Software Diagnostics Library

When analyzing memory dumps from specific application platforms we see threads having definite purpose as part of that specific platform architecture, design and implementation. For example, in applications and services involving .NET CLR we see the following Special Threads:

0:000> !Threads -special
ThreadCount:      9
UnstartedThread:  0
BackgroundThread: 7
PendingThread:    0
DeadThread:       1
Hosted Runtime:   no
                                   PreEmptive   GC Alloc                Lock
       ID  OSID ThreadOBJ    State GC           Context       Domain   Count APT Exception
   0    1   b10 002fbe88      6020 Enabled  0acbdebc:0acbf5a4 002f17d0     0 STA
   2    2   bf0 00306b18      b220 Enabled  00000000:00000000 002f17d0     0 MTA (Finalizer)
   3    3   b34 0034c188      b220 Enabled  00000000:00000000 002f17d0     0 MTA
XXXX    5       0037e3e0     19820 Enabled  00000000:00000000 002f17d0     0 Ukn
   5    7   700 04b606c8   200b220 Enabled  00000000:00000000 002f17d0     0 MTA
   6    4   ec4 04baffa0   200b220 Enabled  00000000:00000000 002f17d0     0 MTA
   8    8   10c 04bf19b8   8009220 Enabled  00000000:00000000 002f17d0     0 MTA (Threadpool Completion Port)
   9   11   464 0be106d8      1220 Enabled  00000000:00000000 002f17d0     0 Ukn
  10   10   da0 003c7958      7220 Disabled 00000000:00000000 0be1dd00     0 STA

       OSID     Special thread type
    1    c08    DbgHelper
    2    bf0    Finalizer
    7    f54    Gate
    8    10c    IOCompletion
    9    464    ADUnloadHelper

- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -

This entry was posted on Thursday, October 27th, 2011 at 3:35 pm and is filed under .NET Debugging, Crash Dump Analysis, Crash Dump Patterns, Debugging, Stack Trace Collection. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.