processsnapshot.h (8462B) - Raw
1 /** 2 * This file has no copyright assigned and is placed in the Public Domain. 3 * This file is part of the mingw-w64 runtime package. 4 * No warranty is given; refer to the file DISCLAIMER.PD within this package. 5 */ 6 7 #ifndef PROCESSSNAPSHOT_H 8 #define PROCESSSNAPSHOT_H 9 10 typedef enum { 11 PSS_HANDLE_NONE = 0x00, 12 PSS_HANDLE_HAVE_TYPE = 0x01, 13 PSS_HANDLE_HAVE_NAME = 0x02, 14 PSS_HANDLE_HAVE_BASIC_INFORMATION = 0x04, 15 PSS_HANDLE_HAVE_TYPE_SPECIFIC_INFORMATION = 0x08 16 } PSS_HANDLE_FLAGS; 17 DEFINE_ENUM_FLAG_OPERATORS(PSS_HANDLE_FLAGS); 18 19 typedef enum { 20 PSS_OBJECT_TYPE_UNKNOWN = 0, 21 PSS_OBJECT_TYPE_PROCESS = 1, 22 PSS_OBJECT_TYPE_THREAD = 2, 23 PSS_OBJECT_TYPE_MUTANT = 3, 24 PSS_OBJECT_TYPE_EVENT = 4, 25 PSS_OBJECT_TYPE_SECTION = 5, 26 PSS_OBJECT_TYPE_SEMAPHORE = 6 27 } PSS_OBJECT_TYPE; 28 29 typedef enum { 30 PSS_CAPTURE_NONE = 0x00000000, 31 PSS_CAPTURE_VA_CLONE = 0x00000001, 32 PSS_CAPTURE_RESERVED_00000002 = 0x00000002, 33 PSS_CAPTURE_HANDLES = 0x00000004, 34 PSS_CAPTURE_HANDLE_NAME_INFORMATION = 0x00000008, 35 PSS_CAPTURE_HANDLE_BASIC_INFORMATION = 0x00000010, 36 PSS_CAPTURE_HANDLE_TYPE_SPECIFIC_INFORMATION = 0x00000020, 37 PSS_CAPTURE_HANDLE_TRACE = 0x00000040, 38 PSS_CAPTURE_THREADS = 0x00000080, 39 PSS_CAPTURE_THREAD_CONTEXT = 0x00000100, 40 PSS_CAPTURE_THREAD_CONTEXT_EXTENDED = 0x00000200, 41 PSS_CAPTURE_RESERVED_00000400 = 0x00000400, 42 PSS_CAPTURE_VA_SPACE = 0x00000800, 43 PSS_CAPTURE_VA_SPACE_SECTION_INFORMATION = 0x00001000, 44 PSS_CAPTURE_IPT_TRACE = 0x00002000, 45 PSS_CAPTURE_RESERVED_00004000 = 0x00004000, 46 PSS_CREATE_BREAKAWAY_OPTIONAL = 0x04000000, 47 PSS_CREATE_BREAKAWAY = 0x08000000, 48 PSS_CREATE_FORCE_BREAKAWAY = 0x10000000, 49 PSS_CREATE_USE_VM_ALLOCATIONS = 0x20000000, 50 PSS_CREATE_MEASURE_PERFORMANCE = 0x40000000, 51 PSS_CREATE_RELEASE_SECTION = 0x80000000 52 } PSS_CAPTURE_FLAGS; 53 DEFINE_ENUM_FLAG_OPERATORS(PSS_CAPTURE_FLAGS); 54 55 #define PSS_PERF_RESOLUTION 1000000 56 57 typedef enum { 58 PSS_QUERY_PROCESS_INFORMATION = 0, 59 PSS_QUERY_VA_CLONE_INFORMATION = 1, 60 PSS_QUERY_AUXILIARY_PAGES_INFORMATION = 2, 61 PSS_QUERY_VA_SPACE_INFORMATION = 3, 62 PSS_QUERY_HANDLE_INFORMATION = 4, 63 PSS_QUERY_THREAD_INFORMATION = 5, 64 PSS_QUERY_HANDLE_TRACE_INFORMATION = 6, 65 PSS_QUERY_PERFORMANCE_COUNTERS = 7 66 } PSS_QUERY_INFORMATION_CLASS; 67 68 typedef enum { 69 PSS_WALK_AUXILIARY_PAGES = 0, 70 PSS_WALK_VA_SPACE = 1, 71 PSS_WALK_HANDLES = 2, 72 PSS_WALK_THREADS = 3 73 } PSS_WALK_INFORMATION_CLASS; 74 75 typedef enum { 76 PSS_DUPLICATE_NONE = 0x00, 77 PSS_DUPLICATE_CLOSE_SOURCE = 0x01 78 } PSS_DUPLICATE_FLAGS; 79 DEFINE_ENUM_FLAG_OPERATORS(PSS_DUPLICATE_FLAGS); 80 81 DECLARE_HANDLE(HPSS); 82 DECLARE_HANDLE(HPSSWALK); 83 84 typedef enum { 85 PSS_PROCESS_FLAGS_NONE = 0x00000000, 86 PSS_PROCESS_FLAGS_PROTECTED = 0x00000001, 87 PSS_PROCESS_FLAGS_WOW64 = 0x00000002, 88 PSS_PROCESS_FLAGS_RESERVED_03 = 0x00000004, 89 PSS_PROCESS_FLAGS_RESERVED_04 = 0x00000008, 90 PSS_PROCESS_FLAGS_FROZEN = 0x00000010 91 } PSS_PROCESS_FLAGS; 92 DEFINE_ENUM_FLAG_OPERATORS(PSS_PROCESS_FLAGS); 93 94 typedef struct { 95 DWORD ExitStatus; 96 void *PebBaseAddress; 97 ULONG_PTR AffinityMask; 98 LONG BasePriority; 99 DWORD ProcessId; 100 DWORD ParentProcessId; 101 PSS_PROCESS_FLAGS Flags; 102 FILETIME CreateTime; 103 FILETIME ExitTime; 104 FILETIME KernelTime; 105 FILETIME UserTime; 106 DWORD PriorityClass; 107 ULONG_PTR PeakVirtualSize; 108 ULONG_PTR VirtualSize; 109 DWORD PageFaultCount; 110 ULONG_PTR PeakWorkingSetSize; 111 ULONG_PTR WorkingSetSize; 112 ULONG_PTR QuotaPeakPagedPoolUsage; 113 ULONG_PTR QuotaPagedPoolUsage; 114 ULONG_PTR QuotaPeakNonPagedPoolUsage; 115 ULONG_PTR QuotaNonPagedPoolUsage; 116 ULONG_PTR PagefileUsage; 117 ULONG_PTR PeakPagefileUsage; 118 ULONG_PTR PrivateUsage; 119 DWORD ExecuteFlags; 120 wchar_t ImageFileName[MAX_PATH]; 121 } PSS_PROCESS_INFORMATION; 122 123 typedef struct { 124 HANDLE VaCloneHandle; 125 } PSS_VA_CLONE_INFORMATION; 126 127 typedef struct { 128 DWORD AuxPagesCaptured; 129 } PSS_AUXILIARY_PAGES_INFORMATION; 130 131 typedef struct { 132 DWORD RegionCount; 133 } PSS_VA_SPACE_INFORMATION; 134 135 typedef struct { 136 DWORD HandlesCaptured; 137 } PSS_HANDLE_INFORMATION; 138 139 typedef struct { 140 DWORD ThreadsCaptured; 141 DWORD ContextLength; 142 } PSS_THREAD_INFORMATION; 143 144 typedef struct { 145 HANDLE SectionHandle; 146 DWORD Size; 147 } PSS_HANDLE_TRACE_INFORMATION; 148 149 typedef struct { 150 UINT64 TotalCycleCount; 151 UINT64 TotalWallClockPeriod; 152 UINT64 VaCloneCycleCount; 153 UINT64 VaCloneWallClockPeriod; 154 UINT64 VaSpaceCycleCount; 155 UINT64 VaSpaceWallClockPeriod; 156 UINT64 AuxPagesCycleCount; 157 UINT64 AuxPagesWallClockPeriod; 158 UINT64 HandlesCycleCount; 159 UINT64 HandlesWallClockPeriod; 160 UINT64 ThreadsCycleCount; 161 UINT64 ThreadsWallClockPeriod; 162 } PSS_PERFORMANCE_COUNTERS; 163 164 typedef struct { 165 void *Address; 166 MEMORY_BASIC_INFORMATION BasicInformation; 167 FILETIME CaptureTime; 168 void *PageContents; 169 DWORD PageSize; 170 } PSS_AUXILIARY_PAGE_ENTRY; 171 172 typedef struct { 173 void *BaseAddress; 174 void *AllocationBase; 175 DWORD AllocationProtect; 176 ULONG_PTR RegionSize; 177 DWORD State; 178 DWORD Protect; 179 DWORD Type; 180 DWORD TimeDateStamp; 181 DWORD SizeOfImage; 182 void *ImageBase; 183 DWORD CheckSum; 184 WORD MappedFileNameLength; 185 wchar_t const *MappedFileName; 186 } PSS_VA_SPACE_ENTRY; 187 188 typedef struct { 189 HANDLE Handle; 190 PSS_HANDLE_FLAGS Flags; 191 PSS_OBJECT_TYPE ObjectType; 192 FILETIME CaptureTime; 193 DWORD Attributes; 194 DWORD GrantedAccess; 195 DWORD HandleCount; 196 DWORD PointerCount; 197 DWORD PagedPoolCharge; 198 DWORD NonPagedPoolCharge; 199 FILETIME CreationTime; 200 WORD TypeNameLength; 201 wchar_t const *TypeName; 202 WORD ObjectNameLength; 203 wchar_t const *ObjectName; 204 union { 205 struct { 206 DWORD ExitStatus; 207 void *PebBaseAddress; 208 ULONG_PTR AffinityMask; 209 LONG BasePriority; 210 DWORD ProcessId; 211 DWORD