archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/net/sockets/winsock2/wsp/afdsys/kdext/afdutil.c

5042 lines
148 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1992 Microsoft Corporation
  5. Module Name:
  7. afdutil.c
  9. Abstract:
  11. Utility functions for dumping various AFD structures.
  13. Author:
  15. Keith Moore (keithmo) 19-Apr-1995
  17. Environment:
  19. User Mode.
  21. Revision History:
  23. --*/
  26. #include "afdkdp.h"
  27. #pragma hdrstop
  30. //
  31. // Private constants.
  32. //
  34. //
  35. // Private globals.
  36. //
  38. PSTR WeekdayNames[] =
  39. {
  40. "Sun",
  41. "Mon",
  42. "Tue",
  43. "Wed",
  44. "Thu",
  45. "Fri",
  46. "Sat"
  47. };
  49. PSTR MonthNames[] =
  50. {
  51. "",
  52. "Jan",
  53. "Feb",
  54. "Mar",
  55. "Apr",
  56. "May",
  57. "Jun",
  58. "Jul",
  59. "Aug",
  60. "Sep",
  61. "Oct",
  62. "Nov",
  63. "Dec"
  64. };
  67. //
  68. // Private prototypes.
  69. //
  71. PSTR
  72. StructureTypeToString(
  73. USHORT Type
  74. );
  76. PSTR
  77. StructureTypeToStringBrief (
  78. USHORT Type
  79. );
  81. PSTR
  82. BooleanToString(
  83. BOOLEAN Flag
  84. );
  86. PSTR
  87. EndpointStateToString(
  88. UCHAR State
  89. );
  91. PSTR
  92. EndpointStateToStringBrief(
  93. UCHAR State
  94. );
  96. PSTR
  97. EndpointStateFlagsToString(
  98. );
  100. PSTR
  101. EndpointTypeToString(
  102. ULONG TypeFlags
  103. );
  105. PSTR
  106. ConnectionStateToString(
  107. USHORT State
  108. );
  110. PSTR
  111. ConnectionStateToStringBrief(
  112. USHORT State
  113. );
  115. PSTR
  116. ConnectionStateFlagsToString(
  117. );
  119. PSTR
  120. TranfileFlagsToString(
  121. VOID
  122. );
  124. PSTR
  125. TPacketsFlagsToStringNet(
  126. ULONG Flags,
  127. ULONG StateFlags
  128. );
  130. PSTR
  131. TPacketsFlagsToStringXp(
  132. ULONG Flags,
  133. ULONG StateFlags
  134. );
  136. VOID
  137. DumpAfdTPacketsInfoNet(
  138. ULONG64 ActualAddress
  139. );
  141. VOID
  142. DumpAfdTPacketsInfoBriefNet (
  143. ULONG64 ActualAddress
  144. );
  146. VOID
  147. DumpAfdTPacketsInfoXp(
  148. ULONG64 ActualAddress
  149. );
  151. VOID
  152. DumpAfdTPacketsInfoBriefXp (
  153. ULONG64 ActualAddress
  154. );
  156. PSTR
  157. BufferFlagsToString(
  158. );
  160. PSTR
  161. SystemTimeToString(
  162. LONGLONG Value
  163. );
  165. PSTR
  166. GroupTypeToString(
  167. AFD_GROUP_TYPE GroupType
  168. );
  170. VOID
  171. DumpReferenceDebug(
  172. PAFD_REFERENCE_DEBUG ReferenceDebug,
  173. ULONG CurrentSlot
  174. );
  176. BOOL
  177. IsTransmitIrpBusy(
  178. PIRP Irp
  179. );
  181. PSTR
  182. TdiServiceFlagsToStringBrief(
  183. ULONG Flags
  184. );
  187. //
  188. // Public functions.
  189. //
  191. VOID
  192. DumpAfdEndpoint(
  193. ULONG64 ActualAddress
  194. )
  196. /*++
  198. Routine Description:
  200. Dumps the specified AFD_ENDPOINT structure.
  202. Arguments:
  204. ActualAddress - The actual address where the structure resides on the
  205. debugee.
  207. Return Value:
  209. None.
  211. --*/
  213. {
  215. ULONG64 address;
  216. ULONG length;
  217. UCHAR transportAddress[MAX_TRANSPORT_ADDR];
  218. ULONG64 irp, process, pid, tinfo;
  219. ULONG result;
  220. PAFDKD_TRANSPORT_INFO transportInfo = NULL;
  221. USHORT type;
  222. UCHAR state;
  223. LONG stateChangeInProgress;
  224. ULONG stateFlags, tdiFlags;
  225. ULONG EventStatus[AFD_NUM_POLL_EVENTS];
  228. dprintf(
  229. "\nAFD_ENDPOINT @ %p:\n",
  230. ActualAddress
  231. );
  233. dprintf(
  234. " ReferenceCount = %ld\n",
  235. (ULONG)ReadField(ReferenceCount)
  236. );
  238. type=(USHORT)ReadField (Type);
  239. dprintf(
  240. " Type = %04X (%s)\n",
  241. type,
  242. StructureTypeToString( type )
  243. );
  245. state=(UCHAR)ReadField (State);
  246. dprintf(
  247. " State = %02X (%s)\n",
  248. state,
  249. EndpointStateToString(state)
  250. );
  252. if ((stateChangeInProgress=(ULONG)ReadField (StateChangeInProgress))!=0) {
  253. dprintf(
  254. " State changing to = %02X (%s)\n",
  255. stateChangeInProgress,
  256. EndpointStateToString( (UCHAR)stateChangeInProgress )
  257. );
  258. }
  261. tdiFlags=(ULONG)ReadField (TdiServiceFlags);
  262. dprintf(
  263. " TdiTransportFlags = %08lx (",
  264. tdiFlags
  265. );
  266. if (TDI_SERVICE_ORDERLY_RELEASE & tdiFlags)
  267. dprintf (" OrdRel");
  268. if (TDI_SERVICE_DELAYED_ACCEPTANCE & tdiFlags)
  269. dprintf (" DelAcc");
  270. if (TDI_SERVICE_EXPEDITED_DATA & tdiFlags)
  271. dprintf (" Expd");
  272. if (TDI_SERVICE_INTERNAL_BUFFERING & tdiFlags)
  273. dprintf (" Buff");
  274. if (TDI_SERVICE_MESSAGE_MODE & tdiFlags)
  275. dprintf (" Msg");
  276. if (TDI_SERVICE_DGRAM_CONNECTION & tdiFlags)
  277. dprintf (" DgramCon");
  278. if (TDI_SERVICE_FORCE_ACCESS_CHECK & tdiFlags)
  279. dprintf (" AccChk");
  280. if (TDI_SERVICE_SEND_AND_DISCONNECT & tdiFlags)
  281. dprintf (" S&D");
  282. if (TDI_SERVICE_DIRECT_ACCEPT & tdiFlags)
  283. dprintf (" DirAcc");
  284. if (TDI_SERVICE_ACCEPT_LOCAL_ADDR & tdiFlags)
  285. dprintf (" AccLAd");
  286. dprintf (" )\n");
  288. dprintf(
  289. " StateFlags = %08X (",
  290. stateFlags = (ULONG)ReadField (EndpointStateFlags)
  291. );
  293. if (ReadField (Listening))
  294. dprintf (" Listn");
  295. if (ReadField (DelayedAcceptance))
  296. dprintf (" DelAcc");
  297. if (ReadField (NonBlocking))
  298. dprintf (" NBlock");
  299. if (ReadField (InLine))
  300. dprintf (" InLine");
  301. if (ReadField (EndpointCleanedUp))
  302. dprintf (" Clnd-up");
  303. if (ReadField (PollCalled))
  304. dprintf (" Polled");
  305. if (ReadField (RoutingQueryReferenced))
  306. dprintf (" RtQ");
  307. if (SavedMinorVersion>=2246) {
  308. if (ReadField (RoutingQueryIPv6))
  309. dprintf (" RtQ6");
  310. }
  311. if (ReadField (DisableFastIoSend))
  312. dprintf (" -FastSnd");
  313. if (ReadField (EnableSendEvent))
  314. dprintf (" +SndEvt");
  315. if (ReadField (DisableFastIoRecv))
  316. dprintf (" -FastRcv");
  317. dprintf (" )\n");
  320. dprintf(
  321. " TransportInfo = %p\n",
  322. address = ReadField (TransportInfo)
  323. );
  325. if (address!=0) {
  326. PLIST_ENTRY listEntry;
  328. listEntry = TransportInfoList.Flink;
  329. while (listEntry!=&TransportInfoList) {
  330. transportInfo = CONTAINING_RECORD (listEntry, AFDKD_TRANSPORT_INFO, Link);
  331. if (transportInfo->ActualAddress==address)
  332. break;
  333. listEntry = listEntry->Flink;
  334. }
  336. if (listEntry==&TransportInfoList) {
  337. transportInfo = ReadTransportInfo (address);
  338. if (transportInfo!=NULL) {
  339. InsertHeadList (&TransportInfoList, &transportInfo->Link);
  340. }
  341. }
  343. if (transportInfo!=NULL) {
  344. dprintf(
  345. " TransportDeviceName = %ls\n",
  346. transportInfo->DeviceName
  347. );
  348. }
  350. }
  352. dprintf(
  353. " AddressHandle = %p\n",
  354. ReadField (AddressHandle)
  355. );
  357. dprintf(
  358. " AddressFileObject = %p\n",
  359. ReadField (AddressFileObject)
  360. );
  362. dprintf(
  363. " AddressDeviceObject = %p\n",
  364. ReadField (AddressDeviceObject)
  365. );
  367. dprintf(
  368. " AdminAccessGranted = %s\n",
  369. BooleanToString( (BOOLEAN)ReadField (AdminAccessGranted))
  370. );
  372. switch( type ) {
  374. case AfdBlockTypeVcConnecting :
  376. address = ReadField (Common.VirtualCircuit.Connection);
  377. dprintf(
  378. " Connection = %p",
  379. address!=0
  380. ? address
  381. : (((state==AfdEndpointStateClosing ||
  382. state==AfdEndpointStateTransmitClosing) &&
  383. ((address = ReadField (WorkItem.Context))!=0))
  384. ? address
  385. : 0)
  386. );
  388. if (address!=0) {
  389. ULONG64 connAddr = address;
  390. if (GetFieldValue (connAddr,
  391. "AFD!AFD_CONNECTION",
  392. "RemoteAddress",
  393. address)==0 &&
  394. address!=0 &&
  395. GetFieldValue (connAddr,
  396. "AFD!AFD_CONNECTION",
  397. "RemoteAddressLength",
  398. length)==0 &&
  399. length!=0 ) {
  401. if (ReadMemory (address,
  402. transportAddress,
  403. length<sizeof (transportAddress)
  404. ? length
  405. : sizeof (transportAddress),
  406. &length)) {
  407. dprintf (" (to %s)", TransportAddressToString (
  408. (PTRANSPORT_ADDRESS)transportAddress, address));
  409. }
  410. else {
  411. dprintf (" (Could not read transport address @ %p)", address);
  412. }
  413. }
  414. else if (state==AfdEndpointStateConnected ||
  415. state==AfdEndpointStateTransmitClosing) {
  416. ULONG64 contextAddr;
  417. //
  418. // Attempt to read user mode data stored as the context
  419. //
  420. result = GetRemoteAddressFromContext (ActualAddress,
  421. transportAddress,
  422. sizeof (transportAddress),
  423. &contextAddr);
  424. if (result==0) {
  425. dprintf (" (to %s)", TransportAddressToString (
  426. (PTRANSPORT_ADDRESS)transportAddress, contextAddr));
  427. }
  428. else if ((result==MEMORY_READ_ERROR) &&
  429. (transportInfo!=NULL) &&
  430. (_wcsicmp (transportInfo->DeviceName, L"\\Device\\TCP")==0)) {
  431. ULONG64 tdiFile;
  432. if ((result=GetFieldValue (connAddr,
  433. "AFD!AFD_CONNECTION",
  434. "FileObject",
  435. tdiFile))==0 &&
  436. (result=GetRemoteAddressFromTcp (tdiFile,
  437. transportAddress,
  438. sizeof (transportAddress)))==0) {
  439. dprintf (" (to %s)", TransportAddressToString (
  440. (PTRANSPORT_ADDRESS)transportAddress, contextAddr));
  441. }
  442. else {
  443. dprintf (" (Could not read transport address from endpoint context @%p (err: %ld) and TCP (err: %ld))",
  444. contextAddr, MEMORY_READ_ERROR, result);
  445. }
  446. }
  447. else {
  448. dprintf (" (Could not read transport address from endpoint context @ %p (err: %ld))", contextAddr, result);
  449. }
  450. }
  451. }
  452. dprintf("\n");
  453. dprintf(
  454. " ListenEndpoint = %p\n",
  455. ReadField (Common.VirtualCircuit.ListenEndpoint)
  456. );
  458. dprintf(
  459. " ConnectDataBuffers = %p\n",
  460. ReadField (Common.VirtualCircuit.ConnectDataBuffers)
  461. );
  462. break;
  464. case AfdBlockTypeVcBoth :
  465. dprintf(
  466. " Connection = %p",
  467. address=ReadField (Common.VirtualCircuit.Connection)
  468. );
  470. if (address!=0) {
  471. ULONG64 connAddr = address;
  472. if (GetFieldValue (connAddr,
  473. "AFD!AFD_CONNECTION",
  474. "RemoteAddress",
  475. address)==0 &&
  476. address!=0 &&
  477. GetFieldValue (connAddr,
  478. "AFD!AFD_CONNECTION",
  479. "RemoteAddressLength",
  480. length)==0 &&
  481. length!=0 ) {
  483. if (ReadMemory (address,
  484. transportAddress,
  485. length<sizeof (transportAddress)
  486. ? length
  487. : sizeof (transportAddress),
  488. &length)) {
  489. dprintf (" (to %s)", TransportAddressToString (
  490. (PTRANSPORT_ADDRESS)transportAddress, address));
  491. }
  492. else {
  493. dprintf (" (Could not read transport address @ %p)", address);
  494. }
  495. }
  496. else if (state==AfdEndpointStateConnected ||
  497. state==AfdEndpointStateTransmitClosing) {
  498. ULONG64 contextAddr;
  499. //
  500. // Attempt to read user mode data stored as the context
  501. //
  502. result = GetRemoteAddressFromContext (ActualAddress,
  503. transportAddress,
  504. sizeof (transportAddress),
  505. &contextAddr);
  506. if (result==0) {
  507. dprintf (" (to %s)", TransportAddressToString (
  508. (PTRANSPORT_ADDRESS)transportAddress, contextAddr));
  509. }
  510. else if ((result==MEMORY_READ_ERROR) &&
  511. (transportInfo!=NULL) &&
  512. (_wcsicmp (transportInfo->DeviceName, L"\\Device\\TCP")==0)) {
  513. ULONG64 tdiFile;
  514. if ((result=GetFieldValue (connAddr,
  515. "AFD!AFD_CONNECTION",
  516. "FileObject",
  517. tdiFile))==0 &&
  518. (result=GetRemoteAddressFromTcp (tdiFile,
  519. transportAddress,
  520. sizeof (transportAddress)))==0) {
  521. dprintf (" (to %s)", TransportAddressToString (
  522. (PTRANSPORT_ADDRESS)transportAddress, contextAddr));
  523. }
  524. else {
  525. dprintf (" (Could not read transport address from endpoint context @%p (err: %ld) and TCP (err: %ld))",
  526. contextAddr, MEMORY_READ_ERROR, result);
  527. }
  528. }
  529. else {
  530. dprintf (" (Could not read transport address from endpoint context @ %p)", contextAddr);
  531. }
  532. }
  533. }
  534. dprintf ("\n");
  535. dprintf(
  536. " ConnectDataBuffers = %p\n",
  537. ReadField (Common.VirtualCircuit.ConnectDataBuffers)
  538. );
  540. // Skip through to listening endpoint
  542. case AfdBlockTypeVcListening :
  544. if (ReadField(DelayedAcceptance)) {
  545. dprintf(
  546. " ListenConnectionListHead @ %s\n",
  547. LIST_TO_STRING(
  548. ActualAddress+ListenConnListOffset
  549. )
  550. );
  552. }
  553. else {
  554. dprintf(
  555. " FreeConnectionListHead @ %p(%d)\n",
  556. ActualAddress + FreeConnListOffset,
  557. (USHORT)ReadField (Common.VirtualCircuit.Listening.FreeConnectionListHead.Depth)
  558. );
  560. dprintf(
  561. " AcceptExIrpListHead @ %p(%d)\n",
  562. ActualAddress + PreaccConnListOffset,
  563. (USHORT)ReadField (Common.VirtualCircuit.Listening.PreacceptedConnectionsListHead.Depth)
  564. );
  565. }
  567. dprintf(
  568. " UnacceptedConnectionListHead %s\n",
  569. LIST_TO_STRING(
  570. ActualAddress + UnacceptedConnListOffset)
  571. );
  574. dprintf(
  575. " ReturnedConnectionListHead %s\n",
  576. LIST_TO_STRING(
  577. ActualAddress + ReturnedConnListOffset)
  578. );
  580. dprintf(
  581. " ListeningIrpListHead %s\n",
  582. LIST_TO_STRING(
  583. ActualAddress + ListenIrpListOffset)
  584. );
  586. dprintf(
  587. " FailedConnectionAdds = %ld\n",
  588. (LONG)ReadField (Common.VirtualCircuit.Listening.FailedConnectionAdds)
  589. );
  591. dprintf(
  592. " TdiAcceptPendingCount = %ld\n",
  593. (LONG)ReadField (Common.VirtualCircuit.Listening.TdiAcceptPendingCount)
  594. );
  597. dprintf(
  598. " MaxCachedConnections = %ld\n",
  599. (USHORT)ReadField (Common.VirtualCircuit.Listening.MaxExtraConnections)
  600. );
  603. dprintf(
  604. " ConnectionSequenceNumber = %ld\n",
  605. (LONG)ReadField (Common.VirtualCircuit.ListeningSequence)
  606. );
  609. dprintf(
  610. " BacklogReplenishActive = %s\n",
  611. BooleanToString (
  612. (BOOLEAN)ReadField (Common.VirtualCircuit.Listening.BacklogReplenishActive))
  613. );
  615. dprintf(
  617. " EnableDynamicBacklog = %s\n",
  618. BooleanToString (
  619. (BOOLEAN)(LONG)ReadField (Common.VirtualCircuit.Listening.EnableDynamicBacklog))
  620. );
  622. break;
  624. case AfdBlockTypeDatagram :
  626. dprintf(
  627. " RemoteAddress = %p\n",
  628. address = ReadField (Common.Datagram.RemoteAddress)
  629. );
  631. dprintf(
  632. " RemoteAddressLength = %lu\n",
  633. length=(ULONG)ReadField (Common.Datagram.RemoteAddressLength)
  634. );
  636. if( address!=0 ) {
  638. if (ReadMemory (address,
  639. transportAddress,
  640. length<sizeof (transportAddress)
  641. ? length
  642. : sizeof (transportAddress),
  643. &length)) {
  644. DumpTransportAddress(
  645. " ",
  646. (PTRANSPORT_ADDRESS)transportAddress,
  647. address
  648. );
  649. }
  650. else {
  651. dprintf ("\nDumpAfdEndpoint: Could not read transport address @ %p\n", address);
  652. }
  654. }
  656. dprintf(
  657. " ReceiveIrpListHead %s\n",
  658. LIST_TO_STRING(
  659. ActualAddress + DatagramRecvListOffset)
  660. );
  663. dprintf(
  664. " PeekIrpListHead %s\n",
  665. LIST_TO_STRING(
  666. ActualAddress + DatagramPeekListOffset)
  667. );
  670. dprintf(
  671. " ReceiveBufferListHead %s\n",
  672. LIST_TO_STRING(
  673. ActualAddress + DatagramBufferListOffset)
  674. );
  677. dprintf(
  678. " BufferredReceiveBytes = %08lx\n",
  679. (ULONG)ReadField (Common.Datagram.BufferredReceiveBytes)
  680. );
  682. dprintf(
  683. " BufferredReceiveCount = %04X\n",
  684. (ULONG)ReadField (Common.Datagram.BufferredReceiveCount)
  685. );
  687. dprintf(
  688. " MaxBufferredReceiveBytes = %08lx\n",
  689. (ULONG)ReadField (Common.Datagram.MaxBufferredReceiveBytes)
  690. );
  693. dprintf(
  694. " BufferredSendBytes = %08lx\n",
  695. (ULONG)ReadField (Common.Datagram.BufferredSendBytes)
  696. );
  698. dprintf(
  699. " MaxBufferredSendBytes = %08lx\n",
  700. (ULONG)ReadField (Common.Datagram.MaxBufferredSendBytes)
  701. );
  703. dprintf(
  704. " CircularQueueing = %s\n",
  705. BooleanToString(
  706. (BOOLEAN)ReadField (Common.Datagram.CircularQueueing ))
  707. );
  709. dprintf(
  710. " HalfConnect = %s\n",
  711. BooleanToString(
  712. (BOOLEAN)ReadField (Common.Datagram.HalfConnect))
  713. );
  715. if (SavedMinorVersion>=2466) {
  716. dprintf(
  717. " PacketsDropped due to %s%s%s%s\n",
  718. ReadField (Common.Datagram.AddressDrop)
  719. ? "source address, "
  720. : "",
  721. ReadField (Common.Datagram.ResourceDrop)
