NtFlushInstructionCache - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTMMAPI_H
// Misc.
#if (PHNT_MODE != PHNT_MODE_KERNEL)

NTSYSCALLAPI
NTSTATUS
NTAPI
NtFlushInstructionCache(
    _In_ HANDLE ProcessHandle,
    _In_opt_ PVOID BaseAddress,
    _In_ SIZE_T Length
    );

#endif
#endif

View code on GitHub
#ifndef _NTZWAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
ZwFlushInstructionCache(
    _In_ HANDLE ProcessHandle,
    _In_opt_ PVOID BaseAddress,
    _In_ SIZE_T Length
    );

#endif

View code on GitHub

Function NtFlushInstructionCache empties execution cache for specified region of code. It should be used always after modification of process's executable memory (for example when NtLdr fills imported function's entries).

ProcessHandle

HANDLE to Process Object.

BaseAddress

Starting memory address to flush.

NumberOfBytesToFlush

Length of flushed memory block.

Documented by

See also

Edit description on GitHub