Reputation: 652
How to list threads in WinDbg (kernel debugging)
Does anyone know how I can list all threads in WinDbg while kernel debugging. I have found older references that say ~ but that does not work.
Specifically, I am looking to the find the ID of a thread that caused an event, namely a breakpoint.
Upvotes: 12
Views: 33799
Answers (2)
Reputation: 5489
You can always use the @$thread pseudo register to reference the current thread object:
0: kd> r @$thread
$thread=fffff80002c02cc0
If you want the ID of the thread, you'll need to dig it out of the ETHREAD. Luckily, the @$thread is typed as a pointer to an ETHREAD if you're using the C++ evaluator:
0: kd> ?? @$thread->Cid
struct _CLIENT_ID
+0x000 UniqueProcess : 0x00000000`00001408 Void
+0x008 UniqueThread : 0x00000000`0000144c Void
Upvotes: 8
Reputation: 74654
~ only works in user mode. To list all threads on the system, it's !process 0 1 as I recall (it's been awhile).
"Specifically I am looking to the find the ID of a thread that caused an event, namely a breakpoint."
This statement doesn't make much sense to do from kernel mode. Can you descrive more about what your scenario is?
Edit: Ah, now I get it. You want to know which thread you're currently in right now. Give !thread a go.
Upvotes: 12
Related Questions
- Can Windbg display thread names?
- How to get thread stack information on Windows?
- Windbg: How to show thread details inside thread execute command?
- How do you set the current thread when using windbg
- windbg output from !thread?
- How to list threads in the same process?
- How to examine user thread call stack from windbg kernel debugger?
- How do I determine which are the foreground .NET threads from WinDBG?
- How to get thread IDs from a memory dump in WinDbg?
- How to get the parent thread in WinDBG?