  722. ? "out of memory, "
  723. : "",
  724. ReadField (Common.Datagram.BufferDrop)
  725. ? "SO_RCVBUF setting, "
  726. : "",
  727. ReadField (Common.Datagram.ErrorDrop)
  728. ? "transport error"
  729. : ""
  730. );
  731. }
  732. break;
  734. case AfdBlockTypeSanEndpoint :
  735. dprintf(
  736. " HelperEndpoint = %p\n",
  737. ReadField (Common.SanEndp.SanHlpr)
  738. );
  739. dprintf(
  740. " FileObject = %p\n",
  741. ReadField (Common.SanEndp.FileObject)
  742. );
  743. dprintf(
  744. " Switch/Saved Context = %p (length: %d)\n",
  745. ReadField (Common.SanEndp.SwitchContext),
  746. (ULONG)ReadField (Common.SanEndp.SavedContextLength)
  747. );
  748. dprintf(
  749. " Local Context = %p\n",
  750. ReadField (Common.SanEndp.LocalContext)
  751. );
  752. dprintf(
  753. " Select Events Active = %lx\n",
  754. (ULONG)ReadField (Common.SanEndp.SelectEventsActive)
  755. );
  756. dprintf(
  757. " Request IrpList %s\n",
  758. LIST_TO_STRING(
  759. ActualAddress + SanIrpListOffset)
  760. );
  761. dprintf(
  762. " Request ID = %d\n",
  763. (ULONG)ReadField (Common.SanEndp.RequestId)
  764. );
  765. dprintf(
  766. " CtxTransferStatus = %lx%s\n",
  767. (ULONG)ReadField (Common.SanEndp.CtxTransferStatus),
  768. ReadField (Common.SanEndp.ImplicitDup) ? " (implicit)" : ""
  769. );
  770. if (state==AfdEndpointStateConnected ||
  771. state==AfdEndpointStateTransmitClosing) {
  772. ULONG64 contextAddr;
  773. //
  774. // Attempt to read user mode data stored as the context
  775. //
  776. result = GetRemoteAddressFromContext (ActualAddress,
  777. transportAddress,
  778. sizeof (transportAddress),
  779. &contextAddr);
  780. if (result==0) {
  781. dprintf (" Connected to = %s\n",
  782. TransportAddressToString (
  783. (PTRANSPORT_ADDRESS)transportAddress,
  784. contextAddr));
  785. }
  786. else {
  787. dprintf ("DumAfdEndpoint: Could not read transport address from endpoint context @ %p\n", contextAddr);
  788. }
  789. }
  790. break;
  792. case AfdBlockTypeSanHelper :
  793. dprintf(
  794. " IoCompletionPort = %p\n",
  795. ReadField (Common.SanHlpr.IoCompletionPort)
  796. );
  797. dprintf(
  798. " IoCompletionEvent = %p\n",
  799. ReadField (Common.SanHlpr.IoCompletionEvent)
  800. );
  801. dprintf(
  802. " Provider list sequence = %d\n",
  803. (LONG)ReadField (Common.SanHlpr.Plsn)
  804. );
  806. if (SavedMinorVersion>=3549) {
  807. result = (LONG)ReadField (Common.SanHlpr.PendingRequests);
  808. dprintf(
  809. " Pending requests = %d%s\n",
  810. result >> 1,
  811. (result & 1) ? " (cleaned-up)" : ""
  813. );
  814. }
  815. break;
  816. }
  818. dprintf(
  819. " DisconnectMode = %08lx\n",
  820. (ULONG)ReadField (DisconnectMode)
  821. );
  823. dprintf(
  824. " OutstandingIrpCount = %08lx\n",
  825. (ULONG)ReadField (OutstandingIrpCount)
  826. );
  828. dprintf(
  829. " LocalAddress = %p\n",
  830. address = ReadField (LocalAddress)
  831. );
  833. dprintf(
  834. " LocalAddressLength = %08lx\n",
  835. length = (ULONG)ReadField (LocalAddressLength)
  836. );
  838. if (address!=0) {
  839. if (ReadMemory (address,
  840. transportAddress,
  841. length<sizeof (transportAddress)
  842. ? length
  843. : sizeof (transportAddress),
  844. &length)) {
  845. DumpTransportAddress(
  846. " ",
  847. (PTRANSPORT_ADDRESS)transportAddress,
  848. address
  849. );
  850. }
  851. else {
  852. dprintf ("\nDumpAfdEndpoint: Could not read transport address @ %p\n", address);
  853. }
  854. }
  856. dprintf(
  857. " Context = %p\n",
  858. ReadField (Context)
  859. );
  861. dprintf(
  862. " ContextLength = %08lx\n",
  863. (ULONG)ReadField (ContextLength)
  864. );
  866. if (SavedMinorVersion>=2419) {
  867. process = ReadField (OwningProcess);
  868. }
  869. else {
  870. process = ReadField (ProcessCharge.Process);
  871. }
  873. if (GetFieldValue (
  874. process,
  875. "NT!_EPROCESS",
  876. "UniqueProcessId",
  877. pid)!=0) {
  878. pid = 0;
  879. }
  881. dprintf(
  882. " OwningProcess = %p (0x%lx)\n",
  883. process, (ULONG)pid
  884. );
  886. if (SavedMinorVersion>=2219) {
  887. irp = ReadField (Irp);
  888. if (irp!=0) {
  889. if (state==AfdEndpointStateConnected ||
  890. state==AfdEndpointStateTransmitClosing) {
  891. ULONG64 tpInfo;
  892. dprintf(
  893. " Transmit Irp = %p",
  894. irp);
  895. result = GetFieldValue (
  896. irp,
  897. "NT!_IRP",
  898. "AssociatedIrp.SystemBuffer",
  899. tpInfo);
  900. if (result==0) {
  901. dprintf (" (TPInfo @ %p)\n", tpInfo);
  902. }
  903. else {
  904. dprintf ("\nDumpAfdEndpoint: Could not read Irp's system buffer, err: %d\n",
  905. result);
  906. }
  907. }
  908. else if (state==AfdEndpointStateOpen) {
  909. dprintf(
  910. " Super Accept Irp = %p\n",
  911. irp
  912. );
  913. }
  914. }
  915. }
  916. else {
  917. tinfo=ReadField (TransmitInfo);
  919. if (tinfo!=0) {
  920. dprintf(
  921. " TransmitInfo = %p\n",
  922. tinfo
  923. );
  924. }
  925. }
  927. dprintf(
  928. " RoutingNotificationList %s\n",
  929. LIST_TO_STRING(
  930. ActualAddress + RoutingNotifyListOffset)
  931. );
  935. dprintf(
  936. " RequestList %s\n",
  937. LIST_TO_STRING(
  938. ActualAddress + RequestListOffset)
  939. );
  942. dprintf(
  943. " EventObject = %p\n",
  944. ReadField (EventObject)
  945. );
  947. dprintf(
  948. " EventsEnabled = %08lx\n",
  949. (ULONG)ReadField (EventsEnabled)
  950. );
  952. dprintf(
  953. " EventsActive = %08lx\n",
  954. (ULONG)ReadField (EventsActive)
  955. );
  957. dprintf(
  958. " EventStatus (non-zero only) =");
  959. ReadMemory (ActualAddress+EventStatusOffset,
  960. EventStatus,
  961. sizeof (EventStatus),
  962. &length);
  963. if (EventStatus[AFD_POLL_RECEIVE_BIT]!=0) {
  964. dprintf (" recv:%lx", EventStatus[AFD_POLL_RECEIVE_BIT]);
  965. }
  966. if (EventStatus[AFD_POLL_RECEIVE_EXPEDITED_BIT]!=0) {
  967. dprintf (" rcv exp:%lx", EventStatus[AFD_POLL_RECEIVE_EXPEDITED_BIT]);
  968. }
  969. if (EventStatus[AFD_POLL_SEND_BIT]!=0) {
  970. dprintf (" send:%lx", EventStatus[AFD_POLL_SEND_BIT]);
  971. }
  972. if (EventStatus[AFD_POLL_DISCONNECT_BIT]!=0) {
  973. dprintf (" disc:%lx", EventStatus[AFD_POLL_DISCONNECT_BIT]);
  974. }
  975. if (EventStatus[AFD_POLL_ABORT_BIT]!=0) {
  976. dprintf (" abort:%lx", EventStatus[AFD_POLL_ABORT_BIT]);
  977. }
  978. if (EventStatus[AFD_POLL_LOCAL_CLOSE_BIT]!=0) {
  979. dprintf (" close:%lx", EventStatus[AFD_POLL_LOCAL_CLOSE_BIT]);
  980. }
  981. if (EventStatus[AFD_POLL_CONNECT_BIT]!=0) {
  982. dprintf (" connect:%lx", EventStatus[AFD_POLL_CONNECT_BIT]);
  983. }
  984. if (EventStatus[AFD_POLL_ACCEPT_BIT]!=0) {
  985. dprintf (" accept:%lx", EventStatus[AFD_POLL_ACCEPT_BIT]);
  986. }
  987. if (EventStatus[AFD_POLL_CONNECT_FAIL_BIT]!=0) {
  988. dprintf (" con fail:%lx", EventStatus[AFD_POLL_CONNECT_FAIL_BIT]);
  989. }
  990. if (EventStatus[AFD_POLL_QOS_BIT]!=0) {
  991. dprintf (" qos:%lx", EventStatus[AFD_POLL_QOS_BIT]);
  992. }
  993. if (EventStatus[AFD_POLL_GROUP_QOS_BIT]!=0) {
  994. dprintf (" gqos:%lx", EventStatus[AFD_POLL_GROUP_QOS_BIT]);
  995. }
  996. if (EventStatus[AFD_POLL_ROUTING_IF_CHANGE_BIT]!=0) {
  997. dprintf (" route chng:%lx", EventStatus[AFD_POLL_ROUTING_IF_CHANGE_BIT]);
  998. }
  999. if (EventStatus[AFD_POLL_ADDRESS_LIST_CHANGE_BIT]!=0) {
  1000. dprintf (" addr chng:%lx", EventStatus[AFD_POLL_ADDRESS_LIST_CHANGE_BIT]);
  1001. }
  1002. dprintf ("\n");
  1004. dprintf(
  1005. " GroupID = %08lx\n",
  1006. (ULONG)ReadField (GroupID)
  1007. );
  1009. dprintf(
  1010. " GroupType = %s\n",
  1011. GroupTypeToString( (ULONG)ReadField (GroupType) )
  1012. );
  1014. if( IsReferenceDebug ) {
  1017. dprintf(
  1018. " ReferenceDebug = %p\n",
  1019. ActualAddress + EndpRefOffset
  1020. );
  1022. if (SavedMinorVersion>=3554) {
  1023. ULONGLONG refCount;
  1024. refCount = ReadField (CurrentReferenceSlot);
  1025. if (SystemTime.QuadPart!=0) {
  1026. dprintf(
  1027. " CurrentReferenceSlot = %lu (@ %s)\n",
  1028. (ULONG)refCount & AFD_REF_MASK,
  1029. SystemTimeToString (
  1030. (((ReadField (CurrentTimeHigh)<<32) +
  1031. (refCount&(~AFD_REF_MASK)))<<(13-AFD_REF_SHIFT)) +
  1032. SystemTime.QuadPart -
  1033. InterruptTime.QuadPart)
  1034. );
  1036. }
  1037. else {
  1038. dprintf(
  1039. " CurrentReferenceSlot = %lu (@ %I64u ms since boot)\n",
  1040. (ULONG)refCount & AFD_REF_MASK,
  1041. (((ReadField (CurrentTimeHigh)<<32) +
  1042. (refCount&(~AFD_REF_MASK)))<<(13-AFD_REF_SHIFT))/(10*1000)
  1043. );
  1044. }
  1045. }
  1046. else {
  1047. dprintf(
  1048. " CurrentReferenceSlot = %lu\n",
  1049. (ULONG)ReadField (CurrentReferenceSlot) & AFD_REF_MASK
  1050. );
  1051. }
  1053. }
  1055. dprintf( "\n" );
  1057. } // DumpAfdEndpoint
  1059. VOID
  1060. DumpAfdEndpointBrief (
  1061. ULONG64 ActualAddress
  1062. )
  1064. /*++
  1066. Routine Description:
  1068. Dumps the specified AFD_ENDPOINT structure in short format.
  1070. Endpoint Typ State Flags Transport Port Counts Evt Pid Con/RAdr
  1071. xxxxxxxx xxx xxx xxxxxxxxxxxx xxxxxxxx xxxxx xx xx xx xx xxx xxxx xxxxxxxx
  1073. Endpoint Typ State Flags Transport Port Counts Evt Pid Con/RemAddr
  1074. xxxxxxxxxxx xxx xxx xxxxxxxxxxxx xxxxxxxx xxxxx xx xx xx xx xxx xxxx xxxxxxxxxxx
  1076. Arguments:
  1077. ActualAddress - The actual address where the structure resides on the
  1078. debugee.
  1080. Return Value:
  1082. None.
  1084. --*/
  1085. {
  1086. CHAR ctrs[40];
  1087. LPSTR port;
  1088. UCHAR transportAddress[MAX_TRANSPORT_ADDR];
  1089. UCHAR remoteAddress[MAX_ADDRESS_STRING];
  1090. PUCHAR raddr;
  1091. PAFDKD_TRANSPORT_INFO transportInfo = NULL;
  1092. ULONG64 address, trInfoAddr, localAddr, sanSvcHlpr=0;
  1093. ULONG length;
  1094. ULONG64 process, pid;
  1095. USHORT type;
  1096. UCHAR state;
  1098. type = (USHORT)ReadField (Type);
  1099. state = (UCHAR)ReadField (State);
  1101. if ((trInfoAddr=ReadField (TransportInfo))!=0) {
  1102. PLIST_ENTRY listEntry;
  1104. listEntry = TransportInfoList.Flink;
  1105. while (listEntry!=&TransportInfoList) {
  1106. transportInfo = CONTAINING_RECORD (listEntry, AFDKD_TRANSPORT_INFO, Link);
  1107. if (transportInfo->ActualAddress==trInfoAddr)
  1108. break;
  1109. listEntry = listEntry->Flink;
  1110. }
  1112. if (listEntry==&TransportInfoList) {
  1113. transportInfo = ReadTransportInfo (trInfoAddr);
  1114. if (transportInfo!=NULL) {
  1115. InsertHeadList (&TransportInfoList, &transportInfo->Link);
  1116. }
  1117. }
  1118. }
  1120. raddr = remoteAddress;
  1121. switch (type) {
  1122. case AfdBlockTypeDatagram :
  1123. _snprintf (ctrs, sizeof (ctrs)-1, "%5.5x %5.5x",
  1124. (ULONG)ReadField (Common.Datagram.BufferredSendBytes),
  1125. (ULONG)ReadField (Common.Datagram.BufferredReceiveBytes)
  1126. );
  1127. ctrs[sizeof(ctrs)-1]=0;
  1128. address = ReadField (Common.Datagram.RemoteAddress);
  1129. length = (ULONG)ReadField (Common.Datagram.RemoteAddressLength);
  1130. _snprintf (remoteAddress, sizeof (remoteAddress)-1,
  1131. IsPtr64 () ? "%011.011I64X" : "%008.008I64X",
  1132. DISP_PTR(address));
  1133. remoteAddress[sizeof(remoteAddress)-1]=0;
  1134. if (Options & AFDKD_RADDR_DISPLAY) {
  1135. if (address!=0 && length!=0) {
  1136. if (ReadMemory (address,
  1137. transportAddress,
  1138. length<sizeof (transportAddress)
  1139. ? length
  1140. : sizeof (transportAddress),
  1141. &length)) {
  1142. raddr = TransportAddressToString(
  1143. (PTRANSPORT_ADDRESS)transportAddress,
  1144. address
  1145. );
  1146. }
  1147. else {
  1148. _snprintf (remoteAddress, sizeof (remoteAddress)-1,
  1149. "Read error @%I64X",
  1150. IsPtr64 () ? address : (address & 0xFFFFFFFF));
  1151. remoteAddress[sizeof(remoteAddress)-1]=0;
  1152. }
  1153. }
  1154. else
  1155. raddr = "";
  1156. }
  1157. break;
  1158. case AfdBlockTypeVcConnecting:
  1159. address = ReadField (Common.VirtualCircuit.Connection);
  1160. address =
  1161. address!=0
  1162. ? address
  1163. : (((state==AfdEndpointStateClosing ||
  1164. state==AfdEndpointStateTransmitClosing) &&
  1165. ((address = ReadField (WorkItem.Context))!=0))
  1166. ? address
  1167. : 0);
  1168. _snprintf (remoteAddress, sizeof (remoteAddress)-1,
  1169. IsPtr64 () ? "%011.011I64X" : "%008.008I64X",
  1170. DISP_PTR(address));
  1171. remoteAddress[sizeof(remoteAddress)-1]=0;
  1172. if (address!=0) {
  1173. AFD_CONNECTION_STATE_FLAGS flags;
  1174. ULONG sndB = 0, rcvB = 0;
  1175. if (GetFieldValue (address,
  1176. "AFD!AFD_CONNECTION",
  1177. "ConnectionStateFlags",
  1178. flags)==0) {
  1179. if (flags.TdiBufferring) {
  1180. ULONGLONG taken, there;
  1181. GetFieldValue (address,
  1182. "AFD!AFD_CONNECTION",
  1183. "Common.Bufferring.ReceiveBytesIndicated.QuadPart",
  1184. taken);
  1185. GetFieldValue (address,
  1186. "AFD!AFD_CONNECTION",
  1187. "Common.Bufferring.ReceiveBytesTaken.QuadPart",
  1188. there);
  1189. sndB = 0;
  1190. rcvB = (ULONG)(taken-there);
  1191. }
  1192. else {
  1193. GetFieldValue (address,
  1194. "AFD!AFD_CONNECTION",
  1195. "Common.NonBufferring.BufferredReceiveBytes",
  1196. rcvB);
  1197. GetFieldValue (address,
  1198. "AFD!AFD_CONNECTION",
  1199. "Common.NonBufferring.BufferredSendBytes",
  1200. sndB);
  1201. }
  1202. _snprintf (ctrs, sizeof (ctrs)-1, "%5.5x %5.5x", sndB, rcvB);
  1203. ctrs[sizeof(ctrs)-1]=0;
  1205. if (Options & AFDKD_RADDR_DISPLAY) {
  1206. ULONG64 connAddr = address;
  1207. if (GetFieldValue (connAddr,
  1208. "AFD!AFD_CONNECTION",
  1209. "RemoteAddress",
  1210. address)==0 &&
  1211. address!=0 &&
  1212. GetFieldValue (connAddr,
  1213. "AFD!AFD_CONNECTION",
  1214. "RemoteAddressLength",
  1215. length)==0 &&
  1216. length!=0 ) {
  1218. if (ReadMemory (address,
  1219. transportAddress,
  1220. length<sizeof (transportAddress)
  1221. ? length
  1222. : sizeof (transportAddress),
  1223. &length)) {
  1224. raddr = TransportAddressToString(
  1225. (PTRANSPORT_ADDRESS)transportAddress,
  1226. address
  1227. );
  1228. }
  1229. else {
  1230. _snprintf (remoteAddress, sizeof (remoteAddress)-1,
  1231. "Read error @%I64X",
  1232. IsPtr64 () ? address : (address & 0xFFFFFFFF));
  1233. remoteAddress[sizeof(remoteAddress)-1]=0;
  1234. }
  1235. }
  1236. else if (state==AfdEndpointStateConnected ||
  1237. state==AfdEndpointStateTransmitClosing) {
  1238. ULONG result;
  1239. ULONG64 contextAddr;
  1240. //
  1241. // Attempt to read user mode data stored as the context
  1242. //
  1243. result = GetRemoteAddressFromContext (ActualAddress,
  1244. transportAddress,
  1245. sizeof (transportAddress),
  1246. &contextAddr);
  1247. if (result==0) {
  1248. raddr = TransportAddressToString(
  1249. (PTRANSPORT_ADDRESS)transportAddress,
  1250. contextAddr
  1251. );
  1252. }
  1253. else if ((result==MEMORY_READ_ERROR) &&
  1254. (transportInfo!=NULL) &&
  1255. (_wcsicmp (transportInfo->DeviceName, L"\\Device\\TCP")==0)) {
  1256. ULONG64 tdiFile;
  1257. if ((result=GetFieldValue (connAddr,
  1258. "AFD!AFD_CONNECTION",
  1259. "FileObject",
  1260. tdiFile)==0) &&
  1261. (result=GetRemoteAddressFromTcp (tdiFile,
  1262. transportAddress,
  1263. sizeof (transportAddress)))==0) {
  1264. raddr = TransportAddressToString (
  1265. (PTRANSPORT_ADDRESS)transportAddress, contextAddr);
  1266. }
  1267. else {
  1268. _snprintf (remoteAddress, sizeof (remoteAddress)-1,
  1269. "Read error %ld @ %I64X", result,
  1270. IsPtr64 () ? contextAddr : (contextAddr & 0xFFFFFFFF));
  1271. remoteAddress[sizeof(remoteAddress)-1]=0;;
  1272. }
  1273. }
  1274. else {
  1275. _snprintf (remoteAddress, sizeof (remoteAddress)-1,
  1276. "Read error %ld @ %I64X", result,
  1277. IsPtr64 () ? contextAddr : (contextAddr & 0xFFFFFFFF));
  1278. remoteAddress[sizeof(remoteAddress)-1]=0;
  1279. }
  1280. }
  1281. }
  1282. }
  1283. else {
  1284. _snprintf (ctrs, sizeof (ctrs)-1, "Read error!");
  1285. ctrs[sizeof(ctrs)-1]=0;
  1286. }
  1287. }
  1288. else {
  1289. _snprintf (ctrs, sizeof (ctrs)-1, " ");
  1290. ctrs[sizeof(ctrs)-1]=0;
  1291. }
  1292. break;
  1293. case AfdBlockTypeVcListening:
  1294. case AfdBlockTypeVcBoth:
  1295. _snprintf (remoteAddress, sizeof (remoteAddress)-1,
  1296. "mc:%1.1x,fd:%1.1x",
  1297. (USHORT)ReadField (Common.VirtualCircuit.Listening.MaxExtraConnections),
  1298. (LONG)ReadField (Common.VirtualCircuit.Listening.FailedConnectionAdds));
  1299. remoteAddress[sizeof(remoteAddress)-1]=0;
  1300. raddr = remoteAddress;
  1301. if (ReadField (DelayedAcceptance)) {
  1302. if (Options & AFDKD_LIST_COUNT) {
  1303. _snprintf (ctrs, sizeof (ctrs)-1, "%2.2x %2.2x %2.2x %2.2x",
  1304. CountListEntries (ActualAddress+ListenConnListOffset),
  1305. CountListEntries (ActualAddress+ListenIrpListOffset),
