64-Bit system calls executed by a wow64 process require structures aligned on a 16 byte boundary. A misaligned structure will sometimes result in the system call returning STATUS_DATATYPE_MISALIGNMENT. For example fix, OBJECT_ATTRIBUTES64 in phnt_ntdef.h would be defined like:

typedef struct DECLSPEC_ALIGN(16) _OBJECT_ATTRIBUTES64
{
    ULONG Length;
    ULONG64 RootDirectory;
    ULONG64 ObjectName;
    ULONG Attributes;
    ULONG64 SecurityDescriptor;
    ULONG64 SecurityQualityOfService;
} OBJECT_ATTRIBUTES64, *POBJECT_ATTRIBUTES64;

The only change required here is using DECLSPEC_ALIGN(16) or __declspec(align(16))

👍

For example fix, OBJECT_ATTRIBUTES64 in phnt_ntdef.h would be defined like:

The definition we're using exactly matches what's included in the Windows SDK?

64-Bit system calls executed by a wow64 process

There are a number of cases where this won't work. You should be using the 32bit versions.

Okay, fair enough.