Kernel Synchronization Objects

Kernel Synchronization Objects

KClientPort

Kernel Synchronization Objects

class KClientPort extends KSynchronizationObject;

Size : 0x1C bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32Node count for threads
0xCKLinkedListNode*Pointer to first KLinkedListNode in the list of threads that sync with this object
0x10KLinkedListNode*Pointer to last KLinkedListNode in the list of threads that sync with this object
0x14s16Current connection count to port
0x16s16Max connection count to port
0x18KPort*Pointer to the parent port object;

Category:Kernel synchronization objects

KClientSession

Kernel Synchronization Objects

class KClientSession extends KSynchronizationObject;

Size : 0x20 bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32KLinkedListNode count for object
0xCKLinkedListNode*Pointer to first KLinkedListNode in list of KThreads using this client session
0x10KLinkedListNode*Pointer to last KLinkedListNode in list of KThreads using this client session
0x14KSession*Pointer to parent session
0x18u32Session status
0x1CKClientPort*Pointer to associated client port inside parent KPort

Session status:

KDebug

Kernel Synchronization Objects, Kernel Interrupt Events

class KDebug extends KSynchronizationObject and KSendableInterruptEvent;

Size : 0xA0 bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32Count of KThreads that sync with this object - number of nodes in the linked list below
0xCKLinkedListNode*Pointer to first KLinkedListNode in node list of KThreads that sync with this object
0x10KLinkedListNode*Pointer to last KLinkedListNode in node list of KThreads that sync with this object
0x14KSendableInterruptEventProcess termination event
0x1Cu8Indicates an ATTACH PROCESS event has been signaled to this object
0x1Du8Debug string length >> 31, always 0
0x1Eu8Indicates that a debug event is currently being signaled to this object
0x1Fu8Indicates that the parent process is paused (using svcBreakDebugProcess). svcContinueDebugEvent will ignore all debug events other than EXIT PROCESS, and some other debug SVCs will return an error.
0x20DebugEventTypeType of the latest debug event
0x24u32Unknown, probably unused
0x28KThread *Thread having exclusive access to this object
0x2Cu32Debug event flags set by svcContinueDebugEvents Bit0: no exception dumps are made if this is set. Bit1 and following: report EXCEPTION (this flag is bypassed for svc 0xFF), SCHEDULE, SYSCALL, MAP debug events, respectively.
0x30u32Stop point type that caused the event: 0 = svc 0xFF, 1 = breakpoint, 2 = watchpoint (otherwise it’s not updated).
0x34u32Count of KEventInfo object nodes to be fetched with svcGetProcessDebugEvent (associated with this KDebug object)
0x38KLinkedListNode*Pointer to first KLinkedListNode in linked list of KEventInfo objects to be fetched with svcGetProcessDebugEvent
0x3CKLinkedListNode*Pointer to last KLinkedListNode in linked list of KEventInfo objects to be fetched with svcGetProcessDebugEvent
0x40u32Count of KEventInfo object nodes to be fetched with svcContinueDebugEvent (associated with this KDebug object)
0x44KLinkedListNode*Pointer to first KLinkedListNode in linked list of KEventInfo objects to be fetched with svcContinueDebugEvent
0x48KLinkedListNode*Pointer to last KLinkedListNode in linked list of KEventInfo objects to be fetched with svcContinueDebugEvent
0x4CKProcess*Parent process
0x50KThread*Current KThread- thread being debugged
0x54KThread*Thread using ContinueDebugEvent
0x58s32Cpu core of thread using ContinueDebugEvent
0x5Cu32Count of KDebugThread object nodes associated with this KDebug object
0x60KLinkedListNode*Pointer to first KLinkedListNode in linked list of KDebugThread objects
0x64KLinkedListNode*Pointer to last KLinkedListNode in linked list of KDebugThread objects
0x68u32List size; this KLinkedList of all the KThread instances of the parent process: the currently running threads followed the others, by core then by dynamic priority.
0x6CKLinkedListNode*Pointer to first KLinkedListNode in the above list
0x70KLinkedListNode*Pointer to last KLinkedListNode in the above list
0x74KRecursiveLockRecursive lock
0x7CKThread*Current KThread- used in svcBreak
0x80u8Cleared when an EXCEPTION debug event was (attempted to be) signaled (i.e. even when bit2 of the debug flag is clear)
0x81u8Indicates that an EXCEPTION debug event was signaled
0x82u8Indicates that all threads should be unlocked
0x83u8Indicates that an EXCEPTION debug event different from USER_BREAK was continued, while the process was paused
0x84u8Indicates that a USER_BREAK debug event was continued while the process was paused
0x85u8Indicates that the KProcess instance it belongs to has exited (normally ?)
0x86u8Indicates that the KProcess instance it belongs to has been terminated
0x87u8Indicates that svcBreak was used and not yet handled by svcContinueDebugEvent, with type != (UN)LOAD_RO
0x88u32 *Register dump
0x8Cu32Exception type
0x90u16Number of “EXCEPTION” events encountered (0 or 1)
0x92u16ID of the invalid SVC that was attempted
0x94u16Total number of debug events associated with this object awaiting svcContinueDebugEvent
0x96u16Number of EXIT PROCESS debug events associated with this object awaiting svcContinueDebugEvent
0x98const char *Debug string
0x9Cu32Debug string length