  1306. (LONG)ReadField(Common.VirtualCircuit.Listening.TdiAcceptPendingCount),
  1307. CountListEntries (ActualAddress+UnacceptedConnListOffset));
  1308. ctrs[sizeof(ctrs)-1]=0;
  1309. }
  1310. else {
  1311. _snprintf (ctrs, sizeof (ctrs)-1, "%2.2s %2.2s %2.2x %2.2s",
  1312. ListCountEstimate (ActualAddress+ListenConnListOffset),
  1313. ListCountEstimate (ActualAddress+ListenIrpListOffset),
  1314. (LONG)ReadField(Common.VirtualCircuit.Listening.TdiAcceptPendingCount),
  1315. ListCountEstimate (ActualAddress+UnacceptedConnListOffset));
  1316. ctrs[sizeof(ctrs)-1]=0;
  1317. }
  1318. }
  1319. else {
  1320. if (Options & AFDKD_LIST_COUNT) {
  1321. _snprintf (ctrs, sizeof (ctrs)-1, "%2.2x %2.2x %2.2x %2.2x",
  1322. (USHORT)ReadField (Common.VirtualCircuit.Listening.FreeConnectionListHead.Depth),
  1323. (USHORT)ReadField (Common.VirtualCircuit.Listening.PreacceptedConnectionsListHead.Depth),
  1324. (LONG)ReadField(Common.VirtualCircuit.Listening.TdiAcceptPendingCount),
  1325. CountListEntries (ActualAddress+UnacceptedConnListOffset));
  1326. ctrs[sizeof(ctrs)-1]=0;
  1327. }
  1328. else {
  1329. _snprintf (ctrs, sizeof (ctrs)-1, "%2.2x %2.2x %2.2x %2.2s",
  1330. (USHORT)ReadField (Common.VirtualCircuit.Listening.FreeConnectionListHead.Depth),
  1331. (USHORT)ReadField (Common.VirtualCircuit.Listening.PreacceptedConnectionsListHead.Depth),
  1332. (LONG)ReadField(Common.VirtualCircuit.Listening.TdiAcceptPendingCount),
  1333. ListCountEstimate (ActualAddress+UnacceptedConnListOffset));
  1334. ctrs[sizeof(ctrs)-1]=0;
  1335. }
  1336. }
  1337. break;
  1338. case AfdBlockTypeSanEndpoint:
  1339. if (Options & AFDKD_RADDR_DISPLAY) {
  1340. ULONG result;
  1341. ULONG64 contextAddr;
  1342. //
  1343. // Attempt to read user mode data stored as the context
  1344. //
  1345. result = GetRemoteAddressFromContext (ActualAddress,
  1346. transportAddress,
  1347. sizeof (transportAddress),
  1348. &contextAddr);
  1349. if (result==0) {
  1350. raddr = TransportAddressToString(
  1351. (PTRANSPORT_ADDRESS)transportAddress,
  1352. contextAddr
  1353. );
  1354. }
  1355. else {
  1356. _snprintf (remoteAddress, sizeof (remoteAddress)-1,
  1357. "Read error %ld @ %I64X", result,
  1358. IsPtr64 () ? contextAddr : (contextAddr & 0xFFFFFFFF));
  1359. remoteAddress[sizeof(remoteAddress)-1]=0;
  1360. }
  1361. }
  1362. else {
  1363. _snprintf (remoteAddress, sizeof (remoteAddress)-1,
  1364. IsPtr64 () ? "H:%011.011I64X" : "H:%008.008I64X",
  1365. DISP_PTR (ReadField (Common.SanEndp.SanHlpr)));
  1366. remoteAddress[sizeof(remoteAddress)-1]=0;
  1367. }
  1368. _snprintf (ctrs, sizeof (ctrs)-1, "%5.5x %5.5x",
  1369. (ULONG)ReadField (Common.SanEndp.RequestId),
  1370. (ULONG)ReadField (Common.SanEndp.SelectEventsActive));
  1371. ctrs[sizeof(ctrs)-1]=0;
  1372. break;
  1373. case AfdBlockTypeSanHelper:
  1374. {
  1375. ULONG64 cPort, depth;
  1376. cPort = ReadField (Common.SanHlpr.IoCompletionPort);
  1377. GetFieldValue (0, "AFD!AfdSanServiceHelper", NULL, sanSvcHlpr);
  1378. GetFieldValue (cPort, "NT!DISPATCHER_HEADER", "SignalState", depth);
  1379. _snprintf (remoteAddress, sizeof (remoteAddress)-1,
  1380. IsPtr64 () ? "C:%011.011I64X(%d)" : "C:%008.008I64X(%d)",
  1381. DISP_PTR (cPort), (ULONG)depth);
  1382. remoteAddress[sizeof(remoteAddress)-1]=0;
  1383. _snprintf (ctrs, sizeof (ctrs)-1, "%5.5x %5.5x",
  1384. (ULONG)ReadField (Common.SanEndp.Plsn),
  1385. (ULONG)ReadField (Common.SanEndp.PendingRequests));
  1386. ctrs[sizeof(ctrs)-1]=0;
  1387. }
  1388. break;
  1389. case AfdBlockTypeEndpoint:
  1390. default:
  1391. raddr = "";
  1392. _snprintf (ctrs, sizeof (ctrs)-1, " ");
  1393. ctrs[sizeof(ctrs)-1]=0;
  1394. break;
  1395. }
  1397. port = " ";
  1398. if ((localAddr=ReadField(LocalAddress))!=0) {
  1399. length = (ULONG)ReadField (LocalAddressLength);
  1400. if (ReadMemory (localAddr,
  1401. transportAddress,
  1402. length<sizeof (transportAddress)
  1403. ? length
  1404. : sizeof (transportAddress),
  1405. &length)) {
  1406. port = TransportPortToString(
  1407. (PTRANSPORT_ADDRESS)transportAddress,
  1408. localAddr
  1409. );
  1410. }
  1411. else {
  1412. port = "error";
  1413. }
  1414. }
  1416. if (SavedMinorVersion>=2419) {
  1417. process = ReadField (OwningProcess);
  1418. }
  1419. else {
  1420. process = ReadField (ProcessCharge.Process);
  1421. }
  1423. if (GetFieldValue (
  1424. process,
  1425. "NT!_EPROCESS",
  1426. "UniqueProcessId",
  1427. pid)!=0) {
  1428. pid = 0;
  1429. }
  1432. /* Endpoint Typ Sta StFl Tr.Inf Lport ctrs Events PID Con/Raddr*/
  1433. dprintf (
  1434. IsPtr64 ()
  1435. ? "\n%011.011p %3s %3s %12s %-9.9ls %5.5s %11s %3.3lx %4.4x %s"
  1436. : "\n%008.008p %3s %3s %12s %-9.9ls %5.5s %11s %3.3lx %4.4x %s",
  1437. DISP_PTR(ActualAddress),
  1438. StructureTypeToStringBrief (type),
  1439. EndpointStateToStringBrief (state),
  1440. EndpointStateFlagsToString (),
  1441. transportInfo
  1442. ? &transportInfo->DeviceName[sizeof("\\Device\\")-1]
  1443. : (ActualAddress==sanSvcHlpr ? L"SVCHLPR" : L""),
  1444. port,
  1445. ctrs,
  1446. (ULONG)ReadField (EventsActive),
  1447. (ULONG)pid,
  1448. raddr
  1449. );
  1450. }
  1452. VOID
  1453. DumpAfdConnection(
  1454. ULONG64 ActualAddress
  1455. )
  1457. /*++
  1459. Routine Description:
  1461. Dumps the specified AFD_CONNECTION structures.
  1463. Arguments:
  1465. Connection - Points to the AFD_CONNECTION structure to dump.
  1467. ActualAddress - The actual address where the structure resides on the
  1468. debugee.
  1470. Return Value:
  1472. None.
  1474. --*/
  1476. {
  1478. ULONG64 address, endpAddr, fileObject, process, pid;
  1479. ULONG length;
  1480. UCHAR transportAddress[MAX_TRANSPORT_ADDR];
  1481. USHORT type, state;
  1482. BOOLEAN tdiBuf;
  1484. dprintf(
  1485. "\nAFD_CONNECTION @ %p:\n",
  1486. ActualAddress
  1487. );
  1489. type = (USHORT)ReadField (Type);
  1490. dprintf(
  1491. " Type = %04X (%s)\n",
  1492. type,
  1493. StructureTypeToString( type )
  1494. );
  1496. dprintf(
  1497. " ReferenceCount = %ld\n",
  1498. (LONG)ReadField (ReferenceCount)
  1499. );
  1501. state = (USHORT)ReadField (State);
  1502. dprintf(
  1503. " State = %08X (%s)\n",
  1504. state,
  1505. ConnectionStateToString( state )
  1506. );
  1508. dprintf(
  1509. " StateFlags = %08X (",
  1510. (ULONG)ReadField (ConnectionStateFlags)
  1511. );
  1513. tdiBuf = (ReadField (TdiBufferring)!=0);
  1514. if (tdiBuf)
  1515. dprintf (" Buf");
  1516. if (SavedMinorVersion>=3549) {
  1517. if (ReadField (Aborted)) {
  1518. dprintf (" Abort%s%s",
  1519. ReadField (AbortIndicated) ? "-ind" : "",
  1520. ReadField (AbortFailed) ? "-fail" : "");
  1521. }
  1522. }
  1523. else {
  1524. if (ReadField (AbortedIndicated)) {
  1525. dprintf (" AbortInd");
  1526. }
  1527. }
  1528. if (ReadField (DisconnectIndicated))
  1529. dprintf (" DscnInd");
  1530. if (ReadField (ConnectedReferenceAdded))
  1531. dprintf (" +CRef");
  1532. if (ReadField (SpecialCondition))
  1533. dprintf (" Special");
  1534. if (ReadField (CleanupBegun))
  1535. dprintf (" ClnBegun");
  1536. if (ReadField (ClosePendedTransmit))
  1537. dprintf (" ClosingTranFile");
  1538. if (ReadField (OnLRList))
  1539. dprintf (" LRList");
  1540. if (ReadField (SanConnection))
  1541. dprintf (" SAN");
  1542. dprintf (" )\n");
  1544. dprintf(
  1545. " Handle = %p\n",
  1546. ReadField (Handle)
  1547. );
  1549. dprintf(
  1550. " FileObject = %p\n",
  1551. fileObject=ReadField (FileObject)
  1552. );
  1554. if (state==AfdConnectionStateConnected) {
  1555. ULONGLONG connectTime;
  1556. connectTime = ReadField (ConnectTime);
  1557. if (SystemTime.QuadPart!=0) {
  1558. dprintf(
  1559. " ConnectTime = %s\n",
  1560. SystemTimeToString(
  1561. connectTime-
  1562. InterruptTime.QuadPart+
  1563. SystemTime.QuadPart));
  1564. dprintf(
  1565. " (now: %s)\n",
  1566. SystemTimeToString (SystemTime.QuadPart)
  1567. );
  1568. }
  1569. else {
  1570. dprintf(
  1571. " ConnectTime = %I64x (nsec since boot)\n",
  1572. connectTime
  1573. );
  1574. }
  1575. }
  1576. else {
  1577. dprintf(
  1578. " Accept/Listen Irp = %p\n",
  1579. ReadField (AcceptIrp)
  1580. );
  1581. }
  1583. if( tdiBuf ) {
  1584. dprintf(
  1585. " ReceiveBytesIndicated = %I64d\n",
  1586. ReadField( Common.Bufferring.ReceiveBytesIndicated.QuadPart )
  1587. );
  1589. dprintf(
  1590. " ReceiveBytesTaken = %I64d\n",
  1591. ReadField ( Common.Bufferring.ReceiveBytesTaken.QuadPart )
  1592. );
  1594. dprintf(
  1595. " ReceiveBytesOutstanding = %I64d\n",
  1596. ReadField( Common.Bufferring.ReceiveBytesOutstanding.QuadPart )
  1597. );
  1599. dprintf(
  1600. " ReceiveExpeditedBytesIndicated = %I64d\n",
  1601. ReadField( Common.Bufferring.ReceiveExpeditedBytesIndicated.QuadPart )
  1602. );
  1604. dprintf(
  1605. " ReceiveExpeditedBytesTaken = %I64d\n",
  1606. ReadField( Common.Bufferring.ReceiveExpeditedBytesTaken.QuadPart )
  1607. );
  1609. dprintf(
  1610. " ReceiveExpeditedBytesOutstanding = %I64d\n",
  1611. ReadField( Common.Bufferring.ReceiveExpeditedBytesOutstanding.QuadPart )
  1612. );
  1614. dprintf(
  1615. " NonBlockingSendPossible = %s\n",
  1616. BooleanToString( (BOOLEAN)ReadField (Common.Bufferring.NonBlockingSendPossible) )
  1617. );
  1619. dprintf(
  1620. " ZeroByteReceiveIndicated = %s\n",
  1621. BooleanToString( (BOOLEAN)ReadField (Common.Bufferring.ZeroByteReceiveIndicated) )
  1622. );
  1623. }
  1624. else {
  1626. dprintf(
  1627. " ReceiveIrpListHead %s\n",
  1628. LIST_TO_STRING(
  1629. ActualAddress + ConnectionRecvListOffset)
  1630. );
  1633. dprintf(
  1634. " ReceiveBufferListHead %s\n",
  1635. LIST_TO_STRING(
  1636. ActualAddress + ConnectionBufferListOffset)
  1637. );
  1639. dprintf(
  1640. " SendIrpListHead %s\n",
  1641. LIST_TO_STRING(
  1642. ActualAddress + ConnectionSendListOffset)
  1643. );
  1645. dprintf(
  1646. " BufferredReceiveBytes = %lu\n",
  1647. (ULONG)ReadField (Common.NonBufferring.BufferredReceiveBytes)
  1648. );
  1650. dprintf(
  1651. " BufferredExpeditedBytes = %lu\n",
  1652. (ULONG)ReadField (Common.NonBufferring.BufferredExpeditedBytes)
  1653. );
  1655. dprintf(
  1656. " BufferredReceiveCount = %u\n",
  1657. (USHORT)ReadField (Common.NonBufferring.BufferredReceiveCount)
  1658. );
  1660. dprintf(
  1661. " BufferredExpeditedCount = %u\n",
  1662. (USHORT)ReadField (Common.NonBufferring.BufferredExpeditedCount)
  1663. );
  1665. dprintf(
  1666. " ReceiveBytesInTransport = %lu\n",
  1667. (ULONG)ReadField (Common.NonBufferring.ReceiveBytesInTransport)
  1668. );
  1670. dprintf(
  1671. " BufferredSendBytes = %lu\n",
  1672. (ULONG)ReadField (Common.NonBufferring.BufferredSendBytes)
  1673. );
  1675. dprintf(
  1676. " BufferredSendCount = %u\n",
  1677. (USHORT)ReadField (Common.NonBufferring.BufferredSendCount)
  1678. );
  1680. dprintf(
  1681. " DisconnectIrp = %p\n",
  1682. ReadField (Common.NonBufferring.DisconnectIrp)
  1683. );
  1685. if (IsCheckedAfd ) {
  1686. dprintf(
  1687. " ReceiveIrpsInTransport = %ld\n",
  1688. (ULONG)ReadField (Common.NonBufferring.ReceiveIrpsInTransport)
  1689. );
  1690. }
  1692. }
  1694. dprintf(
  1695. " Endpoint = %p\n",
  1696. endpAddr = ReadField (Endpoint)
  1697. );
  1699. dprintf(
  1700. " MaxBufferredReceiveBytes = %lu\n",
  1701. (ULONG)ReadField (MaxBufferredReceiveBytes)
  1702. );
  1704. dprintf(
  1705. " MaxBufferredSendBytes = %lu\n",
  1706. (ULONG)ReadField (MaxBufferredSendBytes)
  1707. );
  1709. dprintf(
  1710. " ConnectDataBuffers = %p\n",
  1711. ReadField (ConnectDataBuffers)
  1712. );
  1714. if (SavedMinorVersion>=2419) {
  1715. process = ReadField (OwningProcess);
  1716. }
  1717. else {
  1718. process = ReadField (ProcessCharge.Process);
  1719. }
  1721. if (GetFieldValue (
  1722. process,
  1723. "NT!_EPROCESS",
  1724. "UniqueProcessId",
  1725. pid)!=0) {
  1726. pid = 0;
  1727. }
  1729. dprintf(
  1730. " OwningProcess = %p (0x%lx)\n",
  1731. process, (ULONG)pid
  1732. );
  1734. dprintf(
  1735. " DeviceObject = %p\n",
  1736. ReadField (DeviceObject)
  1737. );
  1739. dprintf(
  1740. " RemoteAddress = %p\n",
  1741. address = ReadField (RemoteAddress)
  1742. );
  1744. length = (USHORT)ReadField (RemoteAddressLength);
  1745. dprintf(
  1746. " RemoteAddressLength = %lu\n",
  1747. length
  1748. );
  1750. if( address != 0 ) {
  1752. if (ReadMemory (address,
  1753. transportAddress,
  1754. length<sizeof (transportAddress)
  1755. ? length
  1756. : sizeof (transportAddress),
  1757. &length)) {
  1758. DumpTransportAddress(
  1759. " ",
  1760. (PTRANSPORT_ADDRESS)transportAddress,
  1761. address
  1762. );
  1763. }
  1764. else {
  1765. dprintf ("\nDumpAfdConnection: Could not read transport address @ %p\n", address);
  1766. }
  1769. }
  1770. else if ((state==AfdConnectionStateConnected) && (endpAddr!=0)) {
  1771. ULONG result;
  1772. ULONG64 contextAddr;
  1773. //
  1774. // Attempt to read user mode data stored as the context
  1775. //
  1776. result = GetRemoteAddressFromContext (endpAddr,
  1777. transportAddress,
  1778. sizeof (transportAddress),
  1779. &contextAddr);
  1780. if (result==0) {
  1781. DumpTransportAddress(
  1782. " ",
  1783. (PTRANSPORT_ADDRESS)transportAddress,
  1784. contextAddr
  1785. );
  1786. }
  1787. else if (GetFieldValue (endpAddr, "AFD!AFD_ENDPOINT",
  1788. "TransportInfo", address)==0
  1789. && address!=0) {
  1790. PLIST_ENTRY listEntry;
  1791. PAFDKD_TRANSPORT_INFO transportInfo = NULL;
  1792. listEntry = TransportInfoList.Flink;
  1793. while (listEntry!=&TransportInfoList) {
  1794. transportInfo = CONTAINING_RECORD (listEntry, AFDKD_TRANSPORT_INFO, Link);
  1795. if (transportInfo->ActualAddress==address)
  1796. break;
  1797. listEntry = listEntry->Flink;
  1798. }
  1800. if (listEntry==&TransportInfoList) {
  1801. transportInfo = ReadTransportInfo (address);
  1802. if (transportInfo!=NULL) {
  1803. InsertHeadList (&TransportInfoList, &transportInfo->Link);
  1804. }
  1805. }
  1807. if (transportInfo!=NULL &&
  1808. (_wcsicmp (transportInfo->DeviceName, L"\\Device\\TCP")==0)) {
  1809. if ((result=GetRemoteAddressFromTcp (fileObject,
  1810. transportAddress,
  1811. sizeof (transportAddress)))==0) {
  1812. DumpTransportAddress(
  1813. " ",
  1814. (PTRANSPORT_ADDRESS)transportAddress,
  1815. fileObject
  1816. );
  1817. }
  1818. else {
  1819. dprintf ("\nDumpAfdConnection: Could not get remote address from tcp file @ %p err: %ld)!\n",
  1820. fileObject, result);
  1821. }
  1822. }
  1823. }
  1825. if (result!=0) {
  1826. dprintf ("\nDumpAfdConnection: Could not read address info from endpoint context @ %p err: %ld)!\n",
  1827. contextAddr, result);
  1828. }
  1829. }
  1833. if( IsReferenceDebug ) {
  1835. dprintf(
  1836. " ReferenceDebug = %p\n",
  1837. ActualAddress + ConnRefOffset
  1838. );
  1840. if (SavedMinorVersion>=3554) {
  1841. ULONGLONG refCount;
  1842. refCount = ReadField (CurrentReferenceSlot);
  1843. if (SystemTime.QuadPart!=0) {
  1844. dprintf(
  1845. " CurrentReferenceSlot = %lu (@ %s)\n",
  1846. (ULONG)refCount & AFD_REF_MASK,
  1847. SystemTimeToString (
  1848. (((ReadField (CurrentTimeHigh)<<32) +
  1849. (refCount&(~AFD_REF_MASK)))<<(13-AFD_REF_SHIFT))+
  1850. SystemTime.QuadPart -
  1851. InterruptTime.QuadPart)
  1852. );
  1854. }
  1855. else {
  1856. dprintf(
  1857. " CurrentReferenceSlot = %lu (@ %I64u ms since boot)\n",
  1858. (ULONG)refCount & AFD_REF_MASK,
  1859. (((ReadField (CurrentTimeHigh)<<32) +
  1860. (refCount&(~AFD_REF_MASK)))<<(13-AFD_REF_SHIFT))/(10*1000)
  1861. );
  1862. }
  1863. }
  1864. else {
  1865. dprintf(
  1866. " CurrentReferenceSlot = %lu\n",
  1867. (ULONG)ReadField (CurrentReferenceSlot) & AFD_REF_MASK
  1868. );
  1869. }
  1872. }
  1874. #ifdef _AFD_VERIFY_DATA_
  1875. dprintf(
  1876. " VerifySequenceNumber = %lx\n",
  1877. (LONG)ReadField (VerifySequenceNumber)
  1878. );
  1879. #endif
  1880. dprintf( "\n" );
  1882. } // DumpAfdConnection
  1884. VOID
  1885. DumpAfdConnectionBrief(
  1886. ULONG64 ActualAddress
  1887. )
  1888. /*++
  1890. Routine Description:
  1892. Dumps the specified AFD_CONNECTION structure in short format.
  1894. Connectn Stat Flags SndB-cnt RcvB-cnt Pid Endpoint Remote Address"
  1895. xxxxxxxx xxx xxxxxxx xxxxx-xx xxxxx-xx xxxx xxxxxxxx xxxxxxxxxxxxxx"
  1897. Connection Stat Flags SndB-cnt RcvB-cnt Pid Endpoint Remote Address"
  1898. xxxxxxxxxxx xxx xxxxxxx xxxxx-xx xxxxx-xx xxxx xxxxxxxxxxx xxxxxxxxxxxxxx
  1901. Arguments:
  1903. ActualAddress - The actual address where the structure resides on the
  1904. debugee.
