PROCESS_WS_WATCH_INFORMATION - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers

#ifndef _NTPSAPI_H
// Process information structures
#if (PHNT_MODE != PHNT_MODE_KERNEL)

typedef struct _PROCESS_WS_WATCH_INFORMATION
{
    PVOID FaultingPc;
    PVOID FaultingVa;
} PROCESS_WS_WATCH_INFORMATION, *PPROCESS_WS_WATCH_INFORMATION;

#endif
#endif
View code on GitHub

This structure defines a Working Set Watch entry.

Applicable to

NtQueryInformationProcess with ProcessWorkingSetWatch (15)
PROCESS_WS_WATCH_INFORMATION_EX

Members

FaultingPc

The instruction pointer at the moment of the page fault.

FaultingVa

The virtual address that triggered the page fault.

Edit description on GitHub