NtTerminateProcess - NtDoc
Native API online documentation, based on the System Informer
(formerly Process Hacker) phnt
headers
#ifndef _NTPSAPI_H
//
// Processes
//
#if (PHNT_MODE != PHNT_MODE_KERNEL)
/**
* Terminates the specified process.
*
* @param ProcessHandle Optional. A handle to the process to be terminated. If this parameter is NULL, the calling process is terminated.
* @param ExitStatus The exit status to be used by the process and the process's termination status.
* @return NTSTATUS Successful or errant status.
*/
NTSYSCALLAPI
NTSTATUS
NTAPI
NtTerminateProcess(
_In_opt_ HANDLE ProcessHandle,
_In_ NTSTATUS ExitStatus
);
View code on GitHub#ifndef _NTZWAPI_H
NTSYSCALLAPI
NTSTATUS
NTAPI
ZwTerminateProcess(
_In_opt_ HANDLE ProcessHandle,
_In_ NTSTATUS ExitStatus
);
View code on GitHubForces the process to terminate. This function is documented in Windows Driver Kit.
ProcessHandle - an optional handle to a process granting PROCESS_TERMINATE access or the NtCurrentProcess pseudo-handle. The NULL value indicates the current process.ExitStatus - the exit code to use for the process.Note that specifying NULL as a process handle has a different semantic compared to using NtCurrentProcess. NtCurrentProcess immediately terminates the current process (without returning from the function) while NULL terminates all threads except for the calling, sets the exit status, and marks the process for self-delete. A second call to NtTerminateProcess with NULL completes termination.
To exit the current process gracefully, use RtlExitUserProcess.
Setting ExitStatus to DBG_TERMINATE_PROCESS automatically clears the process's debug object.
The process object becomes signalled after termination.