RE: How can I see pending IRPs and queued APC in the thre ad

Srin_Kumar · February 3, 2003, 2:11pm

use !thread extension, or !process extension for listing pending irps. See
documentation on these extensions.

-----Original Message-----
From: xxxxx@citrix.co.jp [mailto:xxxxx@citrix.co.jp]
Sent: Monday, February 03, 2003 12:29 AM
To: NT Developers Interest List
Subject: [ntdev] How can I see pending IRPs and queued APC in the thread

Hi, All

I would like to know how to see pending IRPs, queued APC created by
Asynchronous I/O in the specified thread by using !ethread extention.
How can I see them?

If anyone know about it, Would you like to tell me how to do it?

Thanks a lot.
Futoshi

0: kd> !ethread 87e5f300
struct _ETHREAD (sizeof=584)
+000 struct _KTHREAD Tcb
+000 struct _DISPATCHER_HEADER Header
+000 byte Type = 06 .
+001 byte Absolute = 00 .
+002 byte Size = 6c l
+003 byte Inserted = 00 .
+004 int32 SignalState = 00000000
+008 struct _LIST_ENTRY WaitListHead
+008 struct _LIST_ENTRY *Flink = 889E3A2C
+00c struct _LIST_ENTRY *Blink = 889E3A2C
+010 struct _LIST_ENTRY MutantListHead
+010 struct _LIST_ENTRY *Flink = 87E5F310
+014 struct _LIST_ENTRY *Blink = 87E5F310
+018 void *InitialStack = EB498000
+01c void *StackLimit = EB495000
+020 void *Teb = 7FF9B000
+024 void *TlsArray = 00000000
+028 void *KernelStack = EB497C30
+02c byte DebugActive = 00 .
+02d byte State = 02 .
+02e byte Alerted[2] = 00 00 .
.
+030 byte Iopl = 00 .
+031 byte NpxState = 0a .
+032 char Saturation = 00 .
+033 char Priority = 08 .
+034 struct _KAPC_STATE ApcState
+034 struct _LIST_ENTRY ApcListHead[2]
+034 ApcListHead[0]
+034 struct _LIST_ENTRY *Flink = 8869F4D4
+038 struct _LIST_ENTRY *Blink = 8541B054
+03c ApcListHead[1]
+03c struct _LIST_ENTRY *Flink = 87E5F33C
+040 struct _LIST_ENTRY *Blink = 87E5F33C
+044 struct _KPROCESS *Process = 889E9020
+048 byte KernelApcInProgress = 00 .
+049 byte KernelApcPending = 01 .
+04a byte UserApcPending = 00 .
+04c uint32 ContextSwitches = 00108937
+050 int32 WaitStatus = 00000000
+054 byte WaitIrql = 02 .
+055 char WaitMode = 01 .
+056 byte WaitNext = 00 .
+057 byte WaitReason = 06 .
+058 struct _KWAIT_BLOCK *WaitBlockList = 87E5F36C
+05c struct _LIST_ENTRY WaitListEntry
+05c struct _LIST_ENTRY *Flink = 889C563C
+060 struct _LIST_ENTRY *Blink = 80482940
+064 uint32 WaitTime = 0dc9c743
+068 char BasePriority = 08 .
+069 byte DecrementCount = 10 .
+06a char PriorityDecrement = 00 .
+06b char Quantum = 06 .
+06c struct _KWAIT_BLOCK WaitBlock[4]
+06c WaitBlock[0]
+06c struct _LIST_ENTRY WaitListEntry
+06c struct _LIST_ENTRY *Flink = 87E82468
+070 struct _LIST_ENTRY *Blink = 87E82468
+074 struct _KTHREAD *Thread = 87E5F300
+078 void *Object = 87E82460
+07c struct _KWAIT_BLOCK *NextWaitBlock = 87E5F3B4
+080 uint16 WaitKey = 0000
+082 uint16 WaitType = 0001
+084 WaitBlock[1]
+084 struct _LIST_ENTRY WaitListEntry
+084 struct _LIST_ENTRY *Flink = 00000000
+088 struct _LIST_ENTRY *Blink = 00000000
+08c struct _KTHREAD *Thread = 87E5F300
+090 void *Object = 00000000
+094 struct _KWAIT_BLOCK *NextWaitBlock = 00000000
+098 uint16 WaitKey = 0000
+09a uint16 WaitType = 0000
+09c WaitBlock[2]
+09c struct _LIST_ENTRY WaitListEntry
+09c struct _LIST_ENTRY *Flink = 00000000
+0a0 struct _LIST_ENTRY *Blink = 00000000
+0a4 struct _KTHREAD *Thread = 87E5F300
+0a8 void *Object = 00000000
