Sysinternals Homepage
Forum Home Forum Home > Sysinternals Utilities > Process Explorer
  New Posts New Posts RSS Feed - processes TCP/IP thread call stack
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

processes TCP/IP thread call stack

 Post Reply Post Reply
Author
Message
jasonc View Drop Down
Newbie
Newbie


Joined: 23 July 2012
Status: Offline
Points: 5
Post Options Post Options   Thanks (0) Thanks(0)   Quote jasonc Quote  Post ReplyReply Direct Link To This Post Topic: processes TCP/IP thread call stack
    Posted: 05 December 2012 at 6:50pm
Hello,
 
When I double click a network connection a process is making, via the TCP/IP tab in process properties pop up I receive an alert stating:
Stacks not available in this version of Windows
 
Is there a plan to have this work on windows 7?
Or windows 8?
 
Does anyone know a tool that can do this, show the stack of a network connection?
Or the thread ID?
 
Specifically I'm looking into this.
I've posted in the windbg forums but didn't receive much helpful advice.
 

When I looked into crash dumps like this I always see this call to _GSHandlerCheck. But I can’t find any comment on it in google or MS Dev Center.

 

Child-SP          RetAddr           Call Site

00000000`0258b7e8 000007fe`fc590555 ntdll!NtWaitForSingleObject+0xa

00000000`0258b7f0 000007fe`fc59295e mswsock!_GSHandlerCheck_SEH+0x4269

00000000`0258b870 000007fe`ff122a7c mswsock!_GSHandlerCheck_SEH+0x776a

00000000`0258b960 000007fe`e8d3122b ws2_32!recv+0x13c

00000000`0258ba00 000007fe`e2878a66 dbnetlib!ConnectionRead+0x4cb

 

I searched MS Dev center for SEH and this came up.

I see a lot of interesting exception type calls using the prev button in the disassembly window.

I’ve not used that disassembly window much before so I’m not sure if they are relevant / related.

 

Structured Exception Handling Functions

http://msdn.microsoft.com/en-us/library/windows/desktop/ms680659(v=vs.85).aspx



Edited by jasonc - 05 December 2012 at 6:52pm
Back to Top
wj32 View Drop Down
Senior Member
Senior Member
Avatar

Joined: 16 January 2009
Location: Australia
Status: Offline
Points: 1016
Post Options Post Options   Thanks (1) Thanks(1)   Quote wj32 Quote  Post ReplyReply Direct Link To This Post Posted: 06 December 2012 at 10:25am
This feature was removed from the tcpip/ndis/whatever-it-was driver in Windows Vista, so it's not an easy thing to add back in.
PH, a free and open source process viewer.
Back to Top
jasonc View Drop Down
Newbie
Newbie


Joined: 23 July 2012
Status: Offline
Points: 5
Post Options Post Options   Thanks (0) Thanks(0)   Quote jasonc Quote  Post ReplyReply Direct Link To This Post Posted: 10 December 2012 at 2:09am

What about thread ID to network connection if not stack?

Thanks
Back to Top
wj32 View Drop Down
Senior Member
Senior Member
Avatar

Joined: 16 January 2009
Location: Australia
Status: Offline
Points: 1016
Post Options Post Options   Thanks (0) Thanks(0)   Quote wj32 Quote  Post ReplyReply Direct Link To This Post Posted: 14 December 2012 at 10:37am
I don't think that's possible either. You should really be using Process Monitor for this kind of thing.
PH, a free and open source process viewer.
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down