The DEBUG_EVENT structure contains a CREATE_PROCESS_DEBUG_INFO structure. DEBUG_EVENT结构体包含了CREATE_PROCESS_DEBUG_INFO结构体。This structure includes a handle to the new process, a handle to the process's image file, a handle to the process's initial thread, and other information that describes the new process.这个结构体包含了新进程的句柄、进程映像文件的句柄、进程初始线程的句柄，以及其他描述新进程的信息。

The handle to the process has PROCESS_VM_READ and PROCESS_VM_WRITE access. 进程的句柄有PROCESS_VM_READ和PROCESS_VM_WRITE访问权限。If a debugger has these types of access to a thread, it can read and write to the process's memory by using the ReadProcessMemory and WriteProcessMemory functions.如果调试器对一个线程有这些权限，那么它就可以通过ReadProcessMemory和WriteProcessMemory函数读写进程的内存。 If the system previously reported an EXIT_PROCESS_DEBUG_EVENT event, the system closes this handle when the debugger calls the ContinueDebugEvent function.如果系统之前报告了一个EXIT_PROCESS_DEBUG_EVENT事件，系统会在调试器调用ContinueDebugEvent函数之后关闭这个句柄。

The handle to the process's image file has GENERIC_READ access and is opened for read-sharing. 进程映像文件的句柄有GENERIC_READ访问权限，并且是以读共享方式打开的。The debugger should close this handle while processing CREATE_PROCESS_DEBUG_EVENT.调试器应该在处理CREATE_PROCESS_DEBUG_EVENT时关闭这个句柄。

The handle to the process's initial thread has THREAD_GET_CONTEXT, THREAD_SET_CONTEXT, and THREAD_SUSPEND_RESUME access to the thread.函数初始线程的句柄拥有对线程的THREAD_GET_CONTEXT, THREAD_SET_CONTEXT和THREAD_SUSPEND_RESUME访问权限。 If a debugger has these types of access to a thread, it can read from and write to the thread's registers by using the GetThreadContext and SetThreadContext functions and can suspend and resume the thread by using the SuspendThread and ResumeThread functions. 如果一个调试器拥有一个线程的这三种访问权限，它可以通过GetThreadContext和SetThreadContext函数读写线程的寄存器，通过SuspendThread和ResumeThread函数挂起、恢复线程。If the system previously reported an EXIT_PROCESS_DEBUG_EVENT event, the system closes this handle when the debugger calls the ContinueDebugEvent function.如果系统之前报告了一个EXIT_PROCESS_DEBUG_EVENT事件，系统会在调试器调用ContinueDebugEvent函数后关闭这个句柄。

The DEBUG_EVENT structure contains a CREATE_THREAD_DEBUG_INFO structure.DEBUG_EVENT结构体包含了一个CREATE_THREAD_DEBUG_INFO结构体。 This structure includes a handle to the new thread and the thread's starting address.这个结构体包含了新线程的句柄和线程的开始地址。 The handle has THREAD_GET_CONTEXT, THREAD_SET_CONTEXT, and THREAD_SUSPEND_RESUME access to the thread.这个句柄对线程有THREAD_GET_CONTEXT、THREAD_SET_CONTEXT和THREAD_SUSPEND_RESUME访问权限。 If a debugger has these types of access to a thread, it can read from and write to the thread's registers by using the GetThreadContext and SetThreadContext functions and can suspend and resume the thread by using the SuspendThread and ResumeThread functions.如果调试器有对线程的这三种访问权限，它就可以用GetThreadContext和SetThreadContext函数读写线程的寄存器，用SuspendThread和ResumeThread函数挂起和恢复线程。

If the system previously reported an EXIT_THREAD_DEBUG_EVENT event, the system closes the handle to the new thread when the debugger calls the ContinueDebugEvent function.如果系统之前报告了EXIT_THREAD_DEBUG_EVENT事件，系统会在调试器调用ContinueDebugEvent函数时关闭新线程的句柄。

The DEBUG_EVENT structure contains an EXCEPTION_DEBUG_INFO structure. DEBUG_EVENT结构体包含了EXCEPTION_DEBUG_INFO结构体。This structure describes the exception that caused the debugging event.这个结构体描述了引起调试事件的异常。

Besides the standard exception conditions, an additional exception code can occur during console process debugging. 除了标准异常的情况，额外的异常代码在控制台进程的调试时也能够发生。The system generates a DBG_CONTROL_C exception code when CTRL+C is input to a console process that handles CTRL+C signals and is being debugged. 当一个控制台程序在被调试的时候处理CTRL+C信号时，系统会产生一个DBG_CONTROL_C异常代码。This exception code is not meant to be handled by applications. 这种异常代码不指望被应用程序处理。An application should never use an exception handler to deal with it.应用程序永远都不该使用异常处理函数处理它。 It is raised only for the benefit of the debugger and is only used when a debugger is attached to the console process.这种异常代码只对调试器来说有用，而且只在调试器附加到控制台程序时使用。