  1906. Return Value:
  1908. None.
  1910. --*/
  1911. {
  1912. CHAR transportAddress[MAX_TRANSPORT_ADDR];
  1913. ULONG64 address, endpAddr, pid, process;
  1914. ULONG length;
  1915. LPSTR raddr;
  1916. USHORT type, state;
  1917. BOOLEAN tdiBuf;
  1919. type = (USHORT)ReadField (Type);
  1920. state = (USHORT)ReadField (State);
  1921. endpAddr = ReadField (Endpoint);
  1922. address = ReadField (RemoteAddress);
  1923. length = (ULONG)ReadField (RemoteAddressLength);
  1924. tdiBuf = ReadField (TdiBufferring)!=0;
  1926. if( address != 0 ) {
  1927. if (ReadMemory (address,
  1928. transportAddress,
  1929. length<sizeof (transportAddress)
  1930. ? length
  1931. : sizeof (transportAddress),
  1932. &length)) {
  1933. raddr = TransportAddressToString(
  1934. (PTRANSPORT_ADDRESS)transportAddress,
  1935. address
  1936. );
  1937. }
  1938. else {
  1939. _snprintf (transportAddress, sizeof (transportAddress)-1,
  1940. "Read error @%I64X",
  1941. IsPtr64 () ? address : (address & 0xFFFFFFFF));
  1942. transportAddress[sizeof(transportAddress)-1]=0;
  1943. raddr = transportAddress;
  1944. }
  1945. }
  1946. else if ((state==AfdConnectionStateConnected) && (endpAddr!=0)) {
  1947. ULONG result;
  1948. ULONG64 contextAddr;
  1949. //
  1950. // Attempt to read user mode data stored as the context
  1951. //
  1952. result = GetRemoteAddressFromContext (endpAddr,
  1953. transportAddress,
  1954. sizeof (transportAddress),
  1955. &contextAddr);
  1956. if (result==0) {
  1957. raddr = TransportAddressToString(
  1958. (PTRANSPORT_ADDRESS)transportAddress,
  1959. contextAddr
  1960. );
  1961. }
  1962. else if (GetFieldValue (endpAddr, "AFD!AFD_ENDPOINT",
  1963. "TransportInfo", address)==0
  1964. && address!=0) {
  1965. PLIST_ENTRY listEntry;
  1966. PAFDKD_TRANSPORT_INFO transportInfo = NULL;
  1967. listEntry = TransportInfoList.Flink;
  1968. while (listEntry!=&TransportInfoList) {
  1969. transportInfo = CONTAINING_RECORD (listEntry, AFDKD_TRANSPORT_INFO, Link);
  1970. if (transportInfo->ActualAddress==address)
  1971. break;
  1972. listEntry = listEntry->Flink;
  1973. }
  1975. if (listEntry==&TransportInfoList) {
  1976. transportInfo = ReadTransportInfo (address);
  1977. if (transportInfo!=NULL) {
  1978. InsertHeadList (&TransportInfoList, &transportInfo->Link);
  1979. }
  1980. }
  1982. if (transportInfo!=NULL &&
  1983. (_wcsicmp (transportInfo->DeviceName, L"\\Device\\TCP")==0)) {
  1984. ULONG64 fileObject = ReadField (FileObject);
  1985. if ((result=GetRemoteAddressFromTcp (fileObject,
  1986. transportAddress,
  1987. sizeof (transportAddress)))==0) {
  1988. raddr = TransportAddressToString(
  1989. (PTRANSPORT_ADDRESS)transportAddress,
  1990. fileObject
  1991. );
  1993. }
  1994. else {
  1995. contextAddr = fileObject;
  1996. }
  1997. }
  1998. }
  2000. if (result!=0) {
  2001. _snprintf (transportAddress, sizeof (transportAddress)-1,
  2002. "Read error %ld @ %I64X", result,
  2003. IsPtr64 () ? contextAddr : (contextAddr & 0xFFFFFFFF));
  2004. transportAddress[sizeof(transportAddress)-1]=0;
  2005. raddr = transportAddress;
  2006. }
  2007. }
  2008. else {
  2009. raddr = "";
  2010. }
  2012. if (SavedMinorVersion>=2419) {
  2013. process = ReadField (OwningProcess);
  2014. }
  2015. else {
  2016. process = ReadField (ProcessCharge.Process);
  2017. }
  2019. if (GetFieldValue (
  2020. process,
  2021. "NT!_EPROCESS",
  2022. "UniqueProcessId",
  2023. pid)!=0) {
  2024. pid = 0;
  2025. }
  2027. // Connection Sta Flg SndB RcvB Pid Endpoint RemA
  2028. dprintf (
  2029. IsPtr64 ()
  2030. ? "\n%011.011p %3s %7s %5.5x-%2.2x %5.5x-%2.2x %4.4x %011.011p %-s"
  2031. : "\n%008.008p %3s %7s %5.5x-%2.2x %5.5x-%2.2x %4.4x %008.008p %-s",
  2032. DISP_PTR(ActualAddress),
  2033. ConnectionStateToStringBrief (state),
  2034. ConnectionStateFlagsToString (),
  2035. tdiBuf
  2036. ? (ULONG)0
  2037. : (ULONG)ReadField (Common.NonBufferring.BufferredSendBytes),
  2038. tdiBuf
  2039. ? (ULONG)0
  2040. : (ULONG)ReadField (Common.NonBufferring.BufferredSendCount),
  2041. tdiBuf
  2042. ? (ULONG)(ReadField (Common.Bufferring.ReceiveBytesIndicated.QuadPart)
  2043. - ReadField (Common.Bufferring.ReceiveBytesTaken.QuadPart))
  2044. : (ULONG)(ReadField (Common.NonBufferring.BufferredReceiveBytes)
  2045. + ReadField (Common.NonBufferring.ReceiveBytesInTransport)),
  2046. tdiBuf
  2047. ? 0
  2048. : (ULONG)ReadField (Common.NonBufferring.BufferredReceiveCount),
  2049. (ULONG)pid,
  2050. DISP_PTR(endpAddr),
  2051. raddr
  2052. );
  2053. }
  2055. VOID
  2056. DumpAfdReferenceDebug(
  2057. ULONG64 ActualAddress,
  2058. LONGLONG Idx
  2059. )
  2061. /*++
  2063. Routine Description:
  2065. Dumps the AFD_REFERENCE_DEBUG structures associated with an
  2066. AFD_CONNECTION object.
  2068. Arguments:
  2070. ReferenceDebug - Points to an array of AFD_REFERENCE_DEBUG structures.
  2071. There are assumed to be AFD_MAX_REF entries in this array.
  2073. ActualAddress - The actual address where the array resides on the
  2074. debugee.
  2076. Return Value:
  2078. None.
  2080. --*/
  2082. {
  2084. ULONG i;
  2085. ULONG result;
  2086. CHAR filePath[MAX_PATH];
  2087. CHAR message[256];
  2088. ULONG64 format;
  2089. ULONG64 address;
  2090. ULONG64 locationTable;
  2091. LONG64 timeLast;
  2092. ULONG newCount;
  2093. ULONG locationId;
  2094. ULONGLONG timeExp;
  2095. ULONGLONG timeDif;
  2096. ULONGLONG tickCount;
  2097. ULONG param;
  2098. ULONGLONG quadPart;
  2101. if (RefDebugSize==0) {
  2102. dprintf ("\nDumpAfdReferenceDebug: sizeof(AFD!AFD_REFERENCE_DEBUG) is 0!!!\n");
  2103. return;
  2104. }
  2106. result = ReadPtr (GetExpression ("AFD!AfdLocationTable"),
  2107. &locationTable);
  2108. if (result!=0) {
  2109. dprintf("\nDumpAfdReferenceDebug: Could not read afd!AfdLocationTable, err: %ld\n", result);
  2110. return;
  2111. }
  2114. if (SavedMinorVersion>=3554) {
  2115. if (SystemTime.QuadPart!=0) {
  2116. dprintf(
  2117. "AFD_REFERENCE_DEBUG @ %p (current time: %s)\n",
  2118. ActualAddress,
  2119. SystemTimeToString(SystemTime.QuadPart)
  2120. );
  2121. }
  2122. else {
  2123. dprintf(
  2124. "AFD_REFERENCE_DEBUG @ %p\n",
  2125. ActualAddress
  2126. );
  2127. }
  2128. }
  2129. else {
  2130. dprintf(
  2131. "AFD_REFERENCE_DEBUG @ %p (current time: %I64d (%I64d) ms)\n",
  2132. ActualAddress,
  2133. ((LONGLONG)TickCount*TicksToMs)>>24,
  2134. ((LONGLONG)(USHORT)TickCount*TicksToMs)>>24
  2135. );
  2136. }
  2139. timeLast = Idx>>AFD_REF_SHIFT;
  2141. if (SavedMinorVersion>=3554)
  2142. Idx = (Idx-1) & AFD_REF_MASK;
  2143. else
  2144. Idx &= AFD_REF_MASK;
  2145. for( i = 0 ; i < AFD_MAX_REF ; i++, Idx=(Idx-1)&AFD_REF_MASK ) {
  2146. if( CheckControlC() ) {
  2148. break;
  2150. }
  2152. result = (ULONG)InitTypeRead (ActualAddress+Idx*sizeof (AFD_REFERENCE_DEBUG),
  2153. AFD!AFD_REFERENCE_DEBUG);
  2154. if (result!=0) {
  2155. dprintf ("\nDumpAfdReferenceDebug: Could not read AFD_REFERENCE_DEBUG @ %p(%ld), err: %ld\n",
  2156. ActualAddress+Idx*sizeof (AFD_REFERENCE_DEBUG), Idx, result);
  2157. return;
  2158. }
  2161. quadPart = ReadField (QuadPart);
  2162. if( quadPart==0) {
  2164. continue;
  2166. }
  2167. newCount = (ULONG)ReadField (NewCount);
  2168. locationId = (ULONG)ReadField (LocationId);
  2169. param = (ULONG)ReadField (Param);
  2170. if (SavedMinorVersion>=3554) {
  2171. timeExp = ReadField (TimeExp);
  2172. timeDif = ReadField (TimeDif);
  2173. }
  2174. else {
  2175. tickCount = ReadField (TickCount);
  2176. }
  2178. if (GetFieldValue (locationTable+RefDebugSize*(locationId-1),
  2179. "AFD!AFD_REFERENCE_LOCATION",
  2180. "Format",
  2181. format)==0 &&
  2182. GetFieldValue (locationTable+RefDebugSize*(locationId-1),
  2183. "AFD!AFD_REFERENCE_LOCATION",
  2184. "Address",
  2185. address)==0 &&
  2186. (ReadMemory (format,
  2187. filePath,
  2188. sizeof (filePath),
  2189. &result) ||
  2190. (result>0 && filePath[result-1]==0))) {
  2191. CHAR *fileName;
  2192. fileName = strrchr (filePath, '\\');
  2193. if (fileName!=NULL) {
  2194. fileName += 1;
  2195. }
  2196. else {
  2197. fileName = filePath;
  2198. }
  2199. _snprintf (message, sizeof (message)-1, fileName, param);
  2200. message[sizeof(message)-1]=0;
  2201. }
  2202. else {
  2203. _snprintf (message, sizeof (message)-1, "%lx %lx",
  2204. locationId,
  2205. param);
  2206. message[sizeof(message)-1]=0;
  2207. }
  2209. if (SavedMinorVersion>=3554) {
  2210. if (SystemTime.QuadPart!=0) {
  2211. dprintf (" %3lu %s -> %ld @ %s\n",
  2212. (ULONG)Idx, message, newCount,
  2213. SystemTimeToString(
  2214. (timeLast<<13)+
  2215. SystemTime.QuadPart -
  2216. InterruptTime.QuadPart
  2217. )
  2218. );
  2219. }
  2220. else {
  2221. dprintf (" %3lu %s -> %ld @ %I64u ms since boot\n",
  2222. (ULONG)Idx, message, newCount,
  2223. (timeLast<<13)/(10*1000)
  2224. );
  2225. }
  2226. timeLast -= timeDif<<(timeExp*AFD_TIME_EXP_SHIFT);
  2227. }
  2228. else {
  2229. dprintf (" %3lu %s -> %ld @ %u %s\n",
  2230. (ULONG)Idx, message, newCount,
  2231. (TicksToMs!=0)
  2232. ? (ULONG)((tickCount*TicksToMs)>>24)
  2233. : (ULONG)tickCount,
  2234. (TicksToMs!=0) ? "ms" : ""
  2235. );
  2236. }
  2238. }
  2240. } // DumpAfdReferenceDebug
  2243. #if GLOBAL_REFERENCE_DEBUG
  2244. BOOL
  2245. DumpAfdGlobalReferenceDebug(
  2246. PAFD_GLOBAL_REFERENCE_DEBUG ReferenceDebug,
  2247. ULONG64 ActualAddress,
  2248. DWORD CurrentSlot,
  2249. DWORD StartingSlot,
  2250. DWORD NumEntries,
  2251. ULONG64 CompareAddress
  2252. )
  2254. /*++
  2256. Routine Description:
  2258. Dumps the AFD_GLOBAL_REFERENCE_DEBUG structures.
  2260. Arguments:
  2262. ReferenceDebug - Points to an array of AFD_GLOBAL_REFERENCE_DEBUG
  2263. structures. There are assumed to be MAX_GLOBAL_REFERENCE entries
  2264. in this array.
  2266. ActualAddress - The actual address where the array resides on the
  2267. debugee.
  2269. CurrentSlot - The last slot used.
  2271. CompareAddress - If zero, then dump all records. Otherwise, only dump
  2272. those records with a matching connection pointer.
  2274. Return Value:
  2276. None.
  2278. --*/
  2280. {
  2282. ULONG result;
  2283. LPSTR fileName;
  2284. CHAR decoration;
  2285. CHAR filePath[MAX_PATH];
  2286. CHAR action[16];
  2287. BOOL foundEnd = FALSE;
  2288. ULONG lowTick;
  2290. if( StartingSlot == 0 ) {
  2292. dprintf(
  2293. "AFD_GLOBAL_REFERENCE_DEBUG @ %p, Current Slot = %lu\n",
  2294. ActualAddress,
  2295. CurrentSlot
  2296. );
  2298. }
  2300. for( ; NumEntries > 0 ; NumEntries--, StartingSlot++, ReferenceDebug++ ) {
  2302. if( CheckControlC() ) {
  2304. foundEnd = TRUE;
  2305. break;
  2307. }
  2309. if( ReferenceDebug->Info1 == NULL &&
  2310. ReferenceDebug->Info2 == NULL &&
  2311. ReferenceDebug->Action == 0 &&
  2312. ReferenceDebug->NewCount == 0 &&
  2313. ReferenceDebug->Connection == NULL ) {
  2315. foundEnd = TRUE;
  2316. break;
  2318. }
  2320. if( CompareAddress != 0 &&
  2321. ReferenceDebug->Connection != (PVOID)CompareAddress ) {
  2323. continue;
  2325. }
  2327. if( ReferenceDebug->Action == 0 ||
  2328. ReferenceDebug->Action == 1 ||
  2329. ReferenceDebug->Action == (ULONG64)-1L ) {
  2331. _snprintf(
  2332. action, sizeof (action),
  2333. "%ld",
  2334. PtrToUlong(ReferenceDebug->Action)
  2335. );
  2336. action[sizeof(action)-1]=0;
  2338. } else {
  2340. _snprintf(
  2341. action, sizeof (action),
  2342. "%p",
  2343. ReferenceDebug->Action
  2344. );
  2345. action[sizeof(action)-1]=0;
  2347. }
  2349. decoration = ( StartingSlot == CurrentSlot ) ? '>' : ' ';
  2350. lowTick = ReferenceDebug->TickCounter.LowPart;
  2352. switch( (ULONG64)ReferenceDebug->Info1 ) {
  2354. case 0xafdafd02 :
  2355. dprintf(
  2356. "%c %3lu: %p (%8lu) Buffered Send, IRP @ %plx [%s] -> %lu\n",
  2357. decoration,
  2358. StartingSlot,
  2359. (ULONG64)ReferenceDebug->Connection,
  2360. lowTick,
  2361. (ULONG64)ReferenceDebug->Info2,
  2362. action,
  2363. ReferenceDebug->NewCount
  2364. );
  2365. break;
  2367. case 0xafdafd03 :
  2368. dprintf(
  2369. "%c %3lu: %p (%8lu) Nonbuffered Send, IRP @ %p [%s] -> %lu\n",
  2370. decoration,
  2371. StartingSlot,
  2372. (ULONG64)ReferenceDebug->Connection,
  2373. lowTick,
  2374. (ULONG64)ReferenceDebug->Info2,
  2375. action,
  2376. ReferenceDebug->NewCount
  2377. );
  2378. break;
  2380. case 0xafd11100 :
  2381. case 0xafd11101 :
  2382. dprintf(
  2383. "%c %3lu: %p (%8lu) AfdRestartSend (%p), IRP @ %p [%s] -> %lu\n",
  2384. decoration,
  2385. StartingSlot,
  2386. (ULONG64)ReferenceDebug->Connection,
  2387. lowTick,
  2388. (ULONG64)ReferenceDebug->Info1,
  2389. (ULONG64)ReferenceDebug->Info2,
  2390. action,
  2391. ReferenceDebug->NewCount
  2392. );
  2393. break;
  2395. case 0xafd11102 :
  2396. case 0xafd11103 :
  2397. case 0xafd11104 :
  2398. case 0xafd11105 :
  2399. dprintf(
  2400. "%c %3lu: %p (%8lu) AfdRestartBufferSend (%p), IRP @ %p [%s] -> %lu\n",
  2401. decoration,
  2402. StartingSlot,
  2403. (ULONG64)ReferenceDebug->Connection,
  2404. lowTick,
  2405. (ULONG64)ReferenceDebug->Info1,
  2406. (ULONG64)ReferenceDebug->Info2,
  2407. action,
  2408. ReferenceDebug->NewCount
  2409. );
  2410. break;
  2412. case 0 :
  2413. if( ReferenceDebug->Info2 == NULL ) {
  2415. dprintf(
  2416. "%c %3lu: %p (%8lu) AfdDeleteConnectedReference (%p)\n",
  2417. decoration,
  2418. StartingSlot,
  2419. (ULONG64)ReferenceDebug->Connection,
  2420. lowTick,
  2421. (ULONG64)ReferenceDebug->Action
  2422. );
  2423. break;
  2425. } else {
  2427. //
  2428. // Fall through to default case.
