master
1/**
2 * This file has no copyright assigned and is placed in the Public Domain.
3 * This file is part of the mingw-w64 runtime package.
4 * No warranty is given; refer to the file DISCLAIMER.PD within this package.
5 */
6
7#ifndef PROCESSSNAPSHOT_H
8#define PROCESSSNAPSHOT_H
9
10typedef enum {
11 PSS_HANDLE_NONE = 0x00,
12 PSS_HANDLE_HAVE_TYPE = 0x01,
13 PSS_HANDLE_HAVE_NAME = 0x02,
14 PSS_HANDLE_HAVE_BASIC_INFORMATION = 0x04,
15 PSS_HANDLE_HAVE_TYPE_SPECIFIC_INFORMATION = 0x08
16} PSS_HANDLE_FLAGS;
17DEFINE_ENUM_FLAG_OPERATORS(PSS_HANDLE_FLAGS);
18
19typedef enum {
20 PSS_OBJECT_TYPE_UNKNOWN = 0,
21 PSS_OBJECT_TYPE_PROCESS = 1,
22 PSS_OBJECT_TYPE_THREAD = 2,
23 PSS_OBJECT_TYPE_MUTANT = 3,
24 PSS_OBJECT_TYPE_EVENT = 4,
25 PSS_OBJECT_TYPE_SECTION = 5,
26 PSS_OBJECT_TYPE_SEMAPHORE = 6
27} PSS_OBJECT_TYPE;
28
29typedef enum {
30 PSS_CAPTURE_NONE = 0x00000000,
31 PSS_CAPTURE_VA_CLONE = 0x00000001,
32 PSS_CAPTURE_RESERVED_00000002 = 0x00000002,
33 PSS_CAPTURE_HANDLES = 0x00000004,
34 PSS_CAPTURE_HANDLE_NAME_INFORMATION = 0x00000008,
35 PSS_CAPTURE_HANDLE_BASIC_INFORMATION = 0x00000010,
36 PSS_CAPTURE_HANDLE_TYPE_SPECIFIC_INFORMATION = 0x00000020,
37 PSS_CAPTURE_HANDLE_TRACE = 0x00000040,
38 PSS_CAPTURE_THREADS = 0x00000080,
39 PSS_CAPTURE_THREAD_CONTEXT = 0x00000100,
40 PSS_CAPTURE_THREAD_CONTEXT_EXTENDED = 0x00000200,
41 PSS_CAPTURE_RESERVED_00000400 = 0x00000400,
42 PSS_CAPTURE_VA_SPACE = 0x00000800,
43 PSS_CAPTURE_VA_SPACE_SECTION_INFORMATION = 0x00001000,
44 PSS_CAPTURE_IPT_TRACE = 0x00002000,
45 PSS_CAPTURE_RESERVED_00004000 = 0x00004000,
46 PSS_CREATE_BREAKAWAY_OPTIONAL = 0x04000000,
47 PSS_CREATE_BREAKAWAY = 0x08000000,
48 PSS_CREATE_FORCE_BREAKAWAY = 0x10000000,
49 PSS_CREATE_USE_VM_ALLOCATIONS = 0x20000000,
50 PSS_CREATE_MEASURE_PERFORMANCE = 0x40000000,
51 PSS_CREATE_RELEASE_SECTION = 0x80000000
52} PSS_CAPTURE_FLAGS;
53DEFINE_ENUM_FLAG_OPERATORS(PSS_CAPTURE_FLAGS);
54
55#define PSS_PERF_RESOLUTION 1000000
56
57typedef enum {
58 PSS_QUERY_PROCESS_INFORMATION = 0,
59 PSS_QUERY_VA_CLONE_INFORMATION = 1,
60 PSS_QUERY_AUXILIARY_PAGES_INFORMATION = 2,
61 PSS_QUERY_VA_SPACE_INFORMATION = 3,
62 PSS_QUERY_HANDLE_INFORMATION = 4,
63 PSS_QUERY_THREAD_INFORMATION = 5,
64 PSS_QUERY_HANDLE_TRACE_INFORMATION = 6,
65 PSS_QUERY_PERFORMANCE_COUNTERS = 7
66} PSS_QUERY_INFORMATION_CLASS;
67
68typedef enum {
69 PSS_WALK_AUXILIARY_PAGES = 0,
70 PSS_WALK_VA_SPACE = 1,
71 PSS_WALK_HANDLES = 2,
72 PSS_WALK_THREADS = 3
73} PSS_WALK_INFORMATION_CLASS;
74
75typedef enum {
76 PSS_DUPLICATE_NONE = 0x00,
77 PSS_DUPLICATE_CLOSE_SOURCE = 0x01
78} PSS_DUPLICATE_FLAGS;
79DEFINE_ENUM_FLAG_OPERATORS(PSS_DUPLICATE_FLAGS);
80
81DECLARE_HANDLE(HPSS);
82DECLARE_HANDLE(HPSSWALK);
83
84typedef enum {
85 PSS_PROCESS_FLAGS_NONE = 0x00000000,
86 PSS_PROCESS_FLAGS_PROTECTED = 0x00000001,
87 PSS_PROCESS_FLAGS_WOW64 = 0x00000002,
88 PSS_PROCESS_FLAGS_RESERVED_03 = 0x00000004,
89 PSS_PROCESS_FLAGS_RESERVED_04 = 0x00000008,
90 PSS_PROCESS_FLAGS_FROZEN = 0x00000010