If a process is not being debugged or if the debugger passes on the DBG_CONTROL_C exception unhandled (through the gn command), the application's list of handler functions is searched, as documented for the SetConsoleCtrlHandler function.如果程序不是正在调试，或者调试器掠过了DBG_CONTROL_C异常而未作处理(通过gn命令)，应用程序会像SetConsoleCtrlHandler函数的文档中说的那样搜索异常处理函数列表。

If the debugger handles the DBG_CONTROL_C exception (through the gh command), an application will not notice the CTRL+C except in code like this
while ((inputChar = getchar()) != EOF) ...
.如果调试处理了DBG_CONTROL_C异常（通过gn命令），应用程序不会注意到类似while ((inputChar = getchar()) != EOF)的CTRL+C异常。
Thus, the debugger cannot be used to stop the read wait in such code from terminating.因此，调试器不能在这些代码中停止读取等待的终止。

The DEBUG_EVENT structure contains an EXIT_PROCESS_DEBUG_INFO structure that specifies the exit code.DEBUG_EVENT结构体包含了指明了退出码的EXIT_PROCESS_DEBUG_INFO结构体

The debugger deallocates any internal structures associated with the process on receipt of this debugging event.调试器在收到这个调试事件后释放所有与这个程序相关的调试事件的中间结构体。 The system closes the debugger's handle to the exiting process and all of the process's threads.系统关闭调试器中存在的正在退出程序的句柄以及进程的所有的线程。 The debugger should not close these handles.调试器不应该自己关闭这些句柄。

The kernel-mode portion of process shutdown cannot be completed until the debugger that receives this event calls ContinueDebugEvent.直到调试器收到这个事件调用ContinueDebugEvent函数后，程序内核模式的部分才会终止。 Until then, the process handles are open and the virtual address space is not released, so the debugger can examine the child process. 在那之前，进程的句柄是打开的，虚拟地址空间也没有释放，所以调试器可以检测该进程的子进程。To receive notification when the kernel-mode portion of process shutdown is complete, duplicate the handle returned with CREATE_PROCESS_DEBUG_EVENT, call ContinueDebugEvent, and then wait for the duplicated process handle to be signaled.如果想要在进程内核模式关闭完成的时候收到通知，可以复制用CREATE_PROCESS_DEBUG_EVENT返回的句柄，调用ContinueDebugEvent函数，然后等待复制的进程句柄变为有信号状态。

The DEBUG_EVENT structure contains an EXIT_THREAD_DEBUG_INFO structure that specifies the exit code.DEBUG_EVENT结构体包含了一个指定了线程退出码的EXIT_THREAD_DEBUG_INFO结构体。

This debugging event does not occur if the exiting thread is the last thread of a process. 当退出的线程是进程的最后一个线程时，这个调试异常不会发生。In this case, the EXIT_PROCESS_DEBUG_EVENT debugging event occurs instead.在这种情况下，取而代之的是发生了EXIT_PROCESS_DEBUG_EVENT异常。

The debugger deallocates any internal structures associated with the thread on receipt of this debugging event.调试器在收到这个调试事件后释放所有与这个线程相关的调试事件的中间结构体。 The system closes the debugger's handle to the exiting thread.系统关闭调试器中存在的退出线程的句柄。 The debugger should not close this handle.调试器不能自己关闭这个句柄。

The DEBUG_EVENT structure contains a LOAD_DLL_DEBUG_INFO structure.DEBUG_EVENT结构体包含了一个LOAD_DLL_DEBUG_INFO结构体。 This structure includes a handle to the newly loaded DLL, the base address of the DLL, and other information that describes the DLL.这个结构体包含了新加载DLL的句柄以及关于这个DLL的其他信息。 The debugger should close the handle to the DLL handle while processing LOAD_DLL_DEBUG_EVENT.调试器应该在处理LOAD_DLL_DEBUG_EVENT的时候关闭这个DLL句柄。

Typically, a debugger loads a symbol table associated with the DLL on receipt of this debugging event.通常，调试器在收到这个调试事件之后加载与这个DLL相关的符号表。

The DEBUG_EVENT structure contains an OUTPUT_DEBUG_STRING_INFO structure. DEBUG_EVENT结构体包含了OUTPUT_DEBUG_STRING_INFO结构体This structure specifies the address, length, and format of the debugging string.这个结构体指定了调试字符串的地址、长度、格式。

The DEBUG_EVENT structure contains an UNLOAD_DLL_DEBUG_INFO structure. This structure specifies the base address of the DLL in the address space of the process that unloads the DLL.DEBUG_EVENT结构体包含了一个UNLOAD_DLL_DEBUG_INFO结构体。

Typically, a debugger unloads a symbol table associated with the DLL upon receiving this debugging event.通常，调试器在收到这个调试事件之后卸载与这个DLL相关的符号表。

When a process exits, the system automatically unloads the process's DLLs, but does not generate an UNLOAD_DLL_DEBUG_EVENT debugging event.当进程退出的时候，系统自动的卸载进程的DLL，但是不产生UNLOAD_DLL_DEBUG_EVENT事件。

The DEBUG_EVENT structure contains a RIP_INFO structure. DEBUG_EVENT结构体包含了RIP_INFO结构体。This structure specifies the error and type of error.这个结构体指明了错误以及错误的类型。