mvankuipers/tf-article2-windbg-3.txt Secret

## tf-article2-windbg-3.txt
0: kd> dt nt!_EPROCESS fffffa8019218b10 -b
   +0x000 Pcb              : _KPROCESS
      +0x000 Header           : _DISPATCHER_HEADER
         +0x000 Type             : 0x3 ''
         +0x001 TimerControlFlags : 0 ''
         +0x001 Absolute         : 0y0
         +0x001 Coalescable      : 0y0
         +0x001 KeepShifting     : 0y0
         +0x001 EncodedTolerableDelay : 0y00000 (0)
         +0x001 Abandoned        : 0 ''
         +0x001 Signalling       : 0 ''
         +0x002 ThreadControlFlags : 0x58 'X'
         +0x002 CpuThrottled     : 0y0
         +0x002 CycleProfiling   : 0y0
         +0x002 CounterProfiling : 0y0
         +0x002 Reserved         : 0y01011 (0xb)
         +0x002 Hand             : 0x58 'X'
         +0x002 Size             : 0x58 'X'
         +0x003 TimerMiscFlags   : 0 ''
         +0x003 Index            : 0y000000 (0)
         +0x003 Inserted         : 0y0
         +0x003 Expired          : 0y0
         +0x003 DebugActive      : 0 ''
         +0x003 ActiveDR7        : 0y0
         +0x003 Instrumented     : 0y0
         +0x003 Reserved2        : 0y0000
         +0x003 UmsScheduled     : 0y0
         +0x003 UmsPrimary       : 0y0
         +0x003 DpcActive        : 0 ''
         +0x000 Lock             : 0n5767171
         +0x004 SignalState      : 0n0
         +0x008 WaitListHead     : _LIST_ENTRY [ 0xfffffa80`19218b18 - 0xfffffa80`19218b18 ]
            +0x000 Flink            : 0xfffffa80`19218b18
            +0x008 Blink            : 0xfffffa80`19218b18
      +0x018 ProfileListHead  : _LIST_ENTRY [ 0xfffffa80`19218b28 - 0xfffffa80`19218b28 ]
         +0x000 Flink            : 0xfffffa80`19218b28
         +0x008 Blink            : 0xfffffa80`19218b28
      +0x028 DirectoryTableBase : 0x00000006`52e89000
...
	0: kd> dt nt!_EPROCESS fffffa8019218b10 -b
	+0x000 Pcb : _KPROCESS
	+0x000 Header : _DISPATCHER_HEADER
	+0x000 Type : 0x3 ''
	+0x001 TimerControlFlags : 0 ''
	+0x001 Absolute : 0y0
	+0x001 Coalescable : 0y0
	+0x001 KeepShifting : 0y0
	+0x001 EncodedTolerableDelay : 0y00000 (0)
	+0x001 Abandoned : 0 ''
	+0x001 Signalling : 0 ''
	+0x002 ThreadControlFlags : 0x58 'X'
	+0x002 CpuThrottled : 0y0
	+0x002 CycleProfiling : 0y0
	+0x002 CounterProfiling : 0y0
	+0x002 Reserved : 0y01011 (0xb)
	+0x002 Hand : 0x58 'X'
	+0x002 Size : 0x58 'X'
	+0x003 TimerMiscFlags : 0 ''
	+0x003 Index : 0y000000 (0)
	+0x003 Inserted : 0y0
	+0x003 Expired : 0y0
	+0x003 DebugActive : 0 ''
	+0x003 ActiveDR7 : 0y0
	+0x003 Instrumented : 0y0
	+0x003 Reserved2 : 0y0000
	+0x003 UmsScheduled : 0y0
	+0x003 UmsPrimary : 0y0
	+0x003 DpcActive : 0 ''
	+0x000 Lock : 0n5767171
	+0x004 SignalState : 0n0
	+0x008 WaitListHead : _LIST_ENTRY [ 0xfffffa80`19218b18 - 0xfffffa80`19218b18 ]
	+0x000 Flink : 0xfffffa80`19218b18
	+0x008 Blink : 0xfffffa80`19218b18
	+0x018 ProfileListHead : _LIST_ENTRY [ 0xfffffa80`19218b28 - 0xfffffa80`19218b28 ]
	+0x000 Flink : 0xfffffa80`19218b28
	+0x008 Blink : 0xfffffa80`19218b28
	+0x028 DirectoryTableBase : 0x00000006`52e89000
	...