At 16.47 21/10/2004, you wrote:
I have changed all the places you mentioned (I hope) and even more - still the area gets written into... when I did a backtrace from the place where the memory was written it seemed to be in irq_handler_0. I did not see where the CPU was pointed to a TSS which it would take the stack pointer for the irq handler from,
on thread switch, all the appropriate per-thread attributes (mostly kernel-mode stack stuff) are copied in the global CPU state (either in the KPCR or in CPU-specific structures like the TSS). In the thread switch code you should see an interrupt-critical region (cli/sti) where this operation is performed
Do we have any macro like ARRAY_SIZE(x) (sizeof(x) / sizeof(x[0])) ?
winnt.h and ntdef.h define an undocumented RTL_NUMBER_OF macro for Windows XP or higher (?)