Home > Others

Windbg command -! Drvobj

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

! Drvobj
! Mongobj
! Podev
! Devstack

"! Drvobj driver name | pdriver_object Pointer "lists all devices created by the driver.

Kd>! Drvobj/driver/i8042prt
Driver object (82158040) is:
/Driver/i8042prt
Driver extension list: (ID, ADDR)

Device object list:
8213c3d0 82153738

When you have a device list, input the device pointer! Invalid BJ or! Devstack to get more information.

Kd>! Devobj 8213c3d0
Device object (8213c3d0) is:
/Driver/i8042prt driverobject 82158040
Current IRP 00000000 refcount 0 type 00000027 flags 00002004
Devext 8213c488 extends bjext 8213c768
Extensionflags (0xe0000000) doe_raw_fdo, doe_bottom_of_fdo_stack,
Doe_designated_fdo
Attacheddevice (upper) 8213c250/driver/Verifier
Attachedto (lower) 8213c820/driver/Verifier
Device queue is not busy.

If the device is a PNP device object (fdo, PDO, filter, doesn't matter ),! Devstack displays all the stacks of the device.

Above reference http://blogs.msdn.com/doronh/archive/2006/03/15/552301.aspx

DT nt! _ IRP display IRP Data Structure

Kd> DT nt! _ IRP
+ 0x000 type: int2b
+ 0x002 size: uint2b
+ 0x004 mdladdress: ptr32 _ MDL
+ 0x008 flags: uint4b
+ 0x00c associatedirp: _ unnamed
+ 0x010 threadlistentry: _ list_entry
+ 0x018 iostatus: _ io_status_block
+ 0x020 requestormode: Char
+ 0x021 pendingreturned: uchar
+ 0x022 stackcount: Char
+ 0x023 currentlocation: Char
+ 0x024 cancel: uchar
+ 0x025 cancelirql: uchar
+ 0x026 apcenvironment: Char
+ 0x027 allocationflags: uchar
+ 0x028 useriosb: ptr32 _ io_status_block
+ 0x02c userevent: ptr32 _ kevent
+ 0x030 overlay: _ unnamed
+ 0x038 cancelroutine: ptr32
+ 0x03c userbuffer: ptr32 void
+ 0x040 tail: _ unnamed

Bu drivername! DriverEntry, where drivername is the name of the driver, and DriverEntry is the name of the function to be interrupted, so that if the driver runs, it will stop at DriverEntry.
BP mydriver! XYZ indicates the name of the breakpoint in the module (<module>! <Name> );
BP f89adeaa is set in a given address
BL list all breakpoints
The parameter after the BC clear breakpoint is the number corresponding to the breakpoint

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More