91} PSS_PROCESS_FLAGS;
92DEFINE_ENUM_FLAG_OPERATORS(PSS_PROCESS_FLAGS);
93
94typedef struct {
95 DWORD ExitStatus;
96 void *PebBaseAddress;
97 ULONG_PTR AffinityMask;
98 LONG BasePriority;
99 DWORD ProcessId;
100 DWORD ParentProcessId;
101 PSS_PROCESS_FLAGS Flags;
102 FILETIME CreateTime;
103 FILETIME ExitTime;
104 FILETIME KernelTime;
105 FILETIME UserTime;
106 DWORD PriorityClass;
107 ULONG_PTR PeakVirtualSize;
108 ULONG_PTR VirtualSize;
109 DWORD PageFaultCount;
110 ULONG_PTR PeakWorkingSetSize;
111 ULONG_PTR WorkingSetSize;
112 ULONG_PTR QuotaPeakPagedPoolUsage;
113 ULONG_PTR QuotaPagedPoolUsage;
114 ULONG_PTR QuotaPeakNonPagedPoolUsage;
115 ULONG_PTR QuotaNonPagedPoolUsage;
116 ULONG_PTR PagefileUsage;
117 ULONG_PTR PeakPagefileUsage;
118 ULONG_PTR PrivateUsage;
119 DWORD ExecuteFlags;
120 wchar_t ImageFileName[MAX_PATH];
121} PSS_PROCESS_INFORMATION;
122
123typedef struct {
124 HANDLE VaCloneHandle;
125} PSS_VA_CLONE_INFORMATION;
126
127typedef struct {
128 DWORD AuxPagesCaptured;
129} PSS_AUXILIARY_PAGES_INFORMATION;
130
131typedef struct {
132 DWORD RegionCount;
133} PSS_VA_SPACE_INFORMATION;
134
135typedef struct {
136 DWORD HandlesCaptured;
137} PSS_HANDLE_INFORMATION;
138
139typedef struct {
140 DWORD ThreadsCaptured;
141 DWORD ContextLength;
142} PSS_THREAD_INFORMATION;
143
144typedef struct {
145 HANDLE SectionHandle;
146 DWORD Size;
147} PSS_HANDLE_TRACE_INFORMATION;
148
149typedef struct {
150 UINT64 TotalCycleCount;
151 UINT64 TotalWallClockPeriod;
152 UINT64 VaCloneCycleCount;
153 UINT64 VaCloneWallClockPeriod;
154 UINT64 VaSpaceCycleCount;
155 UINT64 VaSpaceWallClockPeriod;
156 UINT64 AuxPagesCycleCount;
157 UINT64 AuxPagesWallClockPeriod;
158 UINT64 HandlesCycleCount;
159 UINT64 HandlesWallClockPeriod;
160 UINT64 ThreadsCycleCount;
161 UINT64 ThreadsWallClockPeriod;
162} PSS_PERFORMANCE_COUNTERS;
163
164typedef struct {
165 void *Address;
166 MEMORY_BASIC_INFORMATION BasicInformation;
167 FILETIME CaptureTime;
168 void *PageContents;
169 DWORD PageSize;
170} PSS_AUXILIARY_PAGE_ENTRY;
171
172typedef struct {
173 void *BaseAddress;
174 void *AllocationBase;
175 DWORD AllocationProtect;
176 ULONG_PTR RegionSize;
177 DWORD State;
178 DWORD Protect;
179 DWORD Type;
180 DWORD TimeDateStamp;
181 DWORD SizeOfImage;
182 void *ImageBase;
183 DWORD CheckSum;
184 WORD MappedFileNameLength;
185 wchar_t const *MappedFileName;
186} PSS_VA_SPACE_ENTRY;
187
188typedef struct {
189 HANDLE Handle;
190 PSS_HANDLE_FLAGS Flags;
191 PSS_OBJECT_TYPE ObjectType;
192 FILETIME CaptureTime;
193 DWORD Attributes;
194 DWORD GrantedAccess;
195 DWORD HandleCount;
196 DWORD PointerCount;
197 DWORD PagedPoolCharge;
198 DWORD NonPagedPoolCharge;
199 FILETIME CreationTime;
200 WORD TypeNameLength;
201 wchar_t const *TypeName;
202 WORD ObjectNameLength;
203 wchar_t const *ObjectName;
204 union {
205 struct {
206 DWORD ExitStatus;
207 void *PebBaseAddress;
208 ULONG_PTR AffinityMask;
209 LONG BasePriority;
210 DWORD ProcessId;
211 DWORD ParentProcessId;
