Comment by codedokode

Just wanted to comment that Googling "KeBalanceSetManager" gives this article [1] among others (the article mentions the leaked source code but it doesn't contain the code itself, just the description). Many internal function names were leaked with debugging symbols, and some people were reverse engineering those functions (for example, people who deal with malware).

The similarity in code can be explained by reverse engineering. For example, constant names in switch are different (TimerExpiration vs STATUS_WAIT_0).

> Why does this code in ReactOS exist if it does nothing?

Maybe because there is software that relies on the existence of this thread?

Regarding assertions and local variable names and same declaration oder, I don't know where they come from. That looks suspicious.

[1] https://github.com/bowlofstew/rootkit.com/blob/master/90210/...