| Debugging Tools for Windows |
This topic provides a brief overview of how threads and processes can be manipulated using the WdbgExts API. For an overview of threads and processes in the debugger engine, see Threads and Processes in the Debugger Engine Overview section of this documentation.
To get the address of the thread environment block (TEB) that describes the current thread, use the method GetTebAddress. In kernel-mode debugging, the KTHREAD structure is also available to describe a thread. This structure is returned by GetCurrentThreadAddr (in user-mode debugging, GetCurrentThreadAddr returns the address of the TEB).
The thread context is the state preserved by Windows when switching threads; it is represented by the CONTEXT structure. This structure varies with the operating system and platform and care should be taken when using the CONTEXT structure. The thread context is returned by the GetContext function and can be set using the SetContext function.
To examine the stack trace for the current thread, use the StackTrace function. To temporarily change the thread used for examining the stack trace, use the SetThreadForOperation or SetThreadForOperation64 functions. See Examining the Stack Trace in the Using the Debugger Engine API section of this documentation for additional methods for examining the stack.
To get information about an operating system thread in the target, use the Ioctl operation IG_GET_THREAD_OS_INFO.
To get the address of the process environment block (PEB) that describes the current process use the method GetPebAddress. In kernel-mode debugging, the KPROCESS structure is also available to describe a process. This structure is returned by GetCurrentProcessAddr (in user-mode debugging, GetCurrentProcessAddr returns the address of the PEB).
The method GetCurrentProcessHandle returns the system handle for the current process.
For a more powerful thread manipulation and process manipulation API, see Controlling Threads and Processes in the Using the Debugger Engine API section of this documentation.