NtQueueApcThread - NtDoc
Native API online documentation, based on the System Informer
(formerly Process Hacker) phnt
headers
#ifndef _NTPSAPI_H
// Threads
#if (PHNT_MODE != PHNT_MODE_KERNEL)
/**
* Queues an APC (Asynchronous Procedure Call) to a thread.
*
* @param ThreadHandle Handle to the thread to which the APC is to be queued.
* @param ApcRoutine A pointer to the RtlDispatchAPC function or custom APC routine to be executed.
* @param ApcArgument1 Optional first argument to be passed to the APC routine.
* @param ApcArgument2 Optional second argument to be passed to the APC routine.
* @param ApcArgument3 Optional third argument to be passed to the APC routine.
* @return NTSTATUS Successful or errant status.
* @remarks The APC will be executed in the context of the specified thread when the thread enters an alertable wait state or when any
* process calls the NtTestAlert, NtAlertThread, NtAlertResumeThread or NtAlertThreadByThreadId functions.
*/
NTSYSCALLAPI
NTSTATUS
NTAPI
NtQueueApcThread(
_In_ HANDLE ThreadHandle,
_In_ PPS_APC_ROUTINE ApcRoutine, // RtlDispatchAPC
_In_opt_ PVOID ApcArgument1,
_In_opt_ PVOID ApcArgument2,
_In_opt_ PVOID ApcArgument3
);
View code on GitHub#ifndef _NTZWAPI_H
NTSYSCALLAPI
NTSTATUS
NTAPI
ZwQueueApcThread(
_In_ HANDLE ThreadHandle,
_In_ PPS_APC_ROUTINE ApcRoutine,
_In_opt_ PVOID ApcArgument1,
_In_opt_ PVOID ApcArgument2,
_In_opt_ PVOID ApcArgument3
);
View code on GitHubQueues a user-mode Asynchronous Procedure Call (APC) on the specified thread.
ThreadHandle - a handle the the thread granting the THREAD_SET_CONTEXT access.ApcRoutine - the address of the function to invoke.ApcArgument1 - the first argument to pass to the APC routine.ApcArgument2 - the second argument to pass to the APC routine.ApcArgument3 - the third argument to pass to the APC routine.To execute the APC, the thread must first enter an alertable wait via NtDelayExecution (or a similar function) or call NtTestAlert.
To queue a WoW64 APC, encode the ApcRoutine parameter using the Wow64EncodeApcRoutine macro or use RtlQueueApcWow64Thread.
To specify the reserve object or use special user-mode APCs, see NtQueueApcThreadEx and NtQueueApcThreadEx2.
Note that user APCs on the Native API level have three parameters in contrast with the Win32 APCs that only have one.