Process Hacker
ntdbg.h File Reference

Go to the source code of this file.

Data Structures

struct  _DBGKM_EXCEPTION
 
struct  _DBGKM_CREATE_THREAD
 
struct  _DBGKM_CREATE_PROCESS
 
struct  _DBGKM_EXIT_THREAD
 
struct  _DBGKM_EXIT_PROCESS
 
struct  _DBGKM_LOAD_DLL
 
struct  _DBGKM_UNLOAD_DLL
 
struct  _DBGUI_CREATE_THREAD
 
struct  _DBGUI_CREATE_PROCESS
 
struct  _DBGUI_WAIT_STATE_CHANGE
 

Macros

#define DEBUG_READ_EVENT   0x0001
 
#define DEBUG_PROCESS_ASSIGN   0x0002
 
#define DEBUG_SET_INFORMATION   0x0004
 
#define DEBUG_QUERY_INFORMATION   0x0008
 
#define DEBUG_ALL_ACCESS
 
#define DEBUG_KILL_ON_CLOSE   0x1
 

Typedefs

typedef struct _DBGKM_EXCEPTION DBGKM_EXCEPTION
 
typedef struct _DBGKM_EXCEPTIONPDBGKM_EXCEPTION
 
typedef struct _DBGKM_CREATE_THREAD DBGKM_CREATE_THREAD
 
typedef struct
_DBGKM_CREATE_THREAD
PDBGKM_CREATE_THREAD
 
typedef struct
_DBGKM_CREATE_PROCESS 
DBGKM_CREATE_PROCESS
 
typedef struct
_DBGKM_CREATE_PROCESS
PDBGKM_CREATE_PROCESS
 
typedef struct _DBGKM_EXIT_THREAD DBGKM_EXIT_THREAD
 
typedef struct _DBGKM_EXIT_THREADPDBGKM_EXIT_THREAD
 
typedef struct _DBGKM_EXIT_PROCESS DBGKM_EXIT_PROCESS
 
typedef struct
_DBGKM_EXIT_PROCESS
PDBGKM_EXIT_PROCESS
 
typedef struct _DBGKM_LOAD_DLL DBGKM_LOAD_DLL
 
typedef struct _DBGKM_LOAD_DLLPDBGKM_LOAD_DLL
 
typedef struct _DBGKM_UNLOAD_DLL DBGKM_UNLOAD_DLL
 
typedef struct _DBGKM_UNLOAD_DLLPDBGKM_UNLOAD_DLL
 
typedef enum _DBG_STATE DBG_STATE
 
typedef enum _DBG_STATEPDBG_STATE
 
typedef struct _DBGUI_CREATE_THREAD DBGUI_CREATE_THREAD
 
typedef struct
_DBGUI_CREATE_THREAD
PDBGUI_CREATE_THREAD
 
typedef struct
_DBGUI_CREATE_PROCESS 
DBGUI_CREATE_PROCESS
 
typedef struct
_DBGUI_CREATE_PROCESS
PDBGUI_CREATE_PROCESS
 
typedef struct
_DBGUI_WAIT_STATE_CHANGE 
DBGUI_WAIT_STATE_CHANGE
 
typedef struct
_DBGUI_WAIT_STATE_CHANGE
PDBGUI_WAIT_STATE_CHANGE
 
typedef enum _DEBUGOBJECTINFOCLASS DEBUGOBJECTINFOCLASS
 
typedef enum
_DEBUGOBJECTINFOCLASS
PDEBUGOBJECTINFOCLASS
 

Enumerations

enum  _DBG_STATE {
  DbgIdle, DbgReplyPending, DbgCreateThreadStateChange, DbgCreateProcessStateChange,
  DbgExitThreadStateChange, DbgExitProcessStateChange, DbgExceptionStateChange, DbgBreakpointStateChange,
  DbgSingleStepStateChange, DbgLoadDllStateChange, DbgUnloadDllStateChange
}
 
enum  _DEBUGOBJECTINFOCLASS { DebugObjectFlags = 1, MaxDebugObjectInfoClass }
 

Functions

NTSYSCALLAPI NTSTATUS NTAPI NtCreateDebugObject (_Out_ PHANDLE DebugObjectHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ ULONG Flags)
 
NTSYSCALLAPI NTSTATUS NTAPI NtDebugActiveProcess (_In_ HANDLE ProcessHandle, _In_ HANDLE DebugObjectHandle)
 
NTSYSCALLAPI NTSTATUS NTAPI NtDebugContinue (_In_ HANDLE DebugObjectHandle, _In_ PCLIENT_ID ClientId, _In_ NTSTATUS ContinueStatus)
 
NTSYSCALLAPI NTSTATUS NTAPI NtRemoveProcessDebug (_In_ HANDLE ProcessHandle, _In_ HANDLE DebugObjectHandle)
 
NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationDebugObject (_In_ HANDLE DebugObjectHandle, _In_ DEBUGOBJECTINFOCLASS DebugObjectInformationClass, _In_ PVOID DebugInformation, _In_ ULONG DebugInformationLength, _Out_opt_ PULONG ReturnLength)
 
NTSYSCALLAPI NTSTATUS NTAPI NtWaitForDebugEvent (_In_ HANDLE DebugObjectHandle, _In_ BOOLEAN Alertable, _In_opt_ PLARGE_INTEGER Timeout, _Out_ PVOID WaitStateChange)
 
NTSYSAPI NTSTATUS NTAPI DbgUiConnectToDbg (VOID)
 
NTSYSAPI HANDLE NTAPI DbgUiGetThreadDebugObject (VOID)
 
NTSYSAPI VOID NTAPI DbgUiSetThreadDebugObject (_In_ HANDLE DebugObject)
 
