after.reg, "wrong " #reg " i: %u, %p/%p\n", i, (void *)(ULONG64)contexts.before.reg, (void *)(ULONG64)contexts.after.reg )

for (i = 1; i < 29; i++) COMPARE_INDEXED( X[i] );

@@ -12989,7 +13007,8 @@ START_TEST(exception) test_debug_registers_wow64(); test_debug_service(1); test_simd_exceptions(); - test_continue(); + test_continue(FALSE /* NtContinue */); + test_continue(TRUE /* NtContinueEx */); test_virtual_unwind(); test___C_specific_handler(); test_restore_context(); @@ -13008,7 +13027,8 @@ START_TEST(exception)

#elif defined(__aarch64__)

- test_continue(); + test_continue(FALSE /* NtContinue */); + test_continue(TRUE /* NtContinueEx */); test_virtual_unwind(); test_nested_exception(); test_collided_unwind();

-- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/4761

Dāvis Mosāns

7:40 p.m.

New subject: [PATCH v6 4/4] ntdll/tests: Implement APC test for NtContinue()

From: Dāvis Mosāns davispuh@gmail.com

--- dlls/ntdll/tests/exception.c | 40 +++++++++++++++++++++++++++--------- 1 file changed, 30 insertions(+), 10 deletions(-)

diff --git a/dlls/ntdll/tests/exception.c b/dlls/ntdll/tests/exception.c index 0a4a3644f50..452ff1af9db 100644 --- a/dlls/ntdll/tests/exception.c +++ b/dlls/ntdll/tests/exception.c @@ -4434,7 +4434,7 @@ static void test_thread_context(void) #undef COMPARE }

-static void test_continue(BOOL testContinueEx) +static void test_continue(BOOL testContinueEx, BOOL alertable) { struct context_pair { CONTEXT before; @@ -4569,15 +4569,18 @@ static void test_continue(BOOL testContinueEx) memcpy( func_ptr, call_func, sizeof(call_func) ); FlushInstructionCache( GetCurrentProcess(), func_ptr, sizeof(call_func) );

+ apc_count = 0; + pNtQueueApcThread( GetCurrentThread(), apc_func, 0x1234 + apc_count, 0x5678, 0xdeadbeef ); + if (testContinueEx) { CONTINUE_OPTIONS opts = { 0 }; opts.ContinueType = CONTINUE_UNWIND; /* Nothing else is implemented */ - opts.ContinueFlags = 0; /* Disable test alert */ + opts.ContinueFlags = alertable ? CONTINUE_FLAG_TEST_ALERT : 0; func_ptr( &contexts, &opts, NtContinueEx, pRtlCaptureContext ); } else { - func_ptr( &contexts, FALSE, NtContinue, pRtlCaptureContext ); + func_ptr( &contexts, (void *)(intptr_t)alertable, NtContinue, pRtlCaptureContext ); }

#define COMPARE(reg) \ @@ -4604,6 +4607,11 @@ static void test_continue(BOOL testContinueEx) *(&contexts.after.Xmm0.High + i*2), *(&contexts.after.Xmm0.Low + i*2) );

#undef COMPARE + + ok(apc_count == (alertable ? 1 : 0), "mismatch apc_count=%d alertable=%d\n", apc_count, alertable); + + /* clear APC when not alertable */ + NtTestAlert(); }

static void test_wow64_context(void) @@ -9232,7 +9240,7 @@ static void test_debug_service(DWORD numexc) /* not supported */ }

-static void test_continue(BOOL testContinueEx) +static void test_continue(BOOL testContinueEx, BOOL alertable) { struct context_pair { CONTEXT before; @@ -9339,15 +9347,18 @@ static void test_continue(BOOL testContinueEx) #define COMPARE_INDEXED(reg) \ ok( contexts.before.reg == contexts.after.reg, "wrong " #reg " i: %u, %p/%p\n", i, (void *)(ULONG64)contexts.before.reg, (void *)(ULONG64)contexts.after.reg )

for (i = 1; i < 29; i++) COMPARE_INDEXED( X[i] ); @@ -9361,6 +9372,11 @@ static void test_continue(BOOL testContinueEx) COMPARE_INDEXED( V[i].High ); } #undef COMPARE + + ok(apc_count == (alertable ? 1 : 0), "mismatch apc_count=%d alertable=%d\n", apc_count, alertable); + + /* clear APC when not alertable */ + NtTestAlert(); }

static BOOL hook_called; @@ -13007,8 +13023,10 @@ START_TEST(exception) test_debug_registers_wow64(); test_debug_service(1); test_simd_exceptions(); - test_continue(FALSE /* NtContinue */); - test_continue(TRUE /* NtContinueEx */); + test_continue(FALSE /* NtContinue */, FALSE /* not alertable */); + test_continue(FALSE /* NtContinue */, TRUE /* alertable */); + test_continue(TRUE /* NtContinueEx */, FALSE /* not alertable */); + test_continue(TRUE /* NtContinueEx */, TRUE /* alertable */); test_virtual_unwind(); test___C_specific_handler(); test_restore_context(); @@ -13027,8 +13045,10 @@ START_TEST(exception)

#elif defined(__aarch64__)

- test_continue(FALSE /* NtContinue */); - test_continue(TRUE /* NtContinueEx */); + test_continue(FALSE /* NtContinue */, FALSE /* not alertable */); + test_continue(FALSE /* NtContinue */, TRUE /* alertable */); + test_continue(TRUE /* NtContinueEx */, FALSE /* not alertable */); + test_continue(TRUE /* NtContinueEx */, TRUE /* alertable */); test_virtual_unwind(); test_nested_exception(); test_collided_unwind();

-- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/4761

Dāvis Mosāns (davispuh) (＠davispuh)

7:42 p.m.