  2429. //
  2431. }
  2433. default :
  2434. if( ReadMemory(
  2435. (ULONG64)ReferenceDebug->Info1,
  2436. filePath,
  2437. sizeof(filePath),
  2438. &result
  2439. ) ) {
  2441. fileName = strrchr( filePath, '\\' );
  2443. if( fileName != NULL ) {
  2445. fileName++;
  2447. } else {
  2449. fileName = filePath;
  2451. }
  2453. } else {
  2455. _snprintf(
  2456. filePath, sizeof (filePath),
  2457. "%p",
  2458. ReferenceDebug->Info1
  2459. );
  2460. filePath[sizeof(filePath)-1]=0;
  2462. fileName = filePath;
  2464. }
  2466. dprintf(
  2467. "%c %3lu: %p (%8lu) %s:%lu [%s] -> %lu\n",
  2468. decoration,
  2469. StartingSlot,
  2470. (ULONG64)ReferenceDebug->Connection,
  2471. lowTick,
  2472. fileName,
  2473. PtrToUlong (ReferenceDebug->Info2),
  2474. action,
  2475. ReferenceDebug->NewCount
  2476. );
  2477. break;
  2479. }
  2481. }
  2483. return foundEnd;
  2485. } // DumpAfdGlobalReferenceDebug
  2486. #endif
  2488. VOID
  2489. DumpAfdTransmitInfo(
  2490. ULONG64 ActualAddress
  2491. )
  2492. {
  2494. dprintf(
  2495. "\nAFD_TRANSMIT_FILE_INFO_INTERNAL @ %p\n",
  2496. ActualAddress
  2497. );
  2499. dprintf(
  2500. " Endpoint = %p\n",
  2501. ReadField (Endpoint)
  2502. );
  2504. dprintf(
  2505. " ReferenceCount = %ld\n",
  2506. (ULONG)ReadField (ReferenceCount)
  2507. );
  2509. dprintf(
  2510. " Flags = %08lx\n",
  2511. (ULONG)ReadField (Flags)
  2512. );
  2514. dprintf(
  2515. " WorkerScheduled = %s\n",
  2516. BooleanToString( ReadField (WorkerScheduled)!=0 )
  2517. );
  2519. dprintf(
  2520. " AbortPending = %s\n",
  2521. BooleanToString( ReadField (AbortPending)!=0 )
  2522. );
  2524. dprintf(
  2525. " NeedSendHead = %s\n",
  2526. BooleanToString( ReadField (NeedSendHead)!=0 )
  2527. );
  2529. dprintf(
  2530. " ReuseInProgress = %s\n",
  2531. BooleanToString( ReadField (ReuseInProgress)!=0 )
  2532. );
  2534. dprintf(
  2535. " SendAndDisconnect = %s\n",
  2536. BooleanToString( ReadField (SendAndDisconnect)!=0 )
  2537. );
  2539. dprintf(
  2540. " SendPacketLength = %08lx\n",
  2541. (ULONG)ReadField (SendPacketLength)
  2542. );
  2544. dprintf(
  2545. " FileReadOffset = %I64x\n",
  2546. ReadField (FileReadOffset)
  2547. );
  2549. dprintf(
  2550. " FileReadEnd = %I64x\n",
  2551. ReadField (FileReadEnd)
  2552. );
  2554. dprintf(
  2555. " FsFileObject = %p\n",
  2556. ReadField (FsFileObject)
  2557. );
  2559. dprintf(
  2560. " FsDeviceObject = %p\n",
  2561. ReadField (FsDeviceObject)
  2562. );
  2564. dprintf(
  2565. " TdiFileObject = %p\n",
  2566. ReadField (TdiFileObject)
  2567. );
  2569. dprintf(
  2570. " TdiDeviceObject = %p\n",
  2571. ReadField (TdiDeviceObject)
  2572. );
  2574. dprintf(
  2575. " TransmitIrp = %p\n",
  2576. ReadField (TransmitIrp)
  2577. );
  2579. dprintf(
  2580. " SendIrp1 = %p%s\n",
  2581. ReadField (SendIrp1),
  2582. ReadField (Irp1Done)
  2583. ? " (DONE)"
  2584. : ""
  2585. );
  2587. dprintf(
  2588. " SendIrp2 = %p%s\n",
  2589. ReadField (SendIrp2),
  2590. ReadField (Irp2Done)
  2591. ? " (DONE)"
  2592. : ""
  2593. );
  2595. dprintf(
  2596. " ReadIrp = %p%s\n",
  2597. ReadField (ReadIrp),
  2598. ReadField (IrpRDone)
  2599. ? " (DONE)"
  2600. : ""
  2601. );
  2603. dprintf(
  2604. " HeadMdl = %p\n",
  2605. ReadField (HeadMdl)
  2606. );
  2608. dprintf(
  2609. " TailMdl = %p\n",
  2610. ReadField (TailMdl)
  2611. );
  2613. dprintf(
  2614. " PreTailMdl = %p\n",
  2615. ReadField (PreTailMdl)
  2616. );
  2618. dprintf(
  2619. " WithTailMdl = %p\n",
  2620. ReadField (WithTailMdl)
  2621. );
  2623. dprintf(
  2624. " LastFileMdl/Buffer = %p\n",
  2625. ReadField (LastFileMdl)
  2626. );
  2628. if( IsReferenceDebug ) {
  2630. dprintf(
  2631. " ReferenceDebug = %p\n",
  2632. ActualAddress+TPackRefOffset
  2633. );
  2635. dprintf(
  2636. " CurrentReferenceSlot = %lu\n",
  2637. (ULONG)ReadField (CurrentReferenceSlot) & AFD_REF_MASK
  2638. );
  2640. }
  2641. dprintf( "\n" );
  2643. } // DumpAfdTransmitInfo
  2645. VOID
  2646. DumpAfdTransmitInfoBrief (
  2647. ULONG64 ActualAddress
  2648. )
  2649. /*
  2650. "TranInfo I R P S Endpoint Flags Cur.Read Read\n"
  2651. "Address Transmit Send1 Send2 Read Address Offset End \n"
  2652. */
  2653. {
  2654. dprintf ("\n%p %p %p %p %p %p %s %8.8lx %8.8lx",
  2655. ActualAddress,
  2656. ReadField (TransmitIrp),
  2657. ReadField (SendIrp1),
  2658. ReadField (SendIrp2),
  2659. ReadField (ReadIrp),
  2660. ReadField (Endpoint),
  2661. TranfileFlagsToString (),
  2662. (ULONG)ReadField (FileReadOffset),
  2663. (ULONG)ReadField (FileReadEnd));
  2665. } // DumpAfdTransmitInfoBrief
  2667. VOID
  2668. DumpAfdTPacketsInfo(
  2669. ULONG64 ActualAddress
  2670. )
  2671. {
  2672. if (SavedMinorVersion>=3549) {
  2673. DumpAfdTPacketsInfoNet (ActualAddress);
  2674. }
  2675. else {
  2676. DumpAfdTPacketsInfoXp (ActualAddress);
  2677. }
  2678. }
  2680. VOID
  2681. DumpAfdTPacketsInfoBrief(
  2682. ULONG64 ActualAddress
  2683. )
  2684. {
  2685. if (SavedMinorVersion>=3549) {
  2686. DumpAfdTPacketsInfoBriefNet (ActualAddress);
  2687. }
  2688. else {
  2689. DumpAfdTPacketsInfoBriefXp (ActualAddress);
  2690. }
  2691. }
  2693. VOID
  2694. DumpAfdTPacketsInfoNet(
  2695. ULONG64 ActualAddress
  2696. )
  2697. {
  2698. ULONG64 fileAddr, endpAddr, tpInfoAddr, irpSpAddr;
  2699. ULONG64 i;
  2700. ULONG Flags, StateFlags, NumSendIrps, RefCount;
  2701. ULONG result;
  2704. irpSpAddr = ReadField (Tail.Overlay.CurrentStackLocation);
  2705. tpInfoAddr = ReadField (AssociatedIrp.SystemBuffer);
  2707. if ( (result=GetFieldValue (ActualAddress+DriverContextOffset,
  2708. "AFD!AFD_TPACKETS_IRP_CTX",
  2709. "Flags",
  2710. Flags)) !=0 ||
  2711. (result=GetFieldValue (ActualAddress+DriverContextOffset,
  2712. "AFD!AFD_TPACKETS_IRP_CTX",
  2713. "StateFlags",
  2714. StateFlags)) !=0 ||
  2715. (result=GetFieldValue (ActualAddress+DriverContextOffset,
  2716. "AFD!AFD_TPACKETS_IRP_CTX",
  2717. "ReferenceCount",
  2718. RefCount)) !=0 ) {
  2719. dprintf(
  2720. "\ntran: Could not read AFD_TPACKETS_IRP_CTX @ %p, err:%d\n",
  2721. ActualAddress+DriverContextOffset, result
  2722. );
  2723. return;
  2724. }
  2726. if ( (result = GetFieldValue (irpSpAddr,
  2727. "NT!_IO_STACK_LOCATION",
  2728. "FileObject",
  2729. fileAddr)) !=0 ) {
  2730. dprintf(
  2731. "\ntran: Could not read IO_STACK_LOCATION @ %p for IRP @ %p, err:%d\n",
  2732. irpSpAddr, ActualAddress, result
  2733. );
  2734. return;
  2735. }
  2737. result = GetFieldValue (fileAddr,
  2738. "NT!_FILE_OBJECT",
  2739. "FsContext",
  2740. endpAddr);
  2741. if (result!=0) {
  2742. dprintf(
  2743. "\ntran: Could not read FsContext of FILE_OBJECT @ %p for IRP @ %p, err:%d\n",
  2744. fileAddr, ActualAddress, result
  2745. );
  2746. return;
  2747. }
  2749. dprintf(
  2750. "\nAFD_TRANSMIT_FILE_INFO_INTERNAL @ %p\n",
  2751. tpInfoAddr
  2752. );
  2754. dprintf(
  2755. " Endpoint = %p\n",
  2756. endpAddr
  2757. );
  2759. dprintf(
  2760. " TransmitIrp = %p (%d more irp(s) pending)\n",
  2761. ActualAddress,
  2762. CountListEntries (ActualAddress+DriverContextOffset));
  2764. dprintf(
  2765. " ReferenceCount = %ld\n",
  2766. RefCount
  2767. );
  2769. dprintf(
  2770. " Flags = %08lx (",
  2771. Flags
  2772. );
  2774. if (Flags & AFD_TF_WRITE_BEHIND)
  2775. dprintf ("WrB ");
  2776. if (Flags & AFD_TF_DISCONNECT)
  2777. dprintf ("Dsc ");
  2778. if (Flags & AFD_TF_REUSE_SOCKET)
  2779. dprintf ("Reu ");
  2780. if (Flags & AFD_TF_USE_SYSTEM_THREAD)
  2781. dprintf ("Sys ");
  2782. if (Flags & AFD_TF_USE_KERNEL_APC)
  2783. dprintf ("Apc ");
  2784. dprintf (")\n");
  2786. dprintf(
  2787. " StateFlags = %08lx (",
  2788. StateFlags
  2789. );
  2790. if (StateFlags & AFD_TP_ABORT_PENDING)
  2791. dprintf ("Abrt ");
  2792. if (StateFlags & AFD_TP_WORKER_SCHEDULED)
  2793. dprintf ("WrkS ");
  2794. if (StateFlags & AFD_TP_SENDS_POSTED)
  2795. dprintf ("Post ");
  2796. if (StateFlags & AFD_TP_QUEUED)
  2797. dprintf ("Qued ");
  2798. if (StateFlags & AFD_TP_SEND)
  2799. dprintf ("Send ");
  2800. if (StateFlags & AFD_TP_AFD_SEND)
  2801. dprintf ("AfdS ");
  2802. if (StateFlags & AFD_TP_SEND_AND_DISCONNECT)
  2803. dprintf ("S&D ");
  2805. if (tpInfoAddr==-1) {
  2806. dprintf(
  2807. "Reusing)\n"
  2808. );
  2809. }
  2810. else if (tpInfoAddr!=0) {
  2812. result = (ULONG)InitTypeRead (tpInfoAddr, AFD!AFD_TPACKETS_INFO_INTERNAL);
  2813. if (result!=0) {
  2814. dprintf(
  2815. "\ntran: Could not read AFD_TPACKETS_INFO_INTERNAL @ %p, err:%d\n",
  2816. tpInfoAddr, result
  2817. );
  2818. return;
  2819. }
  2821. if (ReadField(PdNeedsPps))
  2822. dprintf ("Pps ");
  2823. if (ReadField(ArrayAllocated))
  2824. dprintf ("Alloc ");
  2825. dprintf (")\n");
  2827. dprintf(
  2828. " SendPacketLength = %08lx\n",
  2829. (ULONG)ReadField (SendPacketLength)
  2830. );
  2832. dprintf(
  2833. " PdLength = %08lx\n",
  2834. (ULONG)ReadField (PdLength)
  2835. );
  2837. dprintf(
  2838. " NextElement = %d\n",
  2839. (ULONG)ReadField (NextElement)
  2840. );
  2842. dprintf(
  2843. " ElementCount = %d\n",
  2844. (ULONG)ReadField (ElementCount)
  2845. );
  2847. dprintf(
  2848. " ElementArray = %p\n",
  2849. ReadField (ElementArray)
  2850. );
  2852. dprintf(
  2853. " RemainingPkts = %p\n",
  2854. ReadField (RemainingPkts)
  2855. );
  2857. dprintf(
  2858. " HeadPd = %p\n",
  2859. ReadField (HeadPd)
  2860. );
  2862. dprintf(
  2863. " TailPd = %p\n",
  2864. ReadField (TailPd)
  2865. );
  2867. dprintf(
  2868. " HeadMdl = %p\n",
  2869. ReadField (HeadMdl)
  2870. );
  2872. dprintf(
  2873. " TailMdl = %p\n",
  2874. ReadField (TailMdl)
  2875. );
  2877. dprintf(
  2878. " TdiFileObject = %p\n",
  2879. ReadField (TdiFileObject)
  2880. );
  2882. dprintf(
  2883. " TdiDeviceObject = %p\n",
  2884. ReadField (TdiDeviceObject)
  2885. );
  2888. dprintf(
  2889. " NumSendIrps = %08lx\n",
  2890. NumSendIrps = (LONG)ReadField (NumSendIrps)
  2891. );
  2893. for (i=0; i<NumSendIrps && i<AFD_TP_MAX_SEND_IRPS; i++) {
  2894. CHAR fieldName[16];
  2895. if (CheckControlC ())
  2896. break;
  2897. _snprintf (fieldName, sizeof (fieldName)-1, "SendIrp[%1d]",i);
  2898. fieldName[sizeof(fieldName)-1]=0;
  2899. dprintf(
  2900. " %s = %p%s\n",
  2901. fieldName,
  2902. GetShortField (0, fieldName, 0),
  2903. StateFlags & AFD_TP_SEND_BUSY(i)
  2904. ? " (BUSY)"
  2905. : ""
  2906. );
  2907. }
  2909. dprintf(
  2910. " ReadIrp = %p%s\n",
  2911. ReadField (ReadIrp),
  2912. StateFlags & AFD_TP_READ_BUSY
  2913. ? " (BUSY)"
  2914. : ""
  2915. );
  2917. if( IsReferenceDebug ) {
  2919. dprintf(
  2920. " ReferenceDebug = %p\n",
  2921. tpInfoAddr + TPackRefOffset
  2922. );
  2924. if (SavedMinorVersion>=3554) {
  2925. ULONGLONG refCount;
  2926. refCount = ReadField (CurrentReferenceSlot);
  2927. if (SystemTime.QuadPart!=0) {
  2928. dprintf(
  2929. " CurrentReferenceSlot = %lu (@ %s)\n",
  2930. (ULONG)refCount & AFD_REF_MASK,
  2931. SystemTimeToString (
  2932. (((ReadField (CurrentTimeHigh)<<32) +
  2933. (refCount&(~AFD_REF_MASK)))<<(13-AFD_REF_SHIFT))+
  2934. SystemTime.QuadPart -
  2935. InterruptTime.QuadPart
  2936. )
  2937. );
  2939. }
  2940. else {
  2941. dprintf(
  2942. " CurrentReferenceSlot = %lu (@ %I64u ms since boot)\n",
  2943. (ULONG)refCount & AFD_REF_MASK,
  2944. (((ReadField (CurrentTimeHigh)<<32) +
  2945. (refCount&(~AFD_REF_MASK)))<<(13-AFD_REF_SHIFT))/(10*1000)
  2946. );
  2947. }
  2948. }
  2949. else {
  2950. dprintf(
  2951. " CurrentReferenceSlot = %lu\n",
  2952. (ULONG)ReadField (CurrentReferenceSlot) & AFD_REF_MASK
  2953. );
  2954. }
  2955. }
  2956. }
  2957. dprintf( "\n" );
  2959. } // DumpAfdTPacketsInfoNet
  2961. VOID
  2962. DumpAfdTPacketsInfoBriefNet (
  2963. ULONG64 ActualAddress
  2964. )
  2965. /*
  2966. TPackets I R P S Endpoint Flags Next Elmt Mo
  2967. Address Transmit Send Read Address App | State Elmt Cnt. re
  2968. xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xxxx xxxxxxxxxxxxxxc xxxx xxxx xx
  2970. TPackets I R P S Endpoint Flags Next Elmt Mo
  2971. Address Transmit S1 Read Address App | State Elmt Cnt. re
  2972. xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxxxx xxxxxxxxxxx xxxx xxxxxxxxxxxxxxx xxxx xxxx xx
  2973. */
  2974. {
  2975. ULONG64 fileAddr, endpAddr, tpInfoAddr, irpSpAddr;
  2976. ULONG Flags, StateFlags;
  2977. ULONG result;
  2979. tpInfoAddr = ReadField (AssociatedIrp.SystemBuffer);
  2980. irpSpAddr = ReadField (Tail.Overlay.CurrentStackLocation);
  2981. if ( (result=GetFieldValue (ActualAddress+DriverContextOffset,
  2982. "AFD!AFD_TPACKETS_IRP_CTX",
  2983. "Flags",
  2984. Flags))!=0 ||
  2985. (result=GetFieldValue (ActualAddress+DriverContextOffset,
  2986. "AFD!AFD_TPACKETS_IRP_CTX",
  2987. "StateFlags",
  2988. StateFlags))!=0 ) {
  2989. dprintf(
  2990. "\ntran: Could not read AFD_TPACKETS_IRP_CTX @ %p, err:%d\n",
  2991. ActualAddress+DriverContextOffset, result
  2992. );
  2993. return;
  2994. }
  2996. if ( (result = GetFieldValue (irpSpAddr,
  2997. "NT!_IO_STACK_LOCATION",
  2998. "FileObject",
  2999. fileAddr))!=0 ) {
  3000. dprintf(
  3001. "\ntran: Could not read IO_STACK_LOCATION @ %p for IRP @ %p, err:%d\n",
  3002. irpSpAddr, ActualAddress, result
  3003. );
  3004. return;
  3005. }
  3007. result = GetFieldValue (fileAddr,
  3008. "NT!_FILE_OBJECT",
  3009. "FsContext",
  3010. endpAddr);
  3011. if (result!=0) {
  3012. dprintf(
  3013. "\ntran: Could not read FsContext of FILE_OBJECT @ %p for IRP @ %p, err:%d\n",
  3014. fileAddr, ActualAddress, result
  3015. );
  3016. return;
  3017. }
  3019. if (tpInfoAddr!=0 && tpInfoAddr!=-1 ) {
  3020. result = (ULONG)InitTypeRead (tpInfoAddr, AFD!AFD_TPACKETS_INFO_INTERNAL);
  3021. if (result!=0) {
  3022. dprintf(
  3023. "\ntran: Could not read AFD_TPACKETS_INFO_INTERNAL @ %p, err:%d\n",
  3024. tpInfoAddr, result
  3025. );
  3026. return;
  3027. }
  3029. dprintf (
  3030. IsPtr64()
  3031. ? "\n%011.011p %011.011p %03.03p %011.011p %011.011p %s %4ld %4ld %2ld"
  3032. : "\n%008.008p %008.008p %08.08p %008.008p %008.008p %s %4ld %4ld %2ld",
  3033. DISP_PTR(tpInfoAddr),
  3034. DISP_PTR(ActualAddress),
  3035. IsPtr64()
  3036. ? DISP_PTR((tpInfoAddr+SendIrpArrayOffset)&0xFFF)
  3037. : DISP_PTR(tpInfoAddr+SendIrpArrayOffset),
  3038. DISP_PTR(ReadField (ReadIrp)),
  3039. DISP_PTR(endpAddr),
  3040. TPacketsFlagsToStringNet (Flags, StateFlags),
  3041. (ULONG)ReadField (NextElement),
  3042. (ULONG)ReadField (ElementCount),
  3043. CountListEntries (ActualAddress+DriverContextOffset)
  3044. );
  3045. }
  3046. else {
  3047. CHAR *str;
  3048. if (tpInfoAddr==0) {
  3049. if (StateFlags & AFD_TP_SEND) {
  3050. if (StateFlags & AFD_TP_AFD_SEND) {
  3051. str = "Buffered send";
  3052. }
  3053. else {
  3054. str = "Direct send";
  3055. }
  3056. }
  3057. else {
  3058. str = "Disconnect";
  3059. }
  3060. }
  3061. else {
  3062. str = "Reusing";
  3063. }
  3065. dprintf (
  3066. IsPtr64()
  3067. ? "\n%011.011p %011.011p %-15.15s %011.011p %s %4ld %4ld %2ld"
  3068. : "\n%008.008p %008.008p %-17.17s %008.008p %s %4ld %4ld %2ld",
  3069. DISP_PTR(tpInfoAddr),
  3070. DISP_PTR(ActualAddress),
  3071. str,
  3072. DISP_PTR(endpAddr),
  3073. TPacketsFlagsToStringNet (Flags, StateFlags),
  3074. 0,
  3075. 0,
  3076. CountListEntries (ActualAddress+DriverContextOffset)
  3077. );
  3078. }
  3080. } // DumpAfdTPacketsInfoBriefNet
  3082. VOID
  3083. DumpAfdTPacketsInfoXp(
  3084. ULONG64 ActualAddress
  3085. )
  3086. {
  3087. ULONG64 fileAddr, endpAddr, tpInfoAddr, irpSpAddr;
  3088. ULONG64 i;
  3089. ULONG Flags, StateFlags, NumSendIrps, RefCount;
  3090. ULONG result;
  3093. irpSpAddr = ReadField (Tail.Overlay.CurrentStackLocation);
  3094. tpInfoAddr = ReadField (AssociatedIrp.SystemBuffer);
  3096. if ( (result=GetFieldValue (ActualAddress+DriverContextOffset,
  3097. "AFD!AFD_TPACKETS_IRP_CTX",
  3098. "StateFlags",
  3099. StateFlags)) !=0 ||
  3100. (result=GetFieldValue (ActualAddress+DriverContextOffset,
  3101. "AFD!AFD_TPACKETS_IRP_CTX",
  3102. "ReferenceCount",
  3103. RefCount)) !=0 ) {
  3104. dprintf(
  3105. "\ntran: Could not read AFD_TPACKETS_IRP_CTX @ %p, err:%d\n",
  3106. ActualAddress+DriverContextOffset, result
  3107. );
  3108. return;
  3109. }
  3111. if ( (result = GetFieldValue (irpSpAddr,
  3112. "NT!_IO_STACK_LOCATION",
  3113. "FileObject",
  3114. fileAddr)) !=0 ) {
  3115. dprintf(
  3116. "\ntran: Could not read IO_STACK_LOCATION @ %p for IRP @ %p, err:%d\n",
  3117. irpSpAddr, ActualAddress, result
  3118. );
  3119. return;
  3120. }
  3122. if ( (result = GetFieldValue (irpSpAddr,
  3123. "NT!_IO_STACK_LOCATION",
  3124. "Parameters.DeviceIoControl.IoControlCode",
  3125. Flags)) !=0 ) {
  3126. dprintf(
  3127. "\ntran: Could not read IO_STACK_LOCATION @ %p for IRP @ %p, err:%d\n",
  3128. irpSpAddr, ActualAddress, result
  3129. );
  3130. return;
  3131. }
  3133. result = GetFieldValue (fileAddr,
  3134. "NT!_FILE_OBJECT",
  3135. "FsContext",
  3136. endpAddr);
  3137. if (result!=0) {
  3138. dprintf(
  3139. "\ntran: Could not read FsContext of FILE_OBJECT @ %p for IRP @ %p, err:%d\n",
  3140. fileAddr, ActualAddress, result
  3141. );
  3142. return;
  3143. }
  3145. dprintf(
  3146. "\nAFD_TRANSMIT_FILE_INFO_INTERNAL @ %p\n",
  3147. tpInfoAddr
  3148. );
  3150. dprintf(
  3151. " Endpoint = %p\n",
  3152. endpAddr
  3153. );
  3155. dprintf(
  3156. " TransmitIrp = %p (%d more irp(s) pending)\n",
  3157. ActualAddress,
  3158. CountListEntries (ActualAddress+DriverContextOffset));
  3160. dprintf(
  3161. " ReferenceCount = %ld\n",
  3162. RefCount
  3163. );
  3165. dprintf(
  3166. " Flags = %08lx (",
  3167. Flags
  3168. );
  3170. if (Flags & AFD_TF_WRITE_BEHIND)
  3171. dprintf ("WrB ");
  3172. if (Flags & AFD_TF_DISCONNECT)
  3173. dprintf ("Dsc ");
  3174. if (Flags & AFD_TF_REUSE_SOCKET)
  3175. dprintf ("Reu ");
  3176. if (Flags & AFD_TF_USE_SYSTEM_THREAD)
  3177. dprintf ("Sys ");
  3178. if (Flags & AFD_TF_USE_KERNEL_APC)
  3179. dprintf ("Apc ");
  3180. dprintf (")\n");
  3182. dprintf(
  3183. " StateFlags = %08lx (",
  3184. StateFlags
  3185. );
  3186. if (StateFlags & AFD_TP_ABORT_PENDING)
  3187. dprintf ("Abrt ");
  3188. #define AFD_TP_WORKER_SCHEDULED_XP 0x00000010
