PROCESS_WS_WATCH_INFORMATION - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTPSAPI_H
#if (PHNT_MODE != PHNT_MODE_KERNEL)

/**
 * The PROCESS_WS_WATCH_INFORMATION structure is used to store information about working set watch events for a process.
 *
 * \remarks https://learn.microsoft.com/en-us/windows/win32/api/psapi/ns-psapi-psapi_ws_watch_information
 */
typedef struct _PROCESS_WS_WATCH_INFORMATION
{
    PVOID FaultingPc; // A pointer to the instruction that caused the page fault.
    PVOID FaultingVa; // A pointer to the page that was added to the working set.
} PROCESS_WS_WATCH_INFORMATION, *PPROCESS_WS_WATCH_INFORMATION;

#endif
#endif

View code on GitHub

NtDoc

This structure defines a Working Set Watch entry.

Applicable to

Members

FaultingPc

The instruction pointer at the moment of the page fault.

FaultingVa

The virtual address that triggered the page fault.

Edit description on GitHub

NTinternals.net (undocumented.ntinternals.net)

FaultingPc

FaultingVa

Documented by

See also

Edit description on GitHub