On Tue Feb 6 19:35:57 2024 +0000, Dāvis Mosāns (davispuh) wrote:

...

changed this line in [version 5 of the diff](/wine/wine/-/merge_requests/4761/diffs?diff_id=97969&start_sha=73784260ac0f563cb2572056f8fc43cae7885509#633f23297958e724deb234d237a804db70804a26_456_456)

Fixed

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/4761#note_60337

Dāvis Mosāns (davispuh) (＠davispuh)

8:03 p.m.

On Tue Feb 6 19:35:59 2024 +0000, Dāvis Mosāns (davispuh) wrote:

...

changed this line in [version 5 of the diff](/wine/wine/-/merge_requests/4761/diffs?diff_id=97969&start_sha=73784260ac0f563cb2572056f8fc43cae7885509#e3e3c56cbfa0f2b68d220502c6ef9e42b5f1fdf3_806_806)

I included this for completeness but turns out alignment requirements are quite complicated...

Dropped now and I don't think there's any app that would depend on this.

I tested on 64-bit Windows 10 and it works like this: * `NtContinue()` - `CONTEXT` must be 16 byte aligned * `NtContinueEx()` - `CONTEXT` and `CONTINUE_OPTIONS` must be 16 byte aligned * `NtContinue()` on WoW64 - `CONTEXT` doesn't require any alignment * `NtContinueEx()` on WoW64 - `CONTEXT` must be 16 byte aligned but `CONTINUE_OPTIONS` doesn't require any alignment

Also I don't have 32-bit Windows to test on.

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/4761#note_60341

Dāvis Mosāns (davispuh) (＠davispuh)

8:05 p.m.

On Tue Feb 6 19:36:01 2024 +0000, Dāvis Mosāns (davispuh) wrote:

...

changed this line in [version 5 of the diff](/wine/wine/-/merge_requests/4761/diffs?diff_id=97969&start_sha=73784260ac0f563cb2572056f8fc43cae7885509#e3e3c56cbfa0f2b68d220502c6ef9e42b5f1fdf3_811_807)

Removed

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/4761#note_60343

Dāvis Mosāns (davispuh) (＠davispuh)

8:12 p.m.

On Tue Jan 23 15:50:06 2024 +0000, Jinoh Kang wrote:

...

I'm not sure about this. Does `options = (CONTINUE_OPTIONS *)2` mean alertable too?

Yes, that's how it's described and I also had tested that. Now I implemented APC test in latest revision so that can be used to check this but I didn't include this case since don't know if it's worth having test for it. But basically in this latest revision try

```diff diff --git a/dlls/ntdll/tests/exception.c b/dlls/ntdll/tests/exception.c index 452ff1af9db..94d86d3579a 100644 --- a/dlls/ntdll/tests/exception.c +++ b/dlls/ntdll/tests/exception.c @@ -4577,7 +4577,7 @@ static void test_continue(BOOL testContinueEx, BOOL alertable) CONTINUE_OPTIONS opts = { 0 }; opts.ContinueType = CONTINUE_UNWIND; /* Nothing else is implemented */ opts.ContinueFlags = alertable ? CONTINUE_FLAG_TEST_ALERT : 0; - func_ptr( &contexts, &opts, NtContinueEx, pRtlCaptureContext ); + func_ptr( &contexts, alertable ? 0xff : 0, NtContinueEx, pRtlCaptureContext ); } else { func_ptr( &contexts, (void *)(intptr_t)alertable, NtContinue, pRtlCaptureContext ); ```

And you'll see it still passes on Windows.

PS. For APC test I merged duplicated `apc_func()` into one with !5041 (included here)

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/4761#note_60344

Marvin

8:21 p.m.

Hi,

It looks like your patch introduced the new failures shown below. Please investigate and fix them before resubmitting your patch. If they are not new, fixing them anyway would help a lot. Otherwise please ask for the known failures list to be updated.

The full results can be found at: https://testbot.winehq.org/JobDetails.pl?Key=142852

Your paranoid android.

=== build (build log) ===

error: patch failed: dlls/ntdll/tests/exception.c:4577 Task: Patch failed to apply

=== debian11 (build log) ===

error: patch failed: dlls/ntdll/tests/exception.c:4577 Task: Patch failed to apply

=== debian11b (build log) ===

error: patch failed: dlls/ntdll/tests/exception.c:4577 Task: Patch failed to apply

Alexandre Julliard (＠julliard)

27 Nov 27 Nov

3:28 p.m.

New subject: [PATCH v6 0/4] MR4761: ntdll: Implement NtContinueEx() - closed

This merge request was closed by Alexandre Julliard.

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/4761

Alexandre Julliard (＠julliard)

3:28 p.m.

Mostly superseded by fb139a026a124d30299a9b2385bdf23f6c7531cc.

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/4761#note_89053

Age (days ago)

365

Last active (days ago)

wine-gitlab@winehq.org

11 comments

4 participants

tags (0)

participants (4)

Alexandre Julliard (＠julliard)
Dāvis Mosāns
Dāvis Mosāns (davispuh) (＠davispuh)
Marvin