2OO1, 10 December
KiUserApcDispatcher
KiUserApcDispatcher
NTSYSAPI
VOID
NTAPI
KiUserApcDispatcher(
IN PVOID Unused1,
IN PVOID Unused2,
IN PVOID Unused3,
IN PVOID ContextStart,
IN PVOID ContextBody );
- Unused1 Unused parameters. Sometimes
one of them have ntdll.dll module address.
- ContextStart Begining of ContextStart CONTEXT structure
is stored.
- ContextBody Four bytes from
CONTEXT structure at offset 0x04.
KiUserApcDispatcher isn't standard
ntdll function. It's used by kernel to process APC
queue for calling thread. Five paraters I defined only for
compatibility with ntdll.lib export
(_KiUserApcDispatcher@20). Function first execute code
placed after call, and next calls NtContinue with
CONTEXT specified at 4 parameter position
(Warning: Not pointer to
CONTEXT, but CONTEXT body must be
stored on stack).
- Documented by:
- Tomasz Nowak
Requirements:
- Library: ntdll.lib
See also:
- NtAlertThread
-
NtContinue
- NtQueueApcThread
- NtTestAlert