+0ac struct _KWAIT_BLOCK *NextWaitBlock = 00000000
+0b0 uint16 WaitKey = 0000
+0b2 uint16 WaitType = 0000
+0b4 WaitBlock[3]
+0b4 struct _LIST_ENTRY WaitListEntry
+0b4 struct _LIST_ENTRY *Flink = 87E5F3F0
+0b8 struct _LIST_ENTRY *Blink = 87E5F3F0
+0bc struct _KTHREAD *Thread = 87E5F300
+0c0 void *Object = 87E5F3E8
+0c4 struct _KWAIT_BLOCK *NextWaitBlock = 87E5F36C
+0c8 uint16 WaitKey = 0102
+0ca uint16 WaitType = 0001
+0cc void *LegoData = 00000000
+0d0 uint32 KernelApcDisable = 00000000
+0d4 uint32 UserAffinity = 00000003
+0d8 byte SystemAffinityActive = 00 .
+0d9 byte PowerState = 00 .
+0da byte NpxIrql = 00 .
+0db byte Pad[1] = 00 .
+0dc void *ServiceTable = 80482720
+0e0 struct _KQUEUE *Queue = 00000000
+0e4 uint32 ApcQueueLock = 00000001
+0e8 struct _KTIMER Timer
+0e8 struct _DISPATCHER_HEADER Header
+0e8 byte Type = 08 .
+0e9 byte Absolute = 00 .
+0ea byte Size = 0a .
+0eb byte Inserted = 00 .
+0ec int32 SignalState = 00000000
+0f0 struct _LIST_ENTRY WaitListHead
+0f0 struct _LIST_ENTRY *Flink = 87E5F3F0
+0f4 struct _LIST_ENTRY *Blink = 87E5F3F0
+0f8 union _ULARGE_INTEGER DueTime
+0f8 uint32 LowPart = a1352840
+0fc uint32 HighPart = 000020cd
+0f8 struct __unnamed12 u
+0f8 uint32 LowPart = a1352840
+0fc uint32 HighPart = 000020cd
+0f8 uint64 QuadPart = 000020cda1352840
+100 struct _LIST_ENTRY TimerListEntry
+100 struct _LIST_ENTRY *Flink = 82B44798
+104 struct _LIST_ENTRY *Blink = F8110580
+108 struct _KDPC *Dpc = 00000000
+10c int32 Period = 00000000
+110 struct _LIST_ENTRY QueueListEntry
+110 struct _LIST_ENTRY *Flink = 00000000
+114 struct _LIST_ENTRY *Blink = 00000000
+118 uint32 Affinity = 00000003
+11c byte Preempted = 01 .
+11d byte ProcessReadyQueue = 00 .
+11e byte KernelStackResident = 01 .
+11f byte NextProcessor = 00 .
+120 void *CallbackStack = 00000000
+124 void *Win32Thread = 00000000
+128 struct _KTRAP_FRAME *TrapFrame = EB497D64
+12c struct _KAPC_STATE *ApcStatePointer[2] = 87E5F334
87E5F440
+134 char PreviousMode = 01 .
+135 byte EnableStackSwap = 01 .
+136 byte LargeStack = 00 .
+137 byte ResourceIndex = 01 .
+138 uint32 KernelTime = 0004a4b1
+13c uint32 UserTime = 00000001
+140 struct _KAPC_STATE SavedApcState
+140 struct _LIST_ENTRY ApcListHead[2]
+140 ApcListHead[0]
+140 struct _LIST_ENTRY *Flink = 00000000
+144 struct _LIST_ENTRY *Blink = 00000000
+148 ApcListHead[1]
+148 struct _LIST_ENTRY *Flink = 00000000
+14c struct _LIST_ENTRY *Blink = 00000000
+150 struct _KPROCESS *Process = 00000000
+154 byte KernelApcInProgress = 00 .
+155 byte KernelApcPending = 00 .
+156 byte UserApcPending = 00 .
+158 byte Alertable = 00 .
+159 byte ApcStateIndex = 00 .
+15a byte ApcQueueable = 01 .
+15b byte AutoAlignment = 00 .
+15c void *StackBase = EB498000
+160 struct _KAPC SuspendApc
+160 int16 Type = 0012
+162 int16 Size = 0030
+164 uint32 Spare0 = 00000000
+168 struct _KTHREAD *Thread = 87E5F300
+16c struct _LIST_ENTRY ApcListEntry
+16c struct _LIST_ENTRY *Flink = 87E5F334
+170 struct _LIST_ENTRY *Blink = 87E5F334
+174 function *KernelRoutine = 8043071C
+178 function *RundownRoutine = 00000000
+17c function *NormalRoutine = 80430C8C
+180 void *NormalContext = 00000000
+184 void *SystemArgument1 = 00000000
+188 void *SystemArgument2 = 00000000
+18c char ApcStateIndex = 00 .
+18d char ApcMode = 00 .
+18e byte Inserted = 00 .
+190 struct _KSEMAPHORE SuspendSemaphore
+190 struct _DISPATCHER_HEADER Header
