Lecture%207%20Processes,%20Threads,%20and%20Jobs%20(1) - PowerPoint PPT Presentation

About This Presentation
Title:

Lecture%207%20Processes,%20Threads,%20and%20Jobs%20(1)

Description:

Lecture 7 Processes, Threads, and Jobs (1) xlanchen_at_04/01/2005 – PowerPoint PPT presentation

Number of Views:80
Avg rating:3.0/5.0
Slides: 31
Provided by: cxl6
Category:

less

Transcript and Presenter's Notes

Title: Lecture%207%20Processes,%20Threads,%20and%20Jobs%20(1)


1
Lecture 7 Processes, Threads, and Jobs (1)
  • xlanchen_at_04/01/2005

2
Contents
  • The internal structures of process
  • How to create a process
  • The internal structures of thread
  • How to create a thread
  • Thread Scheduling
  • Job Objects

3
Process structures
  • Kernel data structures
  • KPROCESS (knl - per process)
  • EPROCESS (executive - per process)
  • KTHREAD (knl per thread)
  • ETHREAD (executive per thread)
  • WIN32K.SYS (knl one struct per USER/GDI thread)
  • Subsystem data structures
  • CSRSS (Win32 subsystem per user thread)
  • User mode data structures
  • Process Environment Block (one per process)
  • TEB (one per thread)

4
A simplified diagram
5
EPROCESS
6
EXPERIMENT
  • Displaying the Format of an EPROCESS Block

7
KPROCESS
8
PEB
9
EXPERIMENT
  • Examining the PEB

10
Kernel Variables Related to Process
  • PsActiveProcessHead
  • PsIdleProcess
  • PsInitialSystemProcess
  • PspCreateProcessNotifyRoutine
  • PspCreateProcessNotifyRoutineCount
  • PspLoadImageNotifyRoutine
  • PspLoadImageNotifyRoutineCount
  • PspCidTable

11
Performance Counters
  • With these counters
  • track the processes running on your system
  • retrieve these counters programmatically or view
    them with the Performance tool.
  • Process-Related Performance Counters
  • Privileged Time
  • Processor Time
  • User Time
  • Elapsed Time
  • ID Process
  • Creating Process ID
  • Thread Count
  • Handle Count

12
Functions
  • CreateProcess /CreateProcessAsUser
    /CreateProcessWithLogonW
  • OpenProcess
  • ExitProcess /TerminateProcess
  • FlushInstructionCache
  • GetProcessTimes /GetExitCodeProcess
    /GetCommandLine
  • GetCurrentProcessId /GetProcessVersion
  • GetStartupInfo
  • GetEnvironmentStrings /GetEnvironmentVariable
  • Get/SetProcessShutdownParameters
  • GetGuiResources

13
EXPERIMENT
  • Viewing Process Information with Task Manager

14
EXPERIMENT
  • Viewing the Process Tree

15
EXPERIMENT
  • Viewing Thread Activity with QuickSlice

16
EXPERIMENT
  • Viewing Process Details with Process Viewer

17
EXPERIMENT
  • Using the Kernel Debugger !process Command

18
Creating a Win32 process
  • CreateProcess
  • CreateProcessAsUser
  • CreateProcessWithLogonW
  • Three parts of the OS are involved
  • Kernel32.dll
  • Executive
  • Subsystem process (Csrss)

Kernel32.dll
Csrss
executive
19
Main stages of CreateProcess
  • Open the image file (.exe) to be executed inside
    the process.
  • Create the 2K executive process object.
  • Create the initial thread (stack, context, and 2K
    executive thread object).
  • Notify the Win32 subsystem of the new process so
    that it can set up for the new process and
    thread.
  • Start execution of the initial thread (unless the
    CREATE_SUSPENDED flag was specified).
  • In the context of the new process and thread,
    complete the initialization of the address space
    (such as load required DLLs) and begin execution
    of the program.

20
The main stages of process creation
21
Some notes
  • CreationFlags ? the priority class
  • Priority class
  • Normal (default)
  • Real-time
  • Below Normal
  • Idle
  • Desktop

22
Stage 1
  • Opening the Image to Be Executed
  • The executable file ? the appropriate Win32 image
  • Mapped into a section object of the new process

23
Choosing a Win32 image
24
Decision Tree for Stage 1
If the image is a/an This image will run And this will happen
POSIX executable file Posix.exe Restarts Stage 1
OS/2 1.x image Os2.exe Restarts Stage 1
MS-DOS App. (.exe, .com, .pif) Ntvdm.exe Restarts Stage 1
Win16 App. Ntvdm.exe Restarts Stage 1
Command procedure MS-DOS App. (.bat, .cmd) Cmd.exe Restarts Stage 1
25
Stage 2
  • Creating the Windows 2000 Executive Process
    Object
  • NtCreateProcess
  • Setting up the EPROCESS block
  • Creating the initial process address space
  • Creating the kernel process block
  • Concluding the setup of the process address space
  • Setting up the PEB
  • Completing the setup of the executive process
    object

26
Stage 3
  • KiInitializeContextThread
  • Creating the Initial Thread and Its Stack and
    Context
  • Stack
  • Size
  • Context
  • NtCreateThread?initial thread
  • Suspended state

27
Stage 4
  • Notifying the Win32 Subsystem About the New
    Process
  • Kernel32.dll sends a message to the Win32
    subsystem
  • Process and thread handles
  • Entries in the creation flags
  • ID of the process's creator
  • Flag indicating whether the process belongs to a
    Win32 application (so that Csrss can determine
    whether or not to show the startup cursor)

28
  • Upon receiving the message, the Win32 subsystem
  • set up for the new process and thread
  • Allocate Csrss process/thread block

29
Stage 5
  • Starting Execution of the Initial Thread
  • the initial thread is now resumed

30
Stage 6
  • Performing Process Initialization in the Context
    of the New Process
  • KiThreadStartup
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Lecture%207%20Processes,%20Threads,%20and%20Jobs%20(1)" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!