Category:Kernel synchronization objects Category:Kernel interrupt events

KDmaObject

Kernel Synchronization Objects

class KDmaObject extends KSynchronizationObject;

Size : 0x18 bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32Count of KThreads that sync with this object - number of nodes in the linked list below
0xCKLinkedListNode*Pointer to first KLinkedListNode in node list of KThreads that sync with this object
0x10KLinkedListNode*Pointer to last KLinkedListNode in node list of KThreads that sync with this object
0x14u8Configuration number, initialized to 0xFF(-1)
0x15u8Dma started, initialized to 1
0x16u16Unused

Category:Kernel synchronization objects

KEvent

Kernel Synchronization Objects, Kernel Interrupt Events

class KEvent extends KSynchronizationObject and KUserBindableInterruptEvent;

Size : 0x28 bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32Count of KThreads that sync with this object - number of nodes in the linked list below
0xCKLinkedListNode*Pointer to first KLinkedListNode in node list of KThreads that sync with this object
0x10KLinkedListNode*Pointer to last KLinkedListNode in node list of KThreads that sync with this object
0x14KUserBindableInterruptEventInterrupt event (*this)
0x20boolEvent is signaled
0x21boolManual clear
0x22u8Reset type
0x23u8Unused, alignment
0x24KProcess *Owner

Category:Kernel synchronization objects Category:Kernel interrupt events

KMutex

Kernel Synchronization Objects

class KMutex extends KSynchronizationObject;

Size : 0x2C bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32Node count for threads
0xCKLinkedListNode*Pointer to first KLinkedListNode in the list of threads that sync with this object
0x10KLinkedListNode*Pointer to last KLinkedListNode in the list of threads that sync with this object
0x14KMutexLinkedListNodePrevious and next mutexes
0x1Cu32Threads using this mutex
0x20KThread *Thread that has the KMutex locked
0x24u32Priority
0x28KProcess*Owner

With the following declarations: struct KMutexLinkedList { KMutex *first, *last; }; and struct KMutexLinkedListNode { KMutex *prev, *next; };.

KProcess

Kernel Synchronization Objects, Kernel Interrupt Events

class KProcess extends KSynchronizationObject and KSendableInterruptEvent;

Size : 0x270 (N3DS) / 0x268 bytes (O3DS post 8.x) / 0x260 bytes (O3DS pre 8.x). 0x4D8 bytes on ARM9. The only field that changed is the KProcessHwInfo member instance. The definition of KProcess remain identical in all cases.

The listed offsets are N3DS-only.

OffsetTypeDescription
0x0void**Pointer to vtable
0x4u32Reference count
0x8u32Count of KThreads that sync with this object - number of nodes in the linked list below
0xCKLinkedListNode*Pointer to first KLinkedListNode in node list of KThreads that sync with this object
0x10KLinkedListNode*Pointer to last KLinkedListNode in node list of KThreads that sync with this object
0x14KSendableInterruptEventInterrupt event (*this) sent to terminate the process
0x1CKProcessHwInfoProcess hardware/context info. Used to manage segmentation, etc.
0x68u32Total size of all Thread Context pages owned by threads that belong to this process
0x6Cu32Number of KThreadLocalPages used by this KProcess
0x70KLinkedListNode*Pointer to first KLinkedListNode in the list of KThreadLocalPages
0x74KLinkedListNode*Pointer to last KLinkedListNode in the list of KThreadLocalPages
0x78u32Unknown
0x7Cs32Ideal processor for this process
0x80KDebug*KDebug object created from svc 0x60 to debug the process
0x84KResourceLimit*Pointer to resource limits for process.
0x88u8Normally 1 to indicate process is open/available. Set to 2 to indicate process is exiting/closing and 3 to indicate exited/closed.
0x89u8Process affinity mask
0x8Au16Unused, alignment
0x8Cs16Number of threads which belong to this process.
0x8Es16Max number of threads which can belong to this process. This is always 0.
0x900x10-bytesSVC access control mask from the exheader kernel descriptors. This is copied to the Thread Context area when creating threads, which is the actual data the SVC-handler checks for SVC-access-control.
0xA0u32[4]Interrupt flags- 32 interrupts per word, 4 words, 0x80 interrupts total divided evenly across 4 words
0xB0u32Kernel flags from the exheader kernel descriptors.
0xB4u16Handle table size from the exheader kernel descriptors. When this is 0, handle table is stored in WRAM.
0xB6u16Kernel release version field, from the exheader kernel descriptors.
0xB8KCodeSet*Pointer to KCodeSet instance
0xBCu32Process id, this always begins at 0x0 for the first process.
0xC0s64Process creation time as tick count
0xC8KThread*Pointer to the process’s main thread.
0xCCu32[4]Interrupt enabled flags- 32 interrupts per word, 4 words, 0x80 interrupts total divided evenly across 4 words
0xDCKProcessHandleTableThis is the data for tracking and using all of the KProcess’s handles.
0x234u32Unused (From here up, everything is set to 0 on creation, has 0 written to it again during process creation, and is never used again.)
0x238u64Unused
0x240u64Unused
0x248u64Unused
0x250u64Unused
0x258u64Unused
0x260u64Unused
0x268u64Unused