212 DWORD Flags;
213 } Process;
214 struct {
215 DWORD ExitStatus;
216 void *TebBaseAddress;
217 DWORD ProcessId;
218 DWORD ThreadId;
219 ULONG_PTR AffinityMask;
220 int Priority;
221 int BasePriority;
222 void *Win32StartAddress;
223 } Thread;
224 struct {
225 LONG CurrentCount;
226 WINBOOL Abandoned;
227 DWORD OwnerProcessId;
228 DWORD OwnerThreadId;
229 } Mutant;
230 struct {
231 WINBOOL ManualReset;
232 WINBOOL Signaled;
233 } Event;
234 struct {
235 void *BaseAddress;
236 DWORD AllocationAttributes;
237 LARGE_INTEGER MaximumSize;
238 } Section;
239 struct {
240 LONG CurrentCount;
241 LONG MaximumCount;
242 } Semaphore;
243 } TypeSpecificInformation;
244} PSS_HANDLE_ENTRY;
245
246typedef enum {
247 PSS_THREAD_FLAGS_NONE = 0x0000,
248 PSS_THREAD_FLAGS_TERMINATED = 0x0001
249} PSS_THREAD_FLAGS;
250DEFINE_ENUM_FLAG_OPERATORS(PSS_THREAD_FLAGS);
251
252typedef struct {
253 DWORD ExitStatus;
254 void *TebBaseAddress;
255 DWORD ProcessId;
256 DWORD ThreadId;
257 ULONG_PTR AffinityMask;
258 int Priority;
259 int BasePriority;
260 void *LastSyscallFirstArgument;
261 WORD LastSyscallNumber;
262 FILETIME CreateTime;
263 FILETIME ExitTime;
264 FILETIME KernelTime;
265 FILETIME UserTime;
266 void *Win32StartAddress;
267 FILETIME CaptureTime;
268 PSS_THREAD_FLAGS Flags;
269 WORD SuspendCount;
270 WORD SizeOfContextRecord;
271 PCONTEXT ContextRecord;
272} PSS_THREAD_ENTRY;
273
274typedef struct {
275 void *Context;
276 void *(WINAPI *AllocRoutine)(void *context, DWORD size);
277 void (WINAPI *FreeRoutine)(void *context, void *address);
278} PSS_ALLOCATOR;
279
280#include <winapifamily.h>
281
282#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP)
283
284#if (NTDDI_VERSION >= NTDDI_WIN8)
285
286STDAPI_(DWORD) PssCaptureSnapshot(HANDLE ProcessHandle, PSS_CAPTURE_FLAGS CaptureFlags, DWORD ThreadContextFlags, HPSS *SnapshotHandle);
287STDAPI_(DWORD) PssFreeSnapshot(HANDLE ProcessHandle, HPSS SnapshotHandle);
288STDAPI_(DWORD) PssQuerySnapshot(HPSS SnapshotHandle, PSS_QUERY_INFORMATION_CLASS InformationClass, void *Buffer, DWORD BufferLength);
289STDAPI_(DWORD) PssWalkSnapshot(HPSS SnapshotHandle, PSS_WALK_INFORMATION_CLASS InformationClass, HPSSWALK WalkMarkerHandle, void *Buffer, DWORD BufferLength);
290STDAPI_(DWORD) PssDuplicateSnapshot(HANDLE SourceProcessHandle, HPSS SnapshotHandle, HANDLE TargetProcessHandle, HPSS *TargetSnapshotHandle, PSS_DUPLICATE_FLAGS Flags);
291STDAPI_(DWORD) PssWalkMarkerCreate(PSS_ALLOCATOR const *Allocator, HPSSWALK *WalkMarkerHandle);
292STDAPI_(DWORD) PssWalkMarkerFree(HPSSWALK WalkMarkerHandle);
293STDAPI_(DWORD) PssWalkMarkerGetPosition(HPSSWALK WalkMarkerHandle, ULONG_PTR *Position);
294STDAPI_(DWORD) PssWalkMarkerSetPosition(HPSSWALK WalkMarkerHandle, ULONG_PTR Position);
295STDAPI_(DWORD) PssWalkMarkerSeekToBeginning(HPSSWALK WalkMarkerHandle);
296
297#endif /* (NTDDI_VERSION >= NTDDI_WIN8) */
298#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) */
299#endif /* PROCESSSNAPSHOT_H */