  3189. if (StateFlags & AFD_TP_WORKER_SCHEDULED_XP)
  3190. dprintf ("WrkS ");
  3191. #define AFD_TP_SEND_AND_DISCONNECT_XP 0x00000100
  3192. if (StateFlags & AFD_TP_SEND_AND_DISCONNECT_XP)
  3193. dprintf ("S&D ");
  3195. if (tpInfoAddr==-1) {
  3196. dprintf(
  3197. "Reusing)\n"
  3198. );
  3199. }
  3200. else if (tpInfoAddr!=0) {
  3202. result = (ULONG)InitTypeRead (tpInfoAddr, AFD!AFD_TPACKETS_INFO_INTERNAL);
  3203. if (result!=0) {
  3204. dprintf(
  3205. "\ntran: Could not read AFD_TPACKETS_INFO_INTERNAL @ %p, err:%d\n",
  3206. tpInfoAddr, result
  3207. );
  3208. return;
  3209. }
  3211. if (ReadField(PdNeedsPps))
  3212. dprintf ("Pps ");
  3213. if (ReadField(ArrayAllocated))
  3214. dprintf ("Alloc ");
  3215. dprintf (")\n");
  3217. dprintf(
  3218. " SendPacketLength = %08lx\n",
  3219. (ULONG)ReadField (SendPacketLength)
  3220. );
  3222. dprintf(
  3223. " PdLength = %08lx\n",
  3224. (ULONG)ReadField (PdLength)
  3225. );
  3227. dprintf(
  3228. " NextElement = %d\n",
  3229. (ULONG)ReadField (NextElement)
  3230. );
  3232. dprintf(
  3233. " ElementCount = %d\n",
  3234. (ULONG)ReadField (ElementCount)
  3235. );
  3237. dprintf(
  3238. " ElementArray = %p\n",
  3239. ReadField (ElementArray)
  3240. );
  3242. dprintf(
  3243. " RemainingPkts = %p\n",
  3244. ReadField (RemainingPkts)
  3245. );
  3247. dprintf(
  3248. " HeadPd = %p\n",
  3249. ReadField (HeadPd)
  3250. );
  3252. dprintf(
  3253. " TailPd = %p\n",
  3254. ReadField (TailPd)
  3255. );
  3257. dprintf(
  3258. " HeadMdl = %p\n",
  3259. ReadField (HeadMdl)
  3260. );
  3262. dprintf(
  3263. " TailMdl = %p\n",
  3264. ReadField (TailMdl)
  3265. );
  3267. dprintf(
  3268. " TdiFileObject = %p\n",
  3269. ReadField (TdiFileObject)
  3270. );
  3272. dprintf(
  3273. " TdiDeviceObject = %p\n",
  3274. ReadField (TdiDeviceObject)
  3275. );
  3278. dprintf(
  3279. " NumSendIrps = %08lx\n",
  3280. NumSendIrps = (LONG)ReadField (NumSendIrps)
  3281. );
  3283. for (i=0; i<NumSendIrps && i<AFD_TP_MAX_SEND_IRPS; i++) {
  3284. CHAR fieldName[16];
  3285. if (CheckControlC ())
  3286. break;
  3287. _snprintf (fieldName, sizeof (fieldName)-1, "SendIrp[%1d]",i);
  3288. fieldName[sizeof(fieldName)-1]=0;
  3289. dprintf(
  3290. " %s = %p%s\n",
  3291. fieldName,
  3292. GetShortField (0, fieldName, 0),
  3293. StateFlags & AFD_TP_SEND_BUSY(i)
  3294. ? " (BUSY)"
  3295. : ""
  3296. );
  3297. }
  3299. dprintf(
  3300. " ReadIrp = %p%s\n",
  3301. ReadField (ReadIrp),
  3302. StateFlags & AFD_TP_READ_BUSY
  3303. ? " (BUSY)"
  3304. : ""
  3305. );
  3307. if( IsReferenceDebug ) {
  3309. dprintf(
  3310. " ReferenceDebug = %p\n",
  3311. tpInfoAddr + TPackRefOffset
  3312. );
  3314. if (SavedMinorVersion>=3554) {
  3315. ULONGLONG refCount;
  3316. refCount = ReadField (CurrentReferenceSlot);
  3317. if (SystemTime.QuadPart!=0) {
  3318. dprintf(
  3319. " CurrentReferenceSlot = %lu (@ %s)\n",
  3320. (ULONG)refCount & AFD_REF_MASK,
  3321. SystemTimeToString (
  3322. (((ReadField (CurrentTimeHigh)<<32) +
  3323. (refCount&(~AFD_REF_MASK)))<<(13-AFD_REF_SHIFT))+
  3324. SystemTime.QuadPart -
  3325. InterruptTime.QuadPart
  3326. )
  3327. );
  3329. }
  3330. else {
  3331. dprintf(
  3332. " CurrentReferenceSlot = %lu (@ %I64u ms since boot)\n",
  3333. (ULONG)refCount & AFD_REF_MASK,
  3334. (((ReadField (CurrentTimeHigh)<<32) +
  3335. (refCount&(~AFD_REF_MASK)))<<(13-AFD_REF_SHIFT))/(10*1000)
  3336. );
  3337. }
  3338. }
  3339. else {
  3340. dprintf(
  3341. " CurrentReferenceSlot = %lu\n",
  3342. (ULONG)ReadField (CurrentReferenceSlot) & AFD_REF_MASK
  3343. );
  3344. }
  3345. }
  3346. }
  3347. dprintf( "\n" );
  3349. } // DumpAfdTPacketsInfoXp
  3351. VOID
  3352. DumpAfdTPacketsInfoBriefXp (
  3353. ULONG64 ActualAddress
  3354. )
  3355. /*
  3356. TPackets I R P S Endpoint Flags Next Elmt Mo
  3357. Address Transmit Send Read Address App | State Elmt Cnt. re
  3358. xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xxxx xxxxxxxxxxxxxxc xxxx xxxx xx
  3360. TPackets I R P S Endpoint Flags Next Elmt Mo
  3361. Address Transmit S1 Read Address App | State Elmt Cnt. re
  3362. xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxxxx xxxxxxxxxxx xxxx xxxxxxxxxxxxxxx xxxx xxxx xx
  3363. */
  3364. {
  3365. ULONG64 fileAddr, endpAddr, tpInfoAddr, irpSpAddr;
  3366. ULONG Flags, StateFlags;
  3367. ULONG result;
  3369. tpInfoAddr = ReadField (AssociatedIrp.SystemBuffer);
  3370. irpSpAddr = ReadField (Tail.Overlay.CurrentStackLocation);
  3371. if ( (result=GetFieldValue (ActualAddress+DriverContextOffset,
  3372. "AFD!AFD_TPACKETS_IRP_CTX",
  3373. "StateFlags",
  3374. StateFlags))!=0 ) {
  3375. dprintf(
  3376. "\ntran: Could not read AFD_TPACKETS_IRP_CTX @ %p, err:%d\n",
  3377. ActualAddress+DriverContextOffset, result
  3378. );
  3379. return;
  3380. }
  3382. if ( (result = GetFieldValue (irpSpAddr,
  3383. "NT!_IO_STACK_LOCATION",
  3384. "FileObject",
  3385. fileAddr))!=0 ) {
  3386. dprintf(
  3387. "\ntran: Could not read IO_STACK_LOCATION @ %p for IRP @ %p, err:%d\n",
  3388. irpSpAddr, ActualAddress, result
  3389. );
  3390. return;
  3391. }
  3393. if ( (result = GetFieldValue (irpSpAddr,
  3394. "NT!_IO_STACK_LOCATION",
  3395. "Parameters.DeviceIoControl.IoControlCode",
  3396. Flags)) !=0 ) {
  3397. dprintf(
  3398. "\ntran: Could not read IO_STACK_LOCATION @ %p for IRP @ %p, err:%d\n",
  3399. irpSpAddr, ActualAddress, result
  3400. );
  3401. return;
  3402. }
  3404. result = GetFieldValue (fileAddr,
  3405. "NT!_FILE_OBJECT",
  3406. "FsContext",
  3407. endpAddr);
  3408. if (result!=0) {
  3409. dprintf(
  3410. "\ntran: Could not read FsContext of FILE_OBJECT @ %p for IRP @ %p, err:%d\n",
  3411. fileAddr, ActualAddress, result
  3412. );
  3413. return;
  3414. }
  3416. if (tpInfoAddr!=0 && tpInfoAddr!=-1 ) {
  3417. result = (ULONG)InitTypeRead (tpInfoAddr, AFD!AFD_TPACKETS_INFO_INTERNAL);
  3418. if (result!=0) {
  3419. dprintf(
  3420. "\ntran: Could not read AFD_TPACKETS_INFO_INTERNAL @ %p, err:%d\n",
  3421. tpInfoAddr, result
  3422. );
  3423. return;
  3424. }
  3426. dprintf (
  3427. IsPtr64()
  3428. ? "\n%011.011p %011.011p %03.03p %011.011p %011.011p %s %4ld %4ld %2ld"
  3429. : "\n%008.008p %008.008p %08.08p %008.008p %008.008p %s %4ld %4ld %2ld",
  3430. DISP_PTR(tpInfoAddr),
  3431. DISP_PTR(ActualAddress),
  3432. IsPtr64()
  3433. ? DISP_PTR((tpInfoAddr+SendIrpArrayOffset)&0xFFF)
  3434. : DISP_PTR(tpInfoAddr+SendIrpArrayOffset),
  3435. DISP_PTR(ReadField (ReadIrp)),
  3436. DISP_PTR(endpAddr),
  3437. TPacketsFlagsToStringXp (Flags, StateFlags),
  3438. (ULONG)ReadField (NextElement),
  3439. (ULONG)ReadField (ElementCount),
  3440. CountListEntries (ActualAddress+DriverContextOffset)
  3441. );
  3442. }
  3443. else {
  3444. CHAR *str;
  3445. if (tpInfoAddr==0) {
  3446. str = "Disconnect";
  3447. }
  3448. else {
  3449. str = "Reusing";
  3450. }
  3452. dprintf (
  3453. IsPtr64()
  3454. ? "\n%011.011p %011.011p %-15.15s %011.011p %s %4ld %4ld %2ld"
  3455. : "\n%008.008p %008.008p %-17.17s %008.008p %s %4ld %4ld %2l",
  3456. DISP_PTR(tpInfoAddr),
  3457. DISP_PTR(ActualAddress),
  3458. str,
  3459. DISP_PTR(endpAddr),
  3460. TPacketsFlagsToStringXp (Flags, StateFlags),
  3461. 0,
  3462. 0,
  3463. CountListEntries (ActualAddress+DriverContextOffset)
  3464. );
  3465. }
  3467. } // DumpAfdTPacketsInfoBrief
  3469. VOID
  3470. DumpAfdBuffer(
  3471. ULONG64 ActualAddress
  3472. )
  3473. {
  3474. ULONG result;
  3475. ULONG length;
  3476. ULONG64 mdl,irp,buf;
  3478. dprintf(
  3479. "AFD_BUFFER @ %p\n",
  3480. ActualAddress
  3481. );
  3483. dprintf(
  3484. " BufferLength = %08lx\n",
  3485. length=(ULONG)ReadField (BufferLength)
  3486. );
  3488. dprintf(
  3489. " DataLength = %08lx\n",
  3490. (ULONG)ReadField (DataLength)
  3491. );
  3493. dprintf(
  3494. " DataOffset = %08lx\n",
  3495. (ULONG)ReadField (DataOffset)
  3496. );
  3498. dprintf(
  3499. " Context/Status = %p/%lx\n",
  3500. ReadField (Context), (ULONG)ReadField(Status)
  3501. );
  3503. dprintf(
  3504. " Mdl = %p\n",
  3505. mdl=ReadField (Mdl)
  3506. );
  3508. dprintf(
  3509. " RemoteAddress = %p\n",
  3510. ReadField (TdiInfo.RemoteAddress)
  3511. );
  3513. dprintf(
  3514. " RemoteAddressLength = %lu\n",
  3515. (ULONG)ReadField (TdiInfo.RemoteAddressLength)
  3516. );
  3518. dprintf(
  3519. " AllocatedAddressLength = %04X\n",
  3520. (USHORT)ReadField (AllocatedAddressLength)
  3521. );
  3523. dprintf(
  3524. " Flags = %04X (",
  3525. (USHORT)ReadField(Flags)
  3526. );
  3528. if (ReadField (ExpeditedData))
  3529. dprintf (" Exp");
  3530. if (ReadField (PartialMessage))
  3531. dprintf (" Partial");
  3532. if (ReadField (Lookaside))
  3533. dprintf (" Lookaside");
  3534. if (ReadField (NdisPacket))
  3535. dprintf (" Packet");
  3536. dprintf (" )\n");
  3538. if (length!=AFD_DEFAULT_TAG_BUFFER_SIZE) {
  3539. result = (ULONG)InitTypeRead (ActualAddress, AFD!AFD_BUFFER);
  3540. if (result!=0) {
  3541. dprintf ("\nDumpAfdBuffer: Could not read AFD_BUFFER @p, err: %ld\n",
  3542. ActualAddress, result);
  3543. return ;
  3544. }
  3545. dprintf(
  3546. " Buffer = %p\n",
  3547. buf=ReadField (Buffer)
  3548. );
  3550. dprintf(
  3551. " Irp = %p\n",
  3552. irp = ReadField (Irp)
  3553. );
  3555. if (SavedMinorVersion>=2267) {
  3556. dprintf(
  3557. " Placement ="
  3558. );
  3560. switch (ReadField (Placement)) {
  3561. case AFD_PLACEMENT_HDR:
  3562. dprintf (" Header-first\n");
  3563. buf = ActualAddress;
  3564. break;
  3565. case AFD_PLACEMENT_IRP:
  3566. dprintf (" Irp-first\n");
  3567. buf = irp;
  3568. break;
  3569. case AFD_PLACEMENT_MDL:
  3570. dprintf (" Mdl-first\n");
  3571. buf = mdl;
  3572. break;
  3573. case AFD_PLACEMENT_BUFFER:
  3574. dprintf (" Buffer-first\n");
  3575. // buf = buf;
  3576. break;
  3577. }
  3578. if (SavedMinorVersion>=2414) {
  3579. if (ReadField (AlignmentAdjusted)) {
  3580. ULONG64 adj;
  3581. if (ReadPointer (buf - (IsPtr64 () ? 8 : 4), &adj)) {
  3582. dprintf(
  3583. " AlignmentAdjustment = %p\n",
  3584. adj
  3585. );
  3586. }
  3587. else {
  3588. dprintf(
  3589. " Could not read alignment adjustment below %p\n",
  3590. buf);
  3591. }
  3592. }
  3593. }
  3594. }
  3595. }
  3597. dprintf( "\n" );
  3599. } // DumpAfdBuffer
  3602. VOID
  3603. DumpAfdBufferBrief(
  3604. ULONG64 ActualAddress
  3605. )
  3606. {
  3607. ULONG length;
  3608. LPSTR raddr;
  3609. UCHAR transportAddress[MAX_TRANSPORT_ADDR];
  3610. ULONG64 address;
  3612. address = ReadField (TdiInfo.RemoteAddress);
  3613. length = (ULONG)ReadField (TdiInfo.RemoteAddressLength);
  3615. if( address != 0 && length != 0) {
  3616. if (ReadMemory (address,
  3617. transportAddress,
  3618. length<sizeof (transportAddress)
  3619. ? length
  3620. : sizeof (transportAddress),
  3621. &length)) {
  3622. raddr = TransportAddressToString(
  3623. (PTRANSPORT_ADDRESS)transportAddress,
  3624. address
  3625. );
  3626. }
  3627. else {
  3628. raddr = "Read error!";
  3629. }
  3630. }
  3631. else {
  3632. raddr = "";
  3633. }
  3636. dprintf (/* Buffer Size Length Offst Context Mdl|IRP Flags Rem Addr*/
  3637. IsPtr64 ()
  3638. ? "\n%011.011p %4.4x %4.4x %4.4x %011.011p %011.011p %6s %-32.32s"
  3639. : "\n%008.008p %4.4x %4.4x %4.4x %008.008p %008.008p %6s %-32.32s",
  3640. DISP_PTR(ActualAddress),
  3641. length = (ULONG)ReadField (BufferLength),
  3642. (ULONG)ReadField (DataLength),
  3643. (ULONG)ReadField (DataOffset),
  3644. DISP_PTR(ReadField (Context)),
  3645. length==0 ? DISP_PTR(ReadField (Mdl)) : DISP_PTR(ReadField (Irp)),
  3646. BufferFlagsToString (),
  3647. raddr
  3648. );
  3650. } // DumpAfdBufferBrief
  3652. ULONG
  3653. DumpAfdPollEndpointInfo (
  3654. PFIELD_INFO pField,
  3655. PVOID UserContext
  3656. )
  3657. {
  3658. ULONG64 file, endp, hndl;
  3659. ULONG evts;
  3660. ULONG err;
  3662. if ((err=GetFieldValue (pField->address,
  3663. "AFD!AFD_POLL_ENDPOINT_INFO",
  3664. "FileObject",
  3665. file))==0 &&
  3666. (err=GetFieldValue (pField->address,
  3667. "AFD!AFD_POLL_ENDPOINT_INFO",
  3668. "Endpoint",
  3669. endp))==0 &&
  3670. (err=GetFieldValue (pField->address,
  3671. "AFD!AFD_POLL_ENDPOINT_INFO",
  3672. "Handle",
  3673. hndl))==0 &&
  3674. (err=GetFieldValue (pField->address,
  3675. "AFD!AFD_POLL_ENDPOINT_INFO",
  3676. "PollEvents",
  3677. evts))==0) {
  3678. dprintf (" %-16p %-16p %-8x %s%s%s%s%s%s%s%s%s%s%s%s%s\n",
  3679. file, endp, (ULONG)hndl,
  3680. (evts & AFD_POLL_RECEIVE) ? "rcv " : "",
  3681. (evts & AFD_POLL_RECEIVE_EXPEDITED) ? "rce " : "",
  3682. (evts & AFD_POLL_SEND) ? "snd " : "",
  3683. (evts & AFD_POLL_DISCONNECT) ? "dsc " : "",
  3684. (evts & AFD_POLL_ABORT) ? "abrt " : "",
  3685. (evts & AFD_POLL_LOCAL_CLOSE) ? "cls " : "",
  3686. (evts & AFD_POLL_CONNECT) ? "con " : "",
  3687. (evts & AFD_POLL_ACCEPT) ? "acc " : "",
  3688. (evts & AFD_POLL_CONNECT_FAIL) ? "cnf " : "",
  3689. (evts & AFD_POLL_QOS) ? "qos " : "",
  3690. (evts & AFD_POLL_GROUP_QOS) ? "gqs " : "",
  3691. (evts & AFD_POLL_ROUTING_IF_CHANGE) ? "rif " : "",
  3692. (evts & AFD_POLL_ADDRESS_LIST_CHANGE) ? "adr " : "");
  3693. }
  3694. else {
  3695. dprintf (" Failed to read endpoint info @ %p, err: %ld\n",
  3696. pField->address, err);
  3697. }
  3699. return err;
  3700. }
  3702. VOID
  3703. DumpAfdPollInfo (
  3704. ULONG64 ActualAddress
  3705. )
  3706. {
  3707. ULONG numEndpoints, err;
  3708. ULONG64 irp,thread,pid,tid;
  3711. dprintf ("\nAFD_POLL_INFO_INTERNAL @ %p\n", ActualAddress);
  3713. dprintf(
  3714. " NumberOfEndpoints = %08lx\n",
  3715. numEndpoints=(ULONG)ReadField (NumberOfEndpoints)
  3716. );
  3718. dprintf(
  3719. " Irp = %p\n",
  3720. irp=ReadField (Irp)
  3721. );
  3723. if ((err=GetFieldValue (irp, "NT!_IRP", "Tail.Overlay.Thread", thread))==0 &&
  3724. (err=GetFieldValue (thread, "NT!_ETHREAD", "Cid.UniqueProcess", pid))==0 &&
  3725. (err=GetFieldValue (thread, "NT!_ETHREAD", "Cid.UniqueThread", tid))==0 ){
  3726. dprintf(
  3727. " Thread = %p (%lx.%lx)\n",
  3728. thread, (ULONG)pid, (ULONG)tid);
  3729. }
  3730. else {
  3731. dprintf(
  3732. " Could not get thread(tid/pid) from irp, err: %ld\n", err);
  3733. }
  3736. if (ReadField (TimerStarted)) {
  3737. if (SystemTime.QuadPart!=0 ) {
  3738. dprintf(
  3739. " Expires @ %s (cur %s)\n",
  3740. SystemTimeToString (ReadField (Timer.DueTime.QuadPart)-
  3741. InterruptTime.QuadPart+
  3742. SystemTime.QuadPart),
  3743. SystemTimeToString (SystemTime.QuadPart));
  3744. }
  3745. else {
  3746. dprintf(
  3747. " Expires @ %I64x\n",
  3748. ReadField (Timer.DueTime.QuadPart));
  3749. }
  3750. }
  3754. dprintf(
  3755. " Flags : %s%s%s\n",
  3756. ReadField (Unique) ? "Unique " : "",
  3757. ReadField (TimerStarted) ? "TimerStarted " : "",
  3758. ReadField (SanPoll) ? "SanPoll " : ""
  3759. );
  3760. if (numEndpoints>0) {
  3761. FIELD_INFO flds = {
  3762. NULL,
  3763. NULL,
  3764. numEndpoints,
  3765. 0,
  3766. 0,
  3767. DumpAfdPollEndpointInfo};
  3768. SYM_DUMP_PARAM sym = {
  3769. sizeof (SYM_DUMP_PARAM),
  3770. "AFD!AFD_POLL_ENDPOINT_INFO",
  3771. DBG_DUMP_NO_PRINT | DBG_DUMP_ARRAY,
  3772. ActualAddress+PollEndpointInfoOffset,
  3773. &flds,
  3774. NULL,
  3775. NULL,
  3776. 0,
  3777. NULL
  3778. };
  3779. dprintf ( " File Object Endpoint Handle Events\n");
  3780. Ioctl(IG_DUMP_SYMBOL_INFO, &sym, sym.size);
  3781. }
  3782. }
  3784. VOID
  3785. DumpAfdPollInfoBrief (
  3786. ULONG64 ActualAddress
  3787. )
  3788. {
  3789. ULONG64 irp, thread=0, pid=0, tid=0;
  3790. BOOLEAN timerStarted, unique, san;
  3791. CHAR dueTime[16];
  3793. irp = ReadField (Irp);
  3794. GetFieldValue (irp, "NT!_IRP", "Tail.Overlay.Thread", thread);
  3795. GetFieldValue (thread, "NT!_ETHREAD", "Cid.UniqueProcess", pid);
  3796. GetFieldValue (thread, "NT!_ETHREAD", "Cid.UniqueThread", tid);
  3798. timerStarted = ReadField (TimerStarted)!=0;
  3799. unique = ReadField (Unique)!=0;
  3800. san = ReadField (SanPoll)!=0;
  3802. if (timerStarted) {
  3803. TIME_FIELDS timeFields;
  3804. LARGE_INTEGER diff;
  3805. diff.QuadPart = ReadField (Timer.DueTime.QuadPart)-InterruptTime.QuadPart;
  3806. RtlTimeToElapsedTimeFields( &diff, &timeFields );
  3807. _snprintf (dueTime, sizeof (dueTime)-1, "%2d:%2.2d:%2.2d.%3.3d",
  3808. timeFields.Day*24+timeFields.Hour,
  3809. timeFields.Minute,
  3810. timeFields.Second,
  3811. timeFields.Milliseconds);
  3812. dueTime[sizeof(dueTime)-1]=0;
  3813. }
  3814. else {
  3815. _snprintf (dueTime, sizeof (dueTime)-1, "NEVER ");
  3816. dueTime[sizeof(dueTime)-1]=0;
  3817. }
  3818. dprintf (//PollInfo IRP Thread (pid.tid) Expr Flags Hdls Array
  3819. IsPtr64 ()
  3820. ? "\n%011.011p %011.011p %011.011p %4.4x.%4.4x %12s %1s%1s%1s %4.4x %011.011p"
  3821. : "\n%008.008p %008.008p %008.008p %4.4x.%4.4x %12s %1s%1s%1s %4.4x %008.008p",
  3822. DISP_PTR(ActualAddress),
  3823. DISP_PTR(irp),
  3824. DISP_PTR(thread),
  3825. (ULONG)pid,
  3826. (ULONG)tid,
  3827. dueTime,
  3828. timerStarted ? "T" : " ",
  3829. unique ? "U" : " ",
  3830. san ? "S" : " ",
  3831. (ULONG)ReadField (NumberOfEndpoints),
  3832. DISP_PTR (ActualAddress+PollEndpointInfoOffset));
  3833. }
  3835. ULONG
  3836. GetRemoteAddressFromContext (
  3837. ULONG64 EndpAddr,
  3838. PVOID AddressBuffer,
  3839. SIZE_T AddressBufferLength,
  3840. ULONG64 *ContextAddr
  3842. )
  3843. {
  3844. ULONG64 context;
  3845. ULONG result, contextLength;
  3846. ULONG addressOffset=0, addressLength=0;
  3847. PTRANSPORT_ADDRESS TaAddress = (PTRANSPORT_ADDRESS)AddressBuffer;
  3848. ULONG maxAddressLength = (ULONG)(AddressBufferLength -
  3849. FIELD_OFFSET (TRANSPORT_ADDRESS, Address[0].AddressType));
  3851. *ContextAddr = 0;
  3852. if ((result=GetFieldValue (EndpAddr,
  3853. "AFD!AFD_ENDPOINT",
  3854. "Context",
  3855. context))==0 &&
  3856. context!=0 &&
  3857. (result=GetFieldValue (EndpAddr,
  3858. "AFD!AFD_ENDPOINT",
  3859. "ContextLength",
  3860. contextLength))==0 &&
  3861. contextLength!=0) {
  3863. //
  3864. // Hard-coded layout of SOCK_SHARED_INFO structure in
  3865. // msafd. It would be better to get it from type info,
  3866. // but msafd/mswsock symbols are not easy to load in kernel
  3867. // mode.