KProcessHandleTable #

OffsetTypeDescription
0x0HandleDescriptor*Pointer to the process’s handle table.
0x4s16The max number of handles that can be open at once - usually 0x200.
0x6s16The highest count of handles that have been open at once
0x8HandleDescriptor*Pointer to the next open HandleDescriptor entry in the handle table.
0xCs16Total handles used by this KProcess.
0xEs16The current number of handles in use.
0x10KObjectMutexMutex
0x18HandleDescriptor[0x28]This small handle data table, internal to the KProcess, is only used in certain processes that don’t have an external handle descriptor table in FCRAM. It is all zeros in most processes.

HandleDescriptor #

OffsetTypeDescription
0x0u32Handle info
0x4u32Pointer to the kernel object that the handle references.

The handle info u32 works as such:

KSemaphore

Kernel Synchronization Objects, Kernel Interrupt Events

class KSemaphore extends KSynchronizationObject and KUserBindableInterruptEvent;

Size : 0x2C bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32Count of KThreads that sync with this object - number of nodes in the linked list below
0xCKLinkedListNode*Pointer to first KLinkedListNode in list of KThreads that sync with this semaphore
0x10KLinkedListNode*Pointer to last KLinkedListNode in list of KThreads that sync with this semaphore
0x14KUserBindableInterruptEventInterrupt event (*this)
0x20u32Count
0x24u32Max count
0x28KProcess*Owner

Category:Kernel synchronization objects Category:Kernel interrupt events

KServerPort

Kernel Synchronization Objects

class KServerPort extends KSynchronizationObject;

Size : 0x24 bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32Node count for threads
0xCKLinkedListNode*Pointer to first KLinkedListNode in the list of threads that sync with this object
0x10KLinkedListNode*Pointer to last KLinkedListNode in the list of threads that sync with this object
0x14u32Node count for threads
0x18KLinkedListNode*Pointer to first KLinkedListNode in the list of KServerSessions associated with this object
0x1CKLinkedListNode*Pointer to last KLinkedListNode in the list of KServerSessions associated with this object
0x20KPort*Pointer to parent KPort

Category:Kernel synchronization objects

KServerSession

Kernel Synchronization Objects

class KServerSession extends KSynchronizationObject;

Size : 0x24 bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32Node count for threads
0xCKLinkedListNode*Pointer to first KLinkedListNode in the list of threads that sync with this object
0x10KLinkedListNode*Pointer to last KLinkedListNode in the list of threads that sync with this object
0x14KSession*Pointer to parent session
0x18KThread*Last stolen KThread during sync request- current thread when KServerSession code is running during svc - noted in KThread+0xA8 as well
0x1CKThread*First stolen KThread during sync request
0x20KThread*KThread that originated the session

Category:Kernel synchronization objects

KSynchronizationObject

Kernel Synchronization Objects

class KSynchronizationObject extends KAutoObject;

Size : 0x14 bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32Count of KThreads that sync with this object - number of nodes in the linked list below
0xCKLinkedListNode*Pointer to first KLinkedListNode in node list of KThreads that sync with this object
0x10KLinkedListNode*Pointer to last KLinkedListNode in node list of KThreads that sync with this object

