INTERRUPT_FUNCTION_TABLE

The INTERRUPT_FUNCTION_TABLE (formally _INTERRUPT_FUNCTION_TABLE) is a table of function pointers that allow the HAL to work mostly with an abstracted notion of interrupt controllers. Its known use is as the FunctionTable member of a REGISTERED_INTERRUPT_CONTROLLER.

Documentation Status

The INTERRUPT_FUNCTION_TABLE is not documented. Neither is Microsoft known to have ever published a C-language definition in any Windows Driver Kit (WDK).

The practical equivalent of a C-language definition is available as type information in public symbol files for the HAL, starting with Windows 8. The merging of the HAL into the kernel for the 2004 release of 64-bit Windows moves this type information into the public symbols for the kernel.

Variability

The INTERRUPT_FUNCTION_TABLE is evidently intended as private to the HAL or at least between the HAL and its extension DLLs (not that any way has yet been looked for how, or even whether, these may get involved). If nothing else, this shows in the lack of any formal indicator of version or layout. It happens that the table has changed, but so far only by appending:

Version	Size (x86)	Size (x64)
6.2 to 1607	0x50	0xA0
1703 to 1809	0x54	0xA8
1903	0x58	0xB0
2004	0x5C	0xB8

Incidentally, or not, the expansion for Version 1703 moved the C-language definition between headers: from ntsoc.h to intdefs.h. Whether the latter is a new header or just a renaming is not known. One disappears from the public symbols to have its place taken by the new, but both contribute the same types, with a change in line numbers, of course, but with only one change of order.

Layout

The sizes in the preceding table and the offsets and definitions in the next are from type information in public symbols as noted above for Windows 8 and higher. Whether the structure even exists in earlier versions is left for another time.

Offset (x86)	Offset (x64)	Definition	Versions
0x00	0x00	NTSTATUS (InitializeLocalUnit) ( PVOID, ULONG, ULONG, ULONG, ULONG, ULONG ;	6.2 and higher
0x04	0x08	NTSTATUS (*InitializeIoUnit) ( PVOID);	6.2 and higher
0x08	0x10	VOID (*SetPriority) ( PVOID, ULONG);	6.2 and higher
0x0C	0x18	ULONG (*GetLocalUnitError) ( PVOID);	6.2 and higher
0x10	0x20	VOID (*ClearLocalUnitError) ( PVOID);	6.2 and higher
0x14	0x28	NTSTATUS (GetLogicalId) ( PVOID, INTERRUPT_TARGET );	6.2 and higher
0x18	0x30	NTSTATUS (SetLogicalId) ( PVOID, INTERRUPT_TARGET );	6.2 and higher
0x1C	0x38	INTERRUPT_RESULT (AcceptAndGetSource) ( PVOID, LONG , ULONG *);	6.2 and higher
0x20	0x40	VOID (*EndOfInterrupt) ( PVOID);	6.2 and higher
0x24	0x48	VOID (*FastEndOfInterrupt) ( VOID);	6.2 and higher
0x28	0x50	NTSTATUS (SetLineState) ( PVOID, INTERRUPT_LINE , INTERRUPT_LINE_STATE *);	6.2 and higher
0x2C	0x58	NTSTATUS (RequestInterrupt) ( PVOID, INTERRUPT_LINE , INTERRUPT_TARGET , ULONG, INTERRUPT_LINE );	6.2 and higher
0x30	0x60	NTSTATUS (*StartProcessor) ( PVOID, ULONG, PVOID, ULONG);	6.2 and higher
0x34	0x68	NTSTATUS (GenerateMessage) ( PVOID, INTERRUPT_LINE_STATE , ULONGLONG , ULONGLONG ;	6.2 and higher
0x38	0x70	NTSTATUS (ConvertId) ( PVOID, ULONG , INTERRUPT_TARGET *, UCHAR);	6.2 and higher
0x3C	0x78	NTSTATUS (*SaveLocalInterrupts) ( PVOID, PVOID);	6.2 and higher
0x40	0x80	NTSTATUS (*ReplayLocalInterrupts) ( PVOID, PVOID);	6.2 and higher
0x44	0x88	NTSTATUS (*DeinitializeLocalUnit) ( PVOID);	6.2 and higher
0x48	0x90	NTSTATUS (*DeinitializeIoUnit) ( PVOID);	6.2 and higher
0x4C	0x98	INTERRUPT_RESULT (QueryAndGetSource) ( PVOID, LONG , ULONG , UCHAR );	6.2 and higher
0x50	0xA0	VOID (*DeactivateInterrupt) ( PVOID, ULONG);	1703 and higher
0x54	0xA8	VOID (*DirectedEndOfInterrupt) ( PVOID, ULONG, ULONG);	1903 and higher
0x58	0xB0	NTSTATUS (QueryLocalUnitInfo) ( VOID, ULONG, ULONG, ULONG , KINTERRUPT_MODE , KINTERRUPT_MODE );	2004 and higher