  3868. //
  3869. #define SOCK_SHARED_INFO_LL_OFF 0x10 // Offset of LocalAddressLength field
  3870. #define SOCK_SHARED_INFO_RL_OFF 0x14 // Offset of RemoteAddressLength field
  3871. #define SOCK_SHARED_INFO_SIZE 0x78 // Total size of the structure.
  3872. #define SOCK_SHARED_INFO_SIZE_OLD 0x68 // Size before GUID was added.
  3873. ULONG ll, rl, res;
  3874. *ContextAddr = context;
  3876. if (ReadMemory (context+SOCK_SHARED_INFO_LL_OFF, &ll, sizeof (ll), &res) &&
  3877. ReadMemory (context+SOCK_SHARED_INFO_RL_OFF, &rl, sizeof (rl), &res)) {
  3878. addressLength = rl;
  3879. if (SavedMinorVersion>=3628) {
  3880. addressOffset = SOCK_SHARED_INFO_SIZE +
  3881. ALIGN_UP_A(sizeof (ULONG), 8) +
  3882. ALIGN_UP_A(ll, 8);
  3883. }
  3884. else if (SavedMinorVersion>=2219) {
  3885. addressOffset = SOCK_SHARED_INFO_SIZE_OLD +
  3886. ALIGN_UP_A(sizeof (ULONG), 8) +
  3887. ALIGN_UP_A(ll, 8);
  3888. }
  3889. else {
  3890. addressOffset = SOCK_SHARED_INFO_SIZE_OLD +
  3891. sizeof (ULONG) +
  3892. ll;
  3893. }
  3894. }
  3895. else
  3896. return result;
  3898. if (contextLength>=(addressOffset+addressLength) &&
  3899. ReadMemory (context+addressOffset,
  3900. &TaAddress->Address[0].AddressType,
  3901. addressLength<maxAddressLength
  3902. ? addressLength
  3903. : maxAddressLength,
  3904. &res)) {
  3905. *ContextAddr += addressOffset;
  3906. TaAddress->TAAddressCount = 1;
  3907. TaAddress->Address[0].AddressLength = (USHORT)addressLength;
  3908. return 0;
  3909. }
  3910. else
  3911. result = MEMORY_READ_ERROR;
  3912. }
  3914. return result;
  3915. }
  3917. //
  3918. // Private functions.
  3919. //
  3922. PSTR
  3923. StructureTypeToString(
  3924. USHORT Type
  3925. )
  3927. /*++
  3929. Routine Description:
  3931. Maps an AFD structure type to a displayable string.
  3933. Arguments:
  3935. Type - The AFD structure type to map.
  3937. Return Value:
  3939. PSTR - Points to the displayable form of the structure type.
  3941. --*/
  3943. {
  3945. switch( Type ) {
  3947. case AfdBlockTypeEndpoint :
  3948. return "Endpoint";
  3950. case AfdBlockTypeVcConnecting :
  3951. return "VcConnecting";
  3953. case AfdBlockTypeVcListening :
  3954. return "VcListening";
  3956. case AfdBlockTypeDatagram :
  3957. return "Datagram";
  3959. case AfdBlockTypeConnection :
  3960. return "Connection";
  3962. case AfdBlockTypeHelper :
  3963. return "Helper";
  3965. case AfdBlockTypeVcBoth:
  3966. return "Listening Root";
  3968. case AfdBlockTypeSanEndpoint:
  3969. return "San Endpoint";
  3971. case AfdBlockTypeSanHelper:
  3972. return "San Helper";
  3974. }
  3976. return "INVALID";
  3978. } // StructureTypeToString
  3980. PSTR
  3981. StructureTypeToStringBrief (
  3982. USHORT Type
  3983. )
  3985. /*++
  3987. Routine Description:
  3989. Maps an AFD structure type to a displayable string.
  3991. Arguments:
  3993. Type - The AFD structure type to map.
  3995. Return Value:
  3997. PSTR - Points to the displayable form of the structure type.
  3999. --*/
  4001. {
  4003. switch( Type ) {
  4005. case AfdBlockTypeEndpoint :
  4006. return "Enp";
  4008. case AfdBlockTypeVcConnecting :
  4009. return "Vc ";
  4011. case AfdBlockTypeVcListening :
  4012. return "Lsn";
  4014. case AfdBlockTypeDatagram :
  4015. return "Dg ";
  4017. case AfdBlockTypeConnection :
  4018. return "Con";
  4020. case AfdBlockTypeHelper :
  4021. return "Hlp";
  4023. case AfdBlockTypeVcBoth:
  4024. return "Rot";
  4026. case AfdBlockTypeSanEndpoint:
  4027. return "SaE";
  4029. case AfdBlockTypeSanHelper:
  4030. return "SaH";
  4031. }
  4033. return "???";
  4035. } // StructureTypeToString
  4037. PSTR
  4038. BooleanToString(
  4039. BOOLEAN Flag
  4040. )
  4042. /*++
  4044. Routine Description:
  4046. Maps a BOOELEAN to a displayable form.
  4048. Arguments:
  4050. Flag - The BOOLEAN to map.
  4052. Return Value:
  4054. PSTR - Points to the displayable form of the BOOLEAN.
  4056. --*/
  4058. {
  4060. return Flag ? "TRUE" : "FALSE";
  4062. } // BooleanToString
  4064. PSTR
  4065. EndpointStateToString(
  4066. UCHAR State
  4067. )
  4069. /*++
  4071. Routine Description:
  4073. Maps an AFD endpoint state to a displayable string.
  4075. Arguments:
  4077. State - The AFD endpoint state to map.
  4079. Return Value:
  4081. PSTR - Points to the displayable form of the AFD endpoint state.
  4083. --*/
  4085. {
  4087. switch( State ) {
  4089. case AfdEndpointStateOpen :
  4090. return "Open";
  4092. case AfdEndpointStateBound :
  4093. return "Bound";
  4095. case AfdEndpointStateConnected :
  4096. return "Connected";
  4098. case AfdEndpointStateCleanup :
  4099. return "Cleanup";
  4101. case AfdEndpointStateClosing :
  4102. return "Closing";
  4104. case AfdEndpointStateTransmitClosing :
  4105. return "Transmit Closing";
  4107. case AfdEndpointStateInvalid :
  4108. return "Invalid";
  4110. }
  4112. return "INVALID";
  4114. } // EndpointStateToString
  4116. PSTR
  4117. EndpointStateToStringBrief(
  4118. UCHAR State
  4119. )
  4121. /*++
  4123. Routine Description:
  4125. Maps an AFD endpoint state to a displayable string.
  4127. Arguments:
  4129. State - The AFD endpoint state to map.
  4131. Return Value:
  4133. PSTR - Points to the displayable form of the AFD endpoint state.
  4135. --*/
  4137. {
  4139. switch( State ) {
  4141. case AfdEndpointStateOpen :
  4142. return "Opn";
  4144. case AfdEndpointStateBound :
  4145. return "Bnd";
  4147. case AfdEndpointStateConnected :
  4148. return "Con";
  4150. case AfdEndpointStateCleanup :
  4151. return "Cln";
  4153. case AfdEndpointStateClosing :
  4154. return "Cls";
  4156. case AfdEndpointStateTransmitClosing :
  4157. return "TrC";
  4159. case AfdEndpointStateInvalid :
  4160. return "Inv";
  4162. }
  4164. return "???";
  4166. } // EndpointStateToString
  4168. PSTR
  4169. EndpointStateFlagsToString(
  4170. )
  4172. /*++
  4174. Routine Description:
  4176. Maps an AFD endpoint state flags to a displayable string.
  4178. Arguments:
  4180. Endpoint - The AFD endpoint which state flags to map.
  4182. Return Value:
  4184. PSTR - Points to the displayable form of the AFD endpoint state flags.
  4186. --*/
  4188. {
  4189. static CHAR buffer[13];
  4191. buffer[0] = ReadField (NonBlocking) ? 'N' : ' ';
  4192. buffer[1] = ReadField (InLine) ? 'I' : ' ';
  4193. buffer[2] = ReadField (EndpointCleanedUp) ? 'E' : ' ';
  4194. buffer[3] = ReadField (PollCalled) ? 'P' : ' ';
  4195. buffer[4] = ReadField (RoutingQueryReferenced) ? 'Q' : ' ';
  4196. buffer[5] = ReadField (DisableFastIoSend) ? 'S' : ' ';
  4197. buffer[6] = ReadField (DisableFastIoRecv) ? 'R' : ' ';
  4198. buffer[7] = ReadField (AdminAccessGranted) ? 'A' : ' ';
  4199. switch (ReadField (DisconnectMode)) {
  4200. case 0:
  4201. buffer[8] = ' ';
  4202. break;
  4203. case 1:
  4204. buffer[8] = 's';
  4205. break;
  4206. case 2:
  4207. buffer[8] = 'r';
  4208. break;
  4209. case 3:
  4210. buffer[8] = 'b';
  4211. break;
  4212. case 7:
  4213. buffer[8] = 'a';
  4214. break;
  4215. default:
  4216. buffer[8] = '?';
  4217. break;
  4218. }
  4220. switch (ReadField (Type)) {
  4221. case AfdBlockTypeDatagram:
  4222. buffer[9] = ReadField (Common.Datagram.CircularQueueing) ? 'C' : ' ';
  4223. buffer[10] = ReadField (Common.Datagram.HalfConnect) ? 'H' : ' ';
  4224. if (SavedMinorVersion>=2466) {
  4225. buffer[11] = '0' + (CHAR)
  4226. ((ReadField (Common.Datagram.AddressDrop) <<0)+
  4227. (ReadField (Common.Datagram.ResourceDrop)<<1)+
  4228. (ReadField (Common.Datagram.BufferDrop) <<2)+
  4229. (ReadField (Common.Datagram.ErrorDrop) <<3));
  4230. }
  4231. else {
  4232. buffer[11] = ' ';
  4233. }
  4234. break;
  4235. case AfdBlockTypeSanEndpoint: {
  4236. NTSTATUS status = (NTSTATUS)ReadField (Common.SanEndp.CtxTransferStatus);
  4238. switch (status) {
  4239. case STATUS_PENDING:
  4240. buffer[9] = 'p';
  4241. break;
  4242. case STATUS_MORE_PROCESSING_REQUIRED:
  4243. buffer[9] = 'm';
  4244. break;
  4245. default:
  4246. if (NT_SUCCESS (status)) {
  4247. buffer[9] = ' ';
  4248. }
  4249. else {
  4250. buffer[9] = 'f';
  4251. }
  4252. break;
  4253. }
  4254. buffer[10] = ReadField (Common.SanEndp.ImplicitDup) ? 'i' : ' ';
  4255. buffer[11] = ' ';
  4256. break;
  4257. }
  4258. default:
  4259. buffer[9] = ReadField (Listening) ? 'L' : ' ';
  4260. buffer[10] = ' ';
  4261. buffer[11] = ' ';
  4262. break;
  4263. }
  4264. buffer[12] = 0;
  4266. return buffer;
  4267. }
  4269. PSTR
  4270. EndpointTypeToString(
  4271. ULONG TypeFlags
  4272. )
  4274. /*++
  4276. Routine Description:
  4278. Maps an AFD_ENDPOINT_TYPE to a displayable string.
  4280. Arguments:
  4282. Type - The AFD_ENDPOINT_TYPE to map.
  4284. Return Value:
  4286. PSTR - Points to the displayable form of the AFD_ENDPOINT_TYPE.
  4288. --*/
  4290. {
  4292. switch( TypeFlags ) {
  4294. case AfdEndpointTypeStream :
  4295. return "Stream";
  4297. case AfdEndpointTypeDatagram :
  4298. return "Datagram";
  4300. case AfdEndpointTypeRaw :
  4301. return "Raw";
  4303. case AfdEndpointTypeSequencedPacket :
  4304. return "SequencedPacket";
  4306. default:
  4307. if (TypeFlags&(~AFD_ENDPOINT_VALID_FLAGS))
  4308. return "INVALID";
  4309. else {
  4310. static CHAR buffer[64];
  4311. INT n = 0;
  4312. buffer[0] = 0;
  4313. if (TypeFlags & AFD_ENDPOINT_FLAG_CONNECTIONLESS)
  4314. n += _snprintf (&buffer[n], sizeof (buffer)-1-n, "con-less ");
  4315. if (TypeFlags & AFD_ENDPOINT_FLAG_MESSAGEMODE)
  4316. n += _snprintf (&buffer[n], sizeof (buffer)-1-n, "msg ");
  4317. if (TypeFlags & AFD_ENDPOINT_FLAG_RAW)
  4318. n += _snprintf (&buffer[n], sizeof (buffer)-1-n, "raw ");
  4319. if (TypeFlags & AFD_ENDPOINT_FLAG_MULTIPOINT)
  4320. n += _snprintf (&buffer[n], sizeof (buffer)-1-n, "m-point ");
  4321. if (TypeFlags & AFD_ENDPOINT_FLAG_CROOT)
  4322. n += _snprintf (&buffer[n], sizeof (buffer)-1-n, "croot ");
  4323. if (TypeFlags & AFD_ENDPOINT_FLAG_DROOT)
  4324. n += _snprintf (&buffer[n], sizeof (buffer)-1-n, "droot ");
  4325. buffer[sizeof(buffer)-1]=0;
  4326. return buffer;
  4327. }
  4329. }
  4330. } // EndpointTypeToString
  4332. PSTR
  4333. ConnectionStateToString(
  4334. USHORT State
  4335. )
  4337. /*++
  4339. Routine Description:
  4341. Maps an AFD connection state to a displayable string.
  4343. Arguments:
  4345. State - The AFD connection state to map.
  4347. Return Value:
  4349. PSTR - Points to the displayable form of the AFD connection state.
  4351. --*/
  4353. {
  4354. switch( State ) {
  4356. case AfdConnectionStateFree :
  4357. return "Free";
  4359. case AfdConnectionStateUnaccepted :
  4360. return "Unaccepted";
  4362. case AfdConnectionStateReturned :
  4363. return "Returned";
  4365. case AfdConnectionStateConnected :
  4366. return "Connected";
  4368. case AfdConnectionStateClosing :
  4369. return "Closing";
  4371. }
  4373. return "INVALID";
  4375. } // ConnectionStateToString
  4377. PSTR
  4378. ConnectionStateToStringBrief(
  4379. USHORT State
  4380. )
  4382. /*++
  4384. Routine Description:
  4386. Maps an AFD connection state to a displayable string.
  4388. Arguments:
  4390. State - The AFD connection state to map.
  4392. Return Value:
  4394. PSTR - Points to the displayable form of the AFD connection state.
  4396. --*/
  4398. {
  4399. switch( State ) {
  4401. case AfdConnectionStateFree :
  4402. return "Fre";
  4404. case AfdConnectionStateUnaccepted :
  4405. return "UnA";
  4407. case AfdConnectionStateReturned :
  4408. return "Rtn";
  4410. case AfdConnectionStateConnected :
  4411. return "Con";
  4413. case AfdConnectionStateClosing :
  4414. return "Cls";
  4416. }
  4418. return "???";
  4420. } // ConnectionStateToStringBrief
  4422. PSTR
  4423. ConnectionStateFlagsToString(
  4424. )
  4426. /*++
  4428. Routine Description:
  4430. Maps an AFD connection state flags to a displayable string.
  4432. Arguments:
  4434. Connection - The AFD connection which state flags to map.
  4436. Return Value:
  4438. PSTR - Points to the displayable form of the AFD connection state flags.
  4440. --*/
  4442. {
  4443. static CHAR buffer[8];
  4445. if (SavedMinorVersion>=3549) {
  4446. buffer[0] = ReadField (Aborted) ? 'A' : ' ';
  4447. if (ReadField (AbortIndicated)) {
  4448. buffer[0] = 'a';
  4449. }
  4450. else if (ReadField (AbortFailed)) {
  4451. buffer[0] = 'f';
  4452. }
  4453. }
  4454. else {
  4455. buffer[0] = ReadField (AbortedIndicated) ? 'A' : ' ';
  4456. }
  4457. buffer[1] = ReadField (DisconnectIndicated) ? 'D' : ' ';
  4458. buffer[2] = ReadField (ConnectedReferenceAdded) ? 'R' : ' ';
  4459. buffer[3] = ReadField (SpecialCondition) ? 'S' : ' ';
  4460. buffer[4] = ReadField (CleanupBegun) ? 'C' : ' ';
  4461. buffer[5] = ReadField (ClosePendedTransmit) ? 'T' : ' ';
  4462. buffer[6] = ReadField (OnLRList) ? 'L' : ' ';
  4463. buffer[7] = 0;
  4465. return buffer;
  4466. }
  4468. PSTR
  4469. TranfileFlagsToString(
  4470. VOID
  4471. )