Category:Kernel synchronization objects

KThread

Kernel Synchronization Objects, Kernel Interrupt Events

class KThread extends KSynchronizationObject, KTimeableInterruptEvent, KSendableInterruptEvent and KSchedulableInterruptEvent;

Size : 0xB0 bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32Count of KThreads that sync with this object - number of nodes in the linked list below
0xCKLinkedListNode*Pointer to first KLinkedListNode in node list of KThreads that sync with this object
0x10KLinkedListNode*Pointer to last KLinkedListNode in node list of KThreads that sync with this object
0x14KTimeableInterruptEventUsed to suspend threads (*this)
0x24KSendableInterruptEventInterrupt event (*this) sent to terminate a thread, except in the case just below
0x2CKSchedulableInterruptEventInterrupt event (*this) scheduled by the IRQ handler when the thread should terminate (*this)
0x34u8Scheduling mask
0x35u8Set to 1 when a thread is woken up from a svcSendSyncRequest call due to the ServerSession endpoint closing down
0x36s8Indicates that the thread shall terminate
0x37u8Indicates there was an error translating the parameters in the command buffer during an IPC call
0x38KDebugThread*Pointer to KDebugThread object used with the current KThread
0x3Cu32Base thread priority
0x40u32Pointer to object the KThread is waiting on- can be a timer, event, session, etc.
0x44ResultStatus for object above
0x48KObjectMutex*Locking kernel mutex
0x4Cu32Arbitration address
0x50KLinkedListNode*Pointer to first KLinkedListNode in node list of objects this thread is waiting on
0x54KLinkedListNode*Pointer to last KLinkedListNode in node list of objects this thread is
0x5CKMutexLinkedList *Set in some very specific circumstances
0x60u32Count of KMutex objects this thread is using
0x64KLinkedListNode*Pointer to first KLinkedListNode in node list of KMutex objects this thread is using
0x68KLinkedListNode*Pointer to last KLinkedListNode in node list of KMutex objects this thread is using
0x6Cs32Dynamic thread priority
0x70s32Processor that created the thread (in the sense of “first ran”) ; processor the thread is running in
0x74KPreemptionTimer *Points to KResourceLimit+0x60, which among other things holds the amount of CPU time available in ticks, or NULL
0x7Cu8Thread is alive
0x7Du8Thread has been terminated
0x7Eu8Thread affinity mask - set differently depending on whether the thread is created via svc call or from inside the kernel
0x80KProcess*Process the thread belongs to (virtual address)
0x84u32Thread id
0x88u32*Ptr to svc mode register storage for KThread inside the thread context.
0x8Cu32*End-address of the page for this thread context allocated in the 0xFF4XX000 region. Thus, if the beginning of this mapped page is 0xFF401000, this ptr would be 0xFF402000. Thread context page - used for thread svc stack, preserving svc mode registers and VFP exception register for thread.
0x90s32Ideal processor (processorid value from svcCreateThread)
0x94void*Ptr to Thread Local Storage
0x98void*Ptr to Thread Local Storage in FCRAM via kernel vmem
0xA0KThreadLinkedListNodePrevious and next scheduled threads
0xA8KThreadLinkedList *Pointer to linked list of scheduled threads that has stolen it, or 0 if in normal list
0xACs32Priority to restore after sleep if suspended, otherwise -1

With the following declarations: struct KThreadLinkedList { KThread *first, *last; }; and struct KThreadLinkedListNode { KThread *prev, *next; };.

KTimer

Kernel Synchronization Objects, Kernel Interrupt Events

class KTimer extends KSynchronizationObject and KTimeableInterruptEvent;

Size : 0x3C bytes

OffsetTypeDescription
0x0u32Pointer to vtable
0x4u32Reference count
0x8u32Count of KThreads that sync with this object - number of nodes in the linked list below
0xCKLinkedListNode*Pointer to first KLinkedListNode in node list of KThreads that sync with this object
0x10KLinkedListNode*Pointer to last KLinkedListNode in node list of KThreads that sync with this object
0x14KTimeableInterruptEventInterrupt event (*this) to be used with KTimerAndWDTManager holding its desired time point (relative to the CPU power-on) in CPU ticks (when handling its list of KTimableInterruptEvent instances). Gets incremented at each interval
0x24u8Timer is signaled
0x25u8Timer reset type (one shot, sticky, pulse)
0x26u16Starting from 11.3.0-36: set to 0 prior to removing the timer from the KTimerAndWDTManager queue, set to 1 just after that.
0x28s64Interval in nanoseconds
0x30s64Current value in nanoseconds: current system uptime + user-specified time offset, updated at each interval
0x38KProcess*Owner

Negative intervals and time offsets are considered null.