ZwTerminateProcess function (ntddk.h)
The ZwTerminateProcess routine terminates a process and all of its threads.
Syntax
NTSYSAPI NTSTATUS ZwTerminateProcess(
[in, optional] HANDLE ProcessHandle,
[in] NTSTATUS ExitStatus
);
Parameters
[in, optional] ProcessHandle
A handle to the process object that represents the process to be terminated.
[in] ExitStatus
An NTSTATUS value that the operating system uses as the final status for the process and each of its threads.
Return value
ZwTerminateProcess returns STATUS_SUCCESS if the operation succeeds. Additional return values include:
| Return code | Description |
|---|---|
| STATUS_OBJECT_TYPE_MISMATCH | The specified handle is not a process handle. |
| STATUS_INVALID_HANDLE | The specified handle is not valid. |
| STATUS_ACCESS_DENIED | The driver cannot access the specified process object. |
| STATUS_PROCESS_IS_TERMINATING | The specified process is already terminating. |
If the caller specifies the current process in the ProcessHandle parameter, ZwTerminateProcess does not return.
Remarks
To obtain a process handle that a driver can specify for the ProcessHandle parameter, the driver can call ZwOpenProcess. The handle must be a kernel handle, a handle that can only be accessed in kernel mode. A handle is a kernel handle if it is created with the OBJ_KERNEL_HANDLE flag. For more info see InitializeObjectAttributes.
Drivers must not specify the current process if resources have not been freed from the kernel stack, because the operating system will not unwind the kernel stack for the calling thread.
If the call to this function occurs in user mode, you should use the name "NtTerminateProcess" instead of "ZwTerminateProcess".
For calls from kernel-mode drivers, the NtXxx and ZwXxx versions of a Windows Native System Services routine can behave differently in the way that they handle and interpret input parameters. For more information about the relationship between the NtXxx and ZwXxx versions of a routine, see Using Nt and Zw Versions of the Native System Services Routines.
Requirements
| Requirement | Value |
|---|---|
| Target Platform | Universal |
| Header | ntddk.h (include Ntddk.h) |
| Library | NtosKrnl.lib |
| DLL | NtosKrnl.exe |
| IRQL | PASSIVE_LEVEL |
| DDI compliance rules | HwStorPortProhibitedDDIs(storport), PowerIrpDDis(wdm) |
See also
Using Nt and Zw Versions of the Native System Services Routines