ParentProcessId; 212 DWORD Flags; 213 } Process; 214 struct { 215 DWORD ExitStatus; 216 void *TebBaseAddress; 217 DWORD ProcessId; 218 DWORD ThreadId; 219 ULONG_PTR AffinityMask; 220 int Priority; 221 int BasePriority; 222 void *Win32StartAddress; 223 } Thread; 224 struct { 225 LONG CurrentCount; 226 WINBOOL Abandoned; 227 DWORD OwnerProcessId; 228 DWORD OwnerThreadId; 229 } Mutant; 230 struct { 231 WINBOOL ManualReset; 232 WINBOOL Signaled; 233 } Event; 234 struct { 235 void *BaseAddress; 236 DWORD AllocationAttributes; 237 LARGE_INTEGER MaximumSize; 238 } Section; 239 struct { 240 LONG CurrentCount; 241 LONG MaximumCount; 242 } Semaphore; 243 } TypeSpecificInformation; 244 } PSS_HANDLE_ENTRY; 245 246 typedef enum { 247 PSS_THREAD_FLAGS_NONE = 0x0000, 248 PSS_THREAD_FLAGS_TERMINATED = 0x0001 249 } PSS_THREAD_FLAGS; 250 DEFINE_ENUM_FLAG_OPERATORS(PSS_THREAD_FLAGS); 251 252 typedef struct { 253 DWORD ExitStatus; 254 void *TebBaseAddress; 255 DWORD ProcessId; 256 DWORD ThreadId; 257 ULONG_PTR AffinityMask; 258 int Priority; 259 int BasePriority; 260 void *LastSyscallFirstArgument; 261 WORD LastSyscallNumber; 262 FILETIME CreateTime; 263 FILETIME ExitTime; 264 FILETIME KernelTime; 265 FILETIME UserTime; 266 void *Win32StartAddress; 267 FILETIME CaptureTime; 268 PSS_THREAD_FLAGS Flags; 269 WORD SuspendCount; 270 WORD SizeOfContextRecord; 271 PCONTEXT ContextRecord; 272 } PSS_THREAD_ENTRY; 273 274 typedef struct { 275 void *Context; 276 void *(WINAPI *AllocRoutine)(void *context, DWORD size); 277 void (WINAPI *FreeRoutine)(void *context, void *address); 278 } PSS_ALLOCATOR; 279 280 #include <winapifamily.h> 281 282 #if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) 283 284 #if (NTDDI_VERSION >= NTDDI_WIN8) 285 286 STDAPI_(DWORD) PssCaptureSnapshot(HANDLE ProcessHandle, PSS_CAPTURE_FLAGS CaptureFlags, DWORD ThreadContextFlags, HPSS *SnapshotHandle); 287 STDAPI_(DWORD) PssFreeSnapshot(HANDLE ProcessHandle, HPSS SnapshotHandle); 288 STDAPI_(DWORD) PssQuerySnapshot(HPSS SnapshotHandle, PSS_QUERY_INFORMATION_CLASS InformationClass, void *Buffer, DWORD BufferLength); 289 STDAPI_(DWORD) PssWalkSnapshot(HPSS SnapshotHandle, PSS_WALK_INFORMATION_CLASS InformationClass, HPSSWALK WalkMarkerHandle, void *Buffer, DWORD BufferLength); 290 STDAPI_(DWORD) PssDuplicateSnapshot(HANDLE SourceProcessHandle, HPSS SnapshotHandle, HANDLE TargetProcessHandle, HPSS *TargetSnapshotHandle, PSS_DUPLICATE_FLAGS Flags); 291 STDAPI_(DWORD) PssWalkMarkerCreate(PSS_ALLOCATOR const *Allocator, HPSSWALK *WalkMarkerHandle); 292 STDAPI_(DWORD) PssWalkMarkerFree(HPSSWALK WalkMarkerHandle); 293 STDAPI_(DWORD) PssWalkMarkerGetPosition(HPSSWALK WalkMarkerHandle, ULONG_PTR *Position); 294 STDAPI_(DWORD) PssWalkMarkerSetPosition(HPSSWALK WalkMarkerHandle, ULONG_PTR Position); 295 STDAPI_(DWORD) PssWalkMarkerSeekToBeginning(HPSSWALK WalkMarkerHandle); 296 297 #endif /* (NTDDI_VERSION >= NTDDI_WIN8) */ 298 #endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) */ 299 #endif /* PROCESSSNAPSHOT_H */