  4473. /*++
  4475. Routine Description:
  4477. Maps an AFD transmit file info flags to a displayable string.
  4479. Arguments:
  4481. TransmitInfo - The AFD transmit file info which flags to map.
  4483. Return Value:
  4485. PSTR - Points to the displayable form of the AFD transmit file info flags.
  4487. --*/
  4489. {
  4490. static CHAR buffer[9];
  4492. buffer[0] = (ReadField (AbortPending)) ? 'A' : ' ';
  4493. buffer[1] = (ReadField (WorkerScheduled)) ? 'W' : ' ';
  4494. buffer[2] = (ReadField (NeedSendHead)) ? 'H' : ' ';
  4495. buffer[3] = (ReadField (ReuseInProgress)) ? 'R' : ' ';
  4496. buffer[4] = (ReadField (SendAndDisconnect)) ? 'S' : ' ';
  4497. buffer[5] = (ReadField (Irp1Done)) ? '1' : ' ';
  4498. buffer[6] = (ReadField (Irp2Done)) ? '2' : ' ';
  4499. buffer[7] = (ReadField (IrpRDone)) ? '3' : ' ';
  4500. buffer[8] = 0;
  4502. return buffer;
  4503. }
  4505. PSTR
  4506. TPacketsFlagsToStringNet(
  4507. ULONG Flags,
  4508. ULONG StateFlags
  4509. )
  4511. /*++
  4513. Routine Description:
  4515. Maps an AFD transmit file info flags to a displayable string.
  4517. Arguments:
  4519. TransmitInfo - The AFD transmit file info which flags to map.
  4521. Return Value:
  4523. PSTR - Points to the displayable form of the AFD transmit file info flags.
  4525. --*/
  4527. {
  4528. static CHAR buffer[20];
  4530. buffer[0] = (Flags & AFD_TF_WRITE_BEHIND) ? 'b' : ' ';
  4531. buffer[1] = (Flags & AFD_TF_DISCONNECT) ? 'd' : ' ';
  4532. buffer[2] = (Flags & AFD_TF_REUSE_SOCKET) ? 'r' : ' ';
  4533. buffer[3] = (Flags & AFD_TF_USE_SYSTEM_THREAD) ? 's' : 'a';
  4534. buffer[4] = '|';
  4535. buffer[5] = (StateFlags & AFD_TP_ABORT_PENDING) ? 'A' : ' ';
  4536. buffer[6] = (StateFlags & AFD_TP_WORKER_SCHEDULED) ? 'W' : ' ';
  4537. buffer[7] = (StateFlags & AFD_TP_SENDS_POSTED) ? 'S' : ' ';
  4538. buffer[8] = (StateFlags & AFD_TP_QUEUED) ? 'Q' : ' ';
  4539. buffer[9] = (StateFlags & AFD_TP_READ_BUSY) ? '0' : ' ';
  4540. buffer[10] = (StateFlags & AFD_TP_SEND_BUSY(0)) ? '1' : ' ';
  4541. buffer[11] = (StateFlags & AFD_TP_SEND_BUSY(1)) ? '2' : ' ';
  4542. buffer[12] = (StateFlags & AFD_TP_SEND_BUSY(2)) ? '3' : ' ';
  4543. buffer[13] = (StateFlags & AFD_TP_SEND_BUSY(3)) ? '4' : ' ';
  4544. buffer[14] = (StateFlags & AFD_TP_SEND_BUSY(4)) ? '5' : ' ';
  4545. buffer[15] = (StateFlags & AFD_TP_SEND_BUSY(5)) ? '6' : ' ';
  4546. buffer[16] = (StateFlags & AFD_TP_SEND_BUSY(6)) ? '7' : ' ';
  4547. buffer[17] = (StateFlags & AFD_TP_SEND_BUSY(7)) ? '8' : ' ';
  4548. buffer[18] = (StateFlags & AFD_TP_SEND_AND_DISCONNECT) ? '&' : ' ';
  4549. buffer[19] = 0;
  4551. return buffer;
  4552. }
  4554. PSTR
  4555. TPacketsFlagsToStringXp(
  4556. ULONG Flags,
  4557. ULONG StateFlags
  4558. )
  4560. /*++
  4562. Routine Description:
  4564. Maps an AFD transmit file info flags to a displayable string.
  4566. Arguments:
  4568. TransmitInfo - The AFD transmit file info which flags to map.
  4570. Return Value:
  4572. PSTR - Points to the displayable form of the AFD transmit file info flags.
  4574. --*/
  4576. {
  4577. static CHAR buffer[20];
  4579. buffer[0] = (Flags & AFD_TF_WRITE_BEHIND) ? 'b' : ' ';
  4580. buffer[1] = (Flags & AFD_TF_DISCONNECT) ? 'd' : ' ';
  4581. buffer[2] = (Flags & AFD_TF_REUSE_SOCKET) ? 'r' : ' ';
  4582. buffer[3] = (Flags & AFD_TF_USE_SYSTEM_THREAD) ? 's' : 'a';
  4583. buffer[4] = '|';
  4584. buffer[5] = (StateFlags & AFD_TP_ABORT_PENDING) ? 'A' : ' ';
  4585. buffer[6] = (StateFlags & AFD_TP_WORKER_SCHEDULED_XP) ? 'W' : ' ';
  4586. buffer[7] = ' ';
  4587. buffer[8] = ' ';
  4588. buffer[9] = (StateFlags & AFD_TP_READ_BUSY) ? '0' : ' ';
  4589. buffer[10] = (StateFlags & AFD_TP_SEND_BUSY(0)) ? '1' : ' ';
  4590. buffer[11] = (StateFlags & AFD_TP_SEND_BUSY(1)) ? '2' : ' ';
  4591. buffer[12] = (StateFlags & AFD_TP_SEND_BUSY(2)) ? '3' : ' ';
  4592. buffer[13] = (StateFlags & AFD_TP_SEND_BUSY(3)) ? '4' : ' ';
  4593. buffer[14] = (StateFlags & AFD_TP_SEND_BUSY(4)) ? '5' : ' ';
  4594. buffer[15] = (StateFlags & AFD_TP_SEND_BUSY(5)) ? '6' : ' ';
  4595. buffer[16] = (StateFlags & AFD_TP_SEND_BUSY(6)) ? '7' : ' ';
  4596. buffer[17] = (StateFlags & AFD_TP_SEND_BUSY(7)) ? '8' : ' ';
  4597. buffer[18] = (StateFlags & AFD_TP_SEND_AND_DISCONNECT_XP) ? '&' : ' ';
  4598. buffer[19] = 0;
  4600. return buffer;
  4601. }
  4603. PSTR
  4604. BufferFlagsToString(
  4605. )
  4607. /*++
  4609. Routine Description:
  4611. Maps an AFD buffer flags to a displayable string.
  4613. Arguments:
  4615. TransmitInfo - The AFD buffer which flags to map.
  4617. Return Value:
  4619. PSTR - Points to the displayable form of the AFD buffer flags.
  4621. --*/
  4623. {
  4624. static CHAR buffer[7];
  4626. buffer[0] = (ReadField (ExpeditedData)) ? 'E' : ' ';
  4627. buffer[1] = (ReadField (PartialMessage)) ? 'P' : ' ';
  4628. buffer[2] = (ReadField (Lookaside)) ? 'L' : ' ';
  4629. buffer[3] = (ReadField (NdisPacket)) ? 'N' : ' ';
  4630. if (SavedMinorVersion>=2267) {
  4631. UCHAR placement = (UCHAR)ReadField (Placement);
  4632. switch (placement) {
  4633. case AFD_PLACEMENT_HDR:
  4634. buffer[4] = 'h';
  4635. break;
  4636. case AFD_PLACEMENT_IRP:
  4637. buffer[4] = 'i';
  4638. break;
  4639. case AFD_PLACEMENT_MDL:
  4640. buffer[4] = 'm';
  4641. break;
  4642. case AFD_PLACEMENT_BUFFER:
  4643. buffer[4] = 'b';
  4644. break;
  4645. }
  4646. if (SavedMinorVersion>=2414) {
  4647. buffer[5] = ReadField (AlignmentAdjusted) ? 'A' : ' ';
  4648. }
  4649. else
  4650. buffer[5] = ' ';
  4651. }
  4652. else {
  4653. buffer[4] = ' ';
  4654. buffer[5] = ' ';
  4655. }
  4656. buffer[6] = 0;
  4658. return buffer;
  4659. }
  4663. PSTR
  4664. SystemTimeToString(
  4665. LONGLONG Value
  4666. )
  4668. /*++
  4670. Routine Description:
  4672. Maps a LONGLONG representing system time to a displayable string.
  4674. Arguments:
  4676. Value - The LONGLONG time to map.
  4678. Return Value:
  4680. PSTR - Points to the displayable form of the system time.
  4682. Notes:
  4684. This routine is NOT multithread safe!
  4686. --*/
  4688. {
  4690. static char buffer[64];
  4691. NTSTATUS status;
  4692. LARGE_INTEGER systemTime;
  4693. LARGE_INTEGER localTime;
  4694. TIME_FIELDS timeFields;
  4696. systemTime.QuadPart = Value;
  4698. status = RtlSystemTimeToLocalTime( &systemTime, &localTime );
  4700. if( !NT_SUCCESS(status) ) {
  4702. _snprintf(buffer, sizeof (buffer)-1, "%I64x", Value);
  4703. buffer[sizeof(buffer)-1]=0;
  4704. return buffer;
  4706. }
  4708. RtlTimeToTimeFields( &localTime, &timeFields );
  4710. _snprintf(
  4711. buffer, sizeof (buffer)-1,
  4712. "%s %s %2d %4d %02d:%02d:%02d.%03d",
  4713. WeekdayNames[timeFields.Weekday],
  4714. MonthNames[timeFields.Month],
  4715. timeFields.Day,
  4716. timeFields.Year,
  4717. timeFields.Hour,
  4718. timeFields.Minute,
  4719. timeFields.Second,
  4720. timeFields.Milliseconds
  4721. );
  4722. buffer[sizeof(buffer)-1]=0;
  4724. return buffer;
  4726. } // SystemTimeToString
  4730. PSTR
  4731. GroupTypeToString(
  4732. AFD_GROUP_TYPE GroupType
  4733. )
  4735. /*++
  4737. Routine Description:
  4739. Maps an AFD_GROUP_TYPE to a displayable string.
  4741. Arguments:
  4743. GroupType - The AFD_GROUP_TYPE to map.
  4745. Return Value:
  4747. PSTR - Points to the displayable form of the AFD_GROUP_TYPE.
  4749. --*/
  4751. {
  4753. switch( GroupType ) {
  4755. case GroupTypeNeither :
  4756. return "Neither";
  4758. case GroupTypeConstrained :
  4759. return "Constrained";
  4761. case GroupTypeUnconstrained :
  4762. return "Unconstrained";
  4764. }
  4766. return "INVALID";
  4768. } // GroupTypeToString
  4770. PSTR
  4771. ListToString (
  4772. ULONG64 ListHead
  4773. )
  4774. {
  4775. static CHAR buffer[32];
  4776. INT count = CountListEntries (ListHead);
  4778. if (count==0) {
  4779. _snprintf (buffer, sizeof (buffer)-1, "= EMPTY");
  4780. }
  4781. else {
  4782. if (IsPtr64()) {
  4783. _snprintf (buffer, sizeof (buffer)-1, "@ %I64X (%d)", ListHead, count);
  4784. }
  4785. else {
  4786. _snprintf (buffer, sizeof (buffer)-1, "@ %X (%d)", (ULONG)ListHead, count);
  4787. }
  4788. }
  4789. buffer[sizeof(buffer)-1]=0;
  4790. return buffer;
  4791. }
  4793. PAFDKD_TRANSPORT_INFO
  4794. ReadTransportInfo (
  4795. ULONG64 ActualAddress
  4796. )
  4797. {
  4799. ULONG result, length;
  4800. PAFDKD_TRANSPORT_INFO transportInfo;
  4801. ULONG64 buffer;
  4803. if( GetFieldValue(
  4804. ActualAddress,
  4805. "AFD!AFD_TRANSPORT_INFO",
  4806. "TransportDeviceName.Length",
  4807. length
  4808. )!=0 ||
  4809. GetFieldValue(
  4810. ActualAddress,
  4811. "AFD!AFD_TRANSPORT_INFO",
  4812. "TransportDeviceName.Buffer",
  4813. buffer
  4814. )!=0) {
  4816. dprintf(
  4817. "\nReadTransportInfo: Could not read AFD_TRANSPORT_INFO @ %p\n",
  4818. ActualAddress
  4819. );
  4821. return NULL;
  4823. }
  4825. if (length < sizeof (L"\\Device\\")-2) {
  4826. dprintf(
  4827. "\nReadTransportInfo: transport info (@%p) device name length (%ld) is less than sizeof (L'\\Device\\')-2\n",
  4828. ActualAddress,
  4829. length
  4830. );
  4832. return NULL;
  4833. }
  4836. transportInfo = RtlAllocateHeap (RtlProcessHeap (),
  4837. 0,
  4838. FIELD_OFFSET (AFDKD_TRANSPORT_INFO,
  4839. DeviceName[length/2+1]));
  4840. if (transportInfo==NULL) {
  4841. dprintf(
  4842. "\nReadTransportInfo: Could not allocate space for transport info.\n"
  4843. );
  4844. return NULL;
  4845. }
  4847. transportInfo->ActualAddress = ActualAddress;
  4849. if (GetFieldValue (
  4850. ActualAddress,
  4851. "AFD!AFD_TRANSPORT_INFO",
  4852. "ReferenceCount",
  4853. transportInfo->ReferenceCount)!=0 ||
  4854. GetFieldValue (
  4855. ActualAddress,
  4856. "AFD!AFD_TRANSPORT_INFO",
  4857. "InfoValid",
  4858. transportInfo->InfoValid)!=0 ||
  4859. GetFieldValue (
  4860. ActualAddress,
  4861. "AFD!AFD_TRANSPORT_INFO",
  4862. "ProviderInfo",
  4863. transportInfo->ProviderInfo)!=0 ||
  4864. !ReadMemory(
  4865. buffer,
  4866. &transportInfo->DeviceName,
  4867. length,
  4868. &result
  4869. )) {
  4871. dprintf(
  4872. "\nReadTransportInfo: Could not read AFD_TRANSPORT_INFO @ %p\n",
  4873. ActualAddress
  4874. );
  4875. RtlFreeHeap (RtlProcessHeap (), 0, transportInfo);
  4877. return NULL;
  4879. }
  4881. transportInfo->DeviceName[length/2] = 0;
  4882. return transportInfo;
  4883. }
  4886. VOID
  4887. DumpTransportInfo (
  4888. PAFDKD_TRANSPORT_INFO TransportInfo
  4889. )
  4890. {
  4891. dprintf ("\nTransport Info @ %p\n", TransportInfo->ActualAddress);
  4892. dprintf (" TransportDeviceName = %ls\n",
  4893. TransportInfo->DeviceName);
  4894. dprintf (" ReferenceCount = %ld\n",
  4895. TransportInfo->ReferenceCount);
  4896. if (TransportInfo->InfoValid) {
  4897. dprintf (" ProviderInfo:\n");
  4898. dprintf (" Version = %8.8lx\n",
  4899. TransportInfo->ProviderInfo.Version);
  4900. dprintf (" MaxSendSize = %ld\n",
  4901. TransportInfo->ProviderInfo.MaxSendSize);
  4902. dprintf (" MaxConnectionUserData = %ld\n",
  4903. TransportInfo->ProviderInfo.MaxConnectionUserData);
  4904. dprintf (" MaxDatagramSize = %ld\n",
  4905. TransportInfo->ProviderInfo.MaxDatagramSize);
  4906. dprintf (" ServiceFlags = %lx (",
  4907. TransportInfo->ProviderInfo.ServiceFlags);
  4908. if (TDI_SERVICE_ORDERLY_RELEASE & TransportInfo->ProviderInfo.ServiceFlags)
  4909. dprintf (" OrdRel");
  4910. if (TDI_SERVICE_DELAYED_ACCEPTANCE & TransportInfo->ProviderInfo.ServiceFlags)
  4911. dprintf (" DelAcc");
  4912. if (TDI_SERVICE_EXPEDITED_DATA & TransportInfo->ProviderInfo.ServiceFlags)
  4913. dprintf (" Expd");
  4914. if (TDI_SERVICE_INTERNAL_BUFFERING & TransportInfo->ProviderInfo.ServiceFlags)
  4915. dprintf (" Buff");
  4916. if (TDI_SERVICE_MESSAGE_MODE & TransportInfo->ProviderInfo.ServiceFlags)
  4917. dprintf (" Msg");
  4918. if (TDI_SERVICE_DGRAM_CONNECTION & TransportInfo->ProviderInfo.ServiceFlags)
  4919. dprintf (" DgramCon");
  4920. if (TDI_SERVICE_FORCE_ACCESS_CHECK & TransportInfo->ProviderInfo.ServiceFlags)
  4921. dprintf (" AccChk");
  4922. if (TDI_SERVICE_SEND_AND_DISCONNECT & TransportInfo->ProviderInfo.ServiceFlags)
  4923. dprintf (" S&D");
  4924. if (TDI_SERVICE_DIRECT_ACCEPT & TransportInfo->ProviderInfo.ServiceFlags)
  4925. dprintf (" DirAcc");
  4926. if (TDI_SERVICE_ACCEPT_LOCAL_ADDR & TransportInfo->ProviderInfo.ServiceFlags)
  4927. dprintf (" AcLoAd");
  4928. dprintf (" )\n");
  4930. dprintf (" MinimumLookaheadData = %ld\n",
  4931. TransportInfo->ProviderInfo.MinimumLookaheadData);
  4932. dprintf (" MaximumLookaheadData = %ld\n",
  4933. TransportInfo->ProviderInfo.MaximumLookaheadData);
  4934. dprintf (" NumberOfResources = %ld\n",
  4935. TransportInfo->ProviderInfo.NumberOfResources);
  4936. dprintf (" StartTime = %s\n",
  4937. SystemTimeToString(TransportInfo->ProviderInfo.StartTime.QuadPart));
  4938. }
  4940. }
  4943. VOID
  4944. DumpTransportInfoBrief (
  4945. PAFDKD_TRANSPORT_INFO TransportInfo
  4946. )
  4947. {
  4948. dprintf (//PollInfo IRP Thread (pid.tid) Expr Flags Hdls Array
  4949. IsPtr64 ()
  4950. ? "\n%011.011p %-30.30ls %4.4x %3.3x %8.8x %5.5x %5.5x %s"
  4951. : "\n%008.008p %-30.30ls %4.4x %3.3x %8.8x %5.5x %5.5x %s",
  4952. DISP_PTR(TransportInfo->ActualAddress),
  4953. &TransportInfo->DeviceName[sizeof ("\\device\\")-1],
  4954. TransportInfo->ReferenceCount,
  4955. TransportInfo->ProviderInfo.Version,
  4956. TransportInfo->ProviderInfo.MaxSendSize,
  4957. TransportInfo->ProviderInfo.MaxDatagramSize,
  4958. TransportInfo->ProviderInfo.ServiceFlags,
  4959. TdiServiceFlagsToStringBrief (TransportInfo->ProviderInfo.ServiceFlags));
  4961. }
  4963. PSTR
  4964. TdiServiceFlagsToStringBrief(
  4965. ULONG Flags
  4966. )
  4968. /*++
  4970. Routine Description:
  4972. Maps an TDI service flags to a displayable string.
  4974. Arguments:
  4976. Flags - flags to map
  4978. Return Value:
  4980. PSTR - Points to the displayable form of the TDI service flags.
  4982. --*/
  4984. {
  4985. static CHAR buffer[10];
  4987. buffer[0] = (TDI_SERVICE_ORDERLY_RELEASE & Flags) ? 'O' : ' ',
  4988. buffer[1] = (TDI_SERVICE_DELAYED_ACCEPTANCE & Flags) ? 'D' : ' ',
  4989. buffer[2] = (TDI_SERVICE_EXPEDITED_DATA & Flags) ? 'E' : ' ',
  4990. buffer[3] = (TDI_SERVICE_INTERNAL_BUFFERING & Flags) ? 'B' : ' ',
  4991. buffer[4] = (TDI_SERVICE_MESSAGE_MODE & Flags) ? 'M' : ' ',
  4992. buffer[5] = (TDI_SERVICE_DGRAM_CONNECTION & Flags) ? 'G' : ' ',
  4993. buffer[6] = (TDI_SERVICE_FORCE_ACCESS_CHECK & Flags) ? 'A' : ' ',
  4994. buffer[7] = (TDI_SERVICE_SEND_AND_DISCONNECT & Flags) ? '&' : ' ',
  4995. buffer[8] = (TDI_SERVICE_DIRECT_ACCEPT & Flags) ? 'R' : ' ',
  4996. buffer[9] = 0;
  4998. return buffer;
  4999. }
  5002. INT
  5003. CountListEntries (
  5004. ULONG64 ListHeadAddress
  5005. )
  5006. {
  5007. ULONG64 ptr, Next=ListHeadAddress;
  5008. INT count = 0;
  5009. Next = ListHeadAddress;
  5011. while (ReadPtr (Next, &ptr)==0 && ptr!=0 && ptr!=ListHeadAddress) {
  5012. if (CheckControlC()) {
  5013. return -1;
  5014. }
  5015. count += 1;
  5016. Next = ptr;
  5017. }
  5018. return count;
  5019. }
  5021. PSTR
  5022. ListCountEstimate (
  5023. ULONG64 ListHeadAddress
  5024. )
  5025. {
  5026. ULONG64 next, prev;
  5027. if (ReadPtr (ListHeadAddress, &next)!=0) {
  5028. return "Er";
  5029. }
  5030. else if (next==ListHeadAddress) {
  5031. return " 0";
  5032. }
  5033. else if (ReadPtr (ListHeadAddress+(IsPtr64 () ? 8 : 4), &prev)!=0) {
  5034. return "Er";
  5035. }
  5036. else if (prev==next) {
  5037. return " 1";
  5038. }
  5039. else {
  5040. return ">1";
  5041. }
  5042. }