+190 byte Type = 05 .
+191 byte Absolute = 00 .
+192 byte Size = 05 .
+193 byte Inserted = 00 .
+194 int32 SignalState = 00000000
+198 struct _LIST_ENTRY WaitListHead
+198 struct _LIST_ENTRY *Flink = 87E5F498
+19c struct _LIST_ENTRY *Blink = 87E5F498
+1a0 int32 Limit = 00000002
+1a4 struct _LIST_ENTRY ThreadListEntry
+1a4 struct _LIST_ENTRY *Flink = 889E9070
+1a8 struct _LIST_ENTRY *Blink = 8831DDC4
+1ac char FreezeCount = 00 .
+1ad char SuspendCount = 00 .
+1ae byte IdealProcessor = 00 .
+1af byte DisableBoost = 00 .
+1b0 union _LARGE_INTEGER CreateTime
+1b0 uint32 LowPart = 12bb0bc0
+1b4 int32 HighPart = 0e153dee
+1b0 struct __unnamed3 u
+1b0 uint32 LowPart = 12bb0bc0
+1b4 int32 HighPart = 0e153dee
+1b0 int64 QuadPart = 0e153dee12bb0bc0
+1b0 bits0-1 NestedFaultCount = 0
+1b0 bits2-2 ApcNeeded = 0
+1b8 union _LARGE_INTEGER ExitTime
+1b8 uint32 LowPart = 87e5f4b8
+1bc int32 HighPart = 87e5f4b8
+1b8 struct __unnamed3 u
+1b8 uint32 LowPart = 87e5f4b8
+1bc int32 HighPart = 87e5f4b8
+1b8 int64 QuadPart = 87e5f4b887e5f4b8
+1b8 struct _LIST_ENTRY LpcReplyChain
+1b8 struct _LIST_ENTRY *Flink = 87E5F4B8
+1bc struct _LIST_ENTRY *Blink = 87E5F4B8
+1c0 int32 ExitStatus = 00000000
+1c0 void *OfsChain = 00000000
+1c4 struct _LIST_ENTRY PostBlockList
+1c4 struct _LIST_ENTRY *Flink = 87E5F4C4
+1c8 struct _LIST_ENTRY *Blink = 87E5F4C4
+1cc struct _LIST_ENTRY TerminationPortList
+1cc struct _LIST_ENTRY *Flink = E2782528
+1d0 struct _LIST_ENTRY *Blink = E2782528
+1d4 uint32 ActiveTimerListLock = 00000000
+1d8 struct _LIST_ENTRY ActiveTimerListHead
+1d8 struct _LIST_ENTRY *Flink = 87E5F4D8
+1dc struct _LIST_ENTRY *Blink = 87E5F4D8
+1e0 struct _CLIENT_ID Cid
+1e0 void *UniqueProcess = 000005D8
+1e4 void *UniqueThread = 000005C8
+1e8 struct _KSEMAPHORE LpcReplySemaphore
+1e8 struct _DISPATCHER_HEADER Header
+1e8 byte Type = 05 .
+1e9 byte Absolute = 00 .
+1ea byte Size = 05 .
+1eb byte Inserted = 00 .
+1ec int32 SignalState = 00000000
+1f0 struct _LIST_ENTRY WaitListHead
+1f0 struct _LIST_ENTRY *Flink = 87E5F4F0
+1f4 struct _LIST_ENTRY *Blink = 87E5F4F0
+1f8 int32 Limit = 00000001
+1fc void *LpcReplyMessage = 00000000
+200 uint32 LpcReplyMessageId = 00000000
+204 uint32 PerformanceCountLow = 00000000
+208 struct _PS_IMPERSONATION_INFORMATION *ImpersonationInfo =
00000000
+20c struct _LIST_ENTRY IrpList
+20c struct _LIST_ENTRY *Flink = 8869F498
+210 struct _LIST_ENTRY *Blink = 8807D1D8
+214 uint32 TopLevelIrp = 00000000
+218 struct _DEVICE_OBJECT *DeviceToVerify = 00000000
+21c uint32 ReadClusterSize = 00000007
+220 byte ForwardClusterOnly = 00 .
+221 byte DisablePageFaultClustering = 00 .
+222 byte DeadThread = 00 .
+223 byte HideFromDebugger = 00 .
+224 uint32 HasTerminated = 00000000
+228 uint32 GrantedAccess = 001f03ff
+22c struct _EPROCESS *ThreadsProcess = 889E9020
+230 void *StartAddress = 77E57532
+234 void *Win32StartAddress = 0100ADBA
+234 uint32 LpcReceivedMessageId = 0100adba
+238 byte LpcExitThreadCalled = 00 .
+239 byte HardErrorsAreDisabled = 00 .
+23a byte LpcReceivedMsgIdValid = 00 .
+23b byte ActiveImpersonationInfo = 00 .
+23c int32 PerformanceCountHigh = 00000000
+240 struct _LIST_ENTRY ThreadListEntry
+240 struct _LIST_ENTRY *Flink = 889E9290
+244 struct _LIST_ENTRY *Blink = 8831DE60

You are currently subscribed to ntdev as: xxxxx@nai.com
To unsubscribe send a blank email to xxxxx@lists.osr.com