lecture 8 processes, threads, and jobs (2)

计算机系•信息处理实验室

Lecture 8 Processes, Threads, and Jobs (2)

xlanchen@04/08/2005

xlanchen@04/08/2005 Understanding the Inside of Windows2000

2计算机系信息处理实验室

Contents

The internal structures of process

How to create a process

The internal structures of thread

How to create a thread

Thread Scheduling

Job Objects



Thread structures

a Windows 2000 thread is represented by ETHREAD block

in the system address spaceexcept TEB

How is the thread related to Csrss and Win32k.sys



Fibers vs. Threads

Fibers

"lightweight" threads

implemented in user mode in Kernel32.dll

allow an App. to schedule its own "threads" outside the priority-based scheduling mechanism of 2K

ConvertThreadToFiber, win32 function

CreateFiber

SwitchToFiber



Structure of the kernel thread block



EXPERIMENT

Displaying ETHREAD and KTHREAD Structures



Fields of the TEB



EXPERIMENT

Examining the TEB



Related Kernel Variables

PspCreateThreadNotifyRoutine

PspCreateThreadNotifyRoutineCount

PspCreateProcessNotifyRoutine

PspCreateProcessNotifyRoutineCount

PspCidTable



Related Performance Counters

Process:

Priority Base

Thread:

% Privileged Time

% Processor Time

% User Time

Context Switches/Sec

Elapsed Time

ID Process

ID Thread

Priority Base

Priority Current

Start Address

Thread State

Thread Wait Reason



Win32 Thread Functions

CreateThread

CreateRemoteThread

ExitThread

TerminateThread

GetExitCodeThread

GetThreadTimes

Get/SetThreadContext

GetThreadSelectorEntry



EXPERIMENT

Using the Kernel Debugger !thread Command



EXPERIMENT

Viewing Thread Information



Create a thread

CreateThread to create a Win32 thread

In Kernel32.dll

1. Creates a user-mode stack

2. Initializes the thread's hardware context

3. Calles NtCreateThread to create the executive thread object in the suspended state

4. Notifies the Win32 subsystem about the new thread

5. Return the thread handle and its ID to the caller



the thread starts running

KiThreadStartup

PspUserThreadStartup

LdrInitializeThunk (in Ntdll.dll)



Flow of CreateThread



2K Scheduling priority-driven, preemptive

the highest-priority runnable (ready) thread always runs,

processor affinity

quantum

the length of time a thread is allowed to run before Windows 2000 interrupts the thread to find out whether another thread at the same priority level or higher is waiting to run or whether the thread's priority needs to be reduced



EXPERIMENT

Viewing Ready Threads



EXPERIMENT

Thread-Scheduling State Changes



Thread priority levels



Kernel prioritiesWin32 vs. Windows 2000



kernel's dispatcher

dispatching occurs at DPC/dispatch level and is triggered by any of the following events

A thread becomes ready to execute

A thread leaves the running state

because its time quantum ends, it terminates, or it enters a wait state

A thread's priority changes

The processor affinity of a running thread changes.



Win32 Scheduling APIs

Suspend/ResumeThread

Suspends or resumes a paused thread from execution.

Get/SetPriorityClass

Returns or sets a process's priority class (base priority).

Get/SetThreadPriority

Returns or sets a thread's priority (relative to its process base priority).



Get/SetProcessAffinityMask

Returns or sets a process's affinity mask.

SetThreadAffinityMask

Sets a thread's affinity mask (must be a subset of the process's affinity mask) for a particular set of processors, restricting it to running on those processors.



Get/SetThreadPriorityBoost

Returns or sets the ability for Windows 2000 to boost the priority of a thread temporarily (applies only to threads in the dynamic range).

SetThreadIdealProcessor

Establishes a preferred processor for a particular thread but doesn't restrict the thread to that processor.

Get/SetProcessPriorityBoost

Returns or sets the default priority boost control state of the current process. (This function is used to set the thread priority boost control state when a thread is created.)



SwitchToThread

Yields execution for one or more quantums.

Sleep

Puts the current thread into a wait state for a specified time interval (figured in milliseconds [msec]). A zero value relinquishes the rest of the thread's quantum.

SleepEx

Causes the current thread to go into a wait state until either an I/O completion callback is completed, an APC is queued to the thread, or the specified time interval ends.



EXPERIMENT

Examining and Specifying Process and Thread Priorities



Real-Time Priorities

Increase scheduling priority privilege

2K is not a true real-time operating system



Interrupt Levels vs. Priority Levels



Thread states



Quantum

Quantum Accounting

Default: 6

Per clock interrupt: -3 ???

The clock interval is determined by hardware platform

Controlling the Quantum



EXPERIMENT

Determining the Clock Interval Frequency



Scheduling Data Structures



Scheduling Scenarios

Voluntary Switch

Preemption

Quantum End

Termination



Voluntary switching



Preemptive thread scheduling



Quantum End



Context Switching

A thread's context and the procedure for context switching vary depending on the processor's architecture

A typical context switch requires saving and reloading the following data:

Program counter

Processor status register

Other register contents

User and kernel stack pointers

A pointer to the address space in which the thread runs (the process's page table directory)



Idle Thread Dispatched when no runnable thread exists on a CPU

Each CPU is allotted one idle thread

the basic flow

Enables and disables interrupts (allowing any pending interrupts to be delivered).

Checks whether any DPCs are pending on the processor. If DPCs are pending, clears the pending software interrupt and delivers them.

Checks whether a thread has been selected to run next on the processor, and if so, dispatches that thread.

Calls the HAL processor idle routine (in case any power management functions need to be performed).



Priority Boosts

In five cases, Windows 2000 can boost (increase) the current priority value of threads

On completion of I/O operations

After waiting on executive events or semaphores

After threads in the foreground process complete a wait operation

When GUI threads wake up because of windowing activity

When a thread that's ready to run hasn't been running for some time (CPU starvation)



Priority boosting and decay



EXPERIMENT

Watching Foreground Priority Boosts and Decays



EXPERIMENT

Watching Priority Boosts on GUI Threads



EXPERIMENT

Watching Priority Boosