Process Snapshotting
Overview of the Process Snapshotting technology.
To develop Process Snapshotting, you need these headers:
For programming guidance for this technology, see:
Enumerations
| Title | Description |
|---|---|
| PSS_CAPTURE_FLAGS | Flags that specify what PssCaptureSnapshot captures. |
| PSS_DUPLICATE_FLAGS | Duplication flags for use by PssDuplicateSnapshot. |
| PSS_HANDLE_FLAGS | Flags to specify what parts of a PSS_HANDLE_ENTRY structure are valid. |
| PSS_OBJECT_TYPE | Specifies the object type in a PSS_HANDLE_ENTRY structure. |
| PSS_PROCESS_FLAGS | Flags that describe a process. |
| PSS_QUERY_INFORMATION_CLASS | Specifies what information PssQuerySnapshot function returns. |
| PSS_THREAD_FLAGS | Flags that describe a thread. |
| PSS_WALK_INFORMATION_CLASS | Specifies what information the PssWalkSnapshot function returns. |
Functions
| Title | Description |
|---|---|
| PssCaptureSnapshot | Captures a snapshot of a target process. |
| PssDuplicateSnapshot | Duplicates a snapshot handle from one process to another. |
| PssFreeSnapshot | Frees a snapshot. |
| PssQuerySnapshot | Queries the snapshot. |
| PssWalkMarkerCreate | Creates a walk marker. |
| PssWalkMarkerFree | Frees a walk marker created by PssWalkMarkerCreate. |
| PssWalkMarkerGetPosition | Returns the current position of a walk marker. |
| PssWalkMarkerSeekToBeginning | Rewinds a walk marker back to the beginning. |
| PssWalkMarkerSetPosition | Sets the position of a walk marker. |
| PssWalkSnapshot | Returns information from the current walk position and advanced the walk marker to the next position. |
Structures
| Title | Description |
|---|---|
| PSS_ALLOCATOR | Specifies custom functions which the Process Snapshotting functions use to allocate and free the internal walk marker structures. |
| PSS_AUXILIARY_PAGE_ENTRY | Holds auxiliary page entry information returned by PssWalkSnapshot. |
| PSS_AUXILIARY_PAGES_INFORMATION | Holds auxiliary pages information returned by PssQuerySnapshot. |
| PSS_HANDLE_ENTRY | Holds information about a handle returned by PssWalkSnapshot. |
| PSS_HANDLE_INFORMATION | Holds handle information returned by PssQuerySnapshot. |
| PSS_HANDLE_TRACE_INFORMATION | Holds handle trace information returned by PssQuerySnapshot. |
| PSS_PERFORMANCE_COUNTERS | Holds performance counters returned by PssQuerySnapshot. |
| PSS_PROCESS_INFORMATION | Holds process information returned by PssQuerySnapshot. |
| PSS_THREAD_ENTRY | Holds thread information returned by PssWalkSnapshotPssWalkSnapshot. |
| PSS_THREAD_INFORMATION | Holds thread information returned by PssQuerySnapshot. |
| PSS_VA_CLONE_INFORMATION | Holds virtual address (VA) clone information returned by PssQuerySnapshot. |
| PSS_VA_SPACE_ENTRY | Holds the MEMORY_BASIC_INFORMATION returned by PssWalkSnapshot for a virtual address (VA) region. |
| PSS_VA_SPACE_INFORMATION | Holds virtual address (VA) space information returned by PssQuerySnapshot. |