NTSYSAPI NTSTATUS NTAPI DbgUiWaitStateChange (_Out_ PDBGUI_WAIT_STATE_CHANGE StateChange, _In_opt_ PLARGE_INTEGER Timeout)
 
NTSYSAPI NTSTATUS NTAPI DbgUiContinue (_In_ PCLIENT_ID AppClientId, _In_ NTSTATUS ContinueStatus)
 
NTSYSAPI NTSTATUS NTAPI DbgUiStopDebugging (_In_ HANDLE Process)
 
NTSYSAPI NTSTATUS NTAPI DbgUiDebugActiveProcess (_In_ HANDLE Process)
 
NTSYSAPI VOID NTAPI DbgUiRemoteBreakin (_In_ PVOID Context)
 
NTSYSAPI NTSTATUS NTAPI DbgUiIssueRemoteBreakin (_In_ HANDLE Process)
 
NTSYSAPI NTSTATUS NTAPI DbgUiConvertStateChangeStructure (_In_ PDBGUI_WAIT_STATE_CHANGE StateChange, _Out_ struct _DEBUG_EVENT *DebugEvent)
 

Macro Definition Documentation

#define DEBUG_ALL_ACCESS
Value:
(STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | \
DEBUG_QUERY_INFORMATION)

Definition at line 102 of file ntdbg.h.

#define DEBUG_KILL_ON_CLOSE   0x1

Definition at line 106 of file ntdbg.h.

#define DEBUG_PROCESS_ASSIGN   0x0002

Definition at line 99 of file ntdbg.h.

#define DEBUG_QUERY_INFORMATION   0x0008

Definition at line 101 of file ntdbg.h.

#define DEBUG_READ_EVENT   0x0001

Definition at line 98 of file ntdbg.h.

#define DEBUG_SET_INFORMATION   0x0004

Definition at line 100 of file ntdbg.h.

Typedef Documentation

typedef enum _DBG_STATE DBG_STATE
typedef enum _DBG_STATE * PDBG_STATE
typedef struct _DBGKM_LOAD_DLL * PDBGKM_LOAD_DLL

Enumeration Type Documentation

enum _DBG_STATE
Enumerator:
DbgIdle 
DbgReplyPending 
DbgCreateThreadStateChange 
DbgCreateProcessStateChange 
DbgExitThreadStateChange 
DbgExitProcessStateChange 
DbgExceptionStateChange 
DbgBreakpointStateChange 
DbgSingleStepStateChange 
DbgLoadDllStateChange 
DbgUnloadDllStateChange 

Definition at line 52 of file ntdbg.h.

Enumerator:
DebugObjectFlags 
MaxDebugObjectInfoClass 

Definition at line 108 of file ntdbg.h.

Function Documentation

NTSYSAPI NTSTATUS NTAPI DbgUiConnectToDbg ( VOID  )
NTSYSAPI NTSTATUS NTAPI DbgUiContinue ( _In_ PCLIENT_ID  AppClientId,
_In_ NTSTATUS  ContinueStatus 
)
NTSYSAPI NTSTATUS NTAPI DbgUiConvertStateChangeStructure ( _In_ PDBGUI_WAIT_STATE_CHANGE  StateChange,
_Out_ struct _DEBUG_EVENT *  DebugEvent 
)
NTSYSAPI NTSTATUS NTAPI DbgUiDebugActiveProcess ( _In_ HANDLE  Process)
NTSYSAPI HANDLE NTAPI DbgUiGetThreadDebugObject ( VOID  )
NTSYSAPI NTSTATUS NTAPI DbgUiIssueRemoteBreakin ( _In_ HANDLE  Process)
NTSYSAPI VOID NTAPI DbgUiRemoteBreakin ( _In_ PVOID  Context)
NTSYSAPI VOID NTAPI DbgUiSetThreadDebugObject ( _In_ HANDLE  DebugObject)
NTSYSAPI NTSTATUS NTAPI DbgUiStopDebugging ( _In_ HANDLE  Process)
NTSYSAPI NTSTATUS NTAPI DbgUiWaitStateChange ( _Out_ PDBGUI_WAIT_STATE_CHANGE  StateChange,
_In_opt_ PLARGE_INTEGER  Timeout 
)
NTSYSCALLAPI NTSTATUS NTAPI NtCreateDebugObject ( _Out_ PHANDLE  DebugObjectHandle,
_In_ ACCESS_MASK  DesiredAccess,
_In_ POBJECT_ATTRIBUTES  ObjectAttributes,
_In_ ULONG  Flags 
)
NTSYSCALLAPI NTSTATUS NTAPI NtDebugActiveProcess ( _In_ HANDLE  ProcessHandle,
_In_ HANDLE  DebugObjectHandle 
)
NTSYSCALLAPI NTSTATUS NTAPI NtDebugContinue ( _In_ HANDLE  DebugObjectHandle,
_In_ PCLIENT_ID  ClientId,
_In_ NTSTATUS  ContinueStatus 
)
NTSYSCALLAPI NTSTATUS NTAPI NtRemoveProcessDebug ( _In_ HANDLE  ProcessHandle,
_In_ HANDLE  DebugObjectHandle 
)
NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationDebugObject ( _In_ HANDLE  DebugObjectHandle,
_In_ DEBUGOBJECTINFOCLASS  DebugObjectInformationClass,
_In_ PVOID  DebugInformation,
_In_ ULONG  DebugInformationLength,
_Out_opt_ PULONG  ReturnLength 
)
NTSYSCALLAPI NTSTATUS NTAPI NtWaitForDebugEvent ( _In_ HANDLE  DebugObjectHandle,
_In_ BOOLEAN  Alertable,
_In_opt_ PLARGE_INTEGER  Timeout,
_Out_ PVOID  WaitStateChange 
)