NtFlushInstructionCache - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers

#ifndef _NTMMAPI_H
// Misc.
#if (PHNT_MODE != PHNT_MODE_KERNEL)

NTSYSCALLAPI
NTSTATUS
NTAPI
NtFlushInstructionCache(
    _In_ HANDLE ProcessHandle,
    _In_opt_ PVOID BaseAddress,
    _In_ SIZE_T Length
    );

#endif
#endif
View code on GitHub

#ifndef _NTZWAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
ZwFlushInstructionCache(
    _In_ HANDLE ProcessHandle,
    _In_opt_ PVOID BaseAddress,
    _In_ SIZE_T Length
    );

#endif
View code on GitHub

Function NtFlushInstructionCache empties execution cache for specified region of code. It should be used always after modification of process's executable memory (for example when NtLdr fills imported function's entries).

ProcessHandle

HANDLE to Process Object.

BaseAddress

Starting memory address to flush.

NumberOfBytesToFlush

Length of flushed memory block.

Documented by

ReactOS
Tomasz Nowak

ProcessHandle

BaseAddress

NumberOfBytesToFlush

Documented by

See also