PROCESS_HANDLE_TRACING_QUERY - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers

#ifndef _NTPSAPI_H
#if (PHNT_MODE != PHNT_MODE_KERNEL)

typedef struct _PROCESS_HANDLE_TRACING_QUERY
{
    _In_opt_ HANDLE Handle;
    _Out_ ULONG TotalTraces;
    _Out_ _Field_size_(TotalTraces) PROCESS_HANDLE_TRACING_ENTRY HandleTrace[1];
} PROCESS_HANDLE_TRACING_QUERY, *PPROCESS_HANDLE_TRACING_QUERY;

#endif
#endif
View code on GitHub

This structure contains returned handle tracing records for the process.

Applicable to

NtQueryInformationProcess with ProcessHandleTracing (32)

Members

Handle

On input, specifies an optional handle value to filter the returned entries. Set this field to NULL to disable filtering.

TotalTraces

On output, contains the number of returned entries in the HandleTrace field.

HandleTrace

On output, contains an array of handle tracing entries. See PROCESS_HANDLE_TRACING_ENTRY for more details.

See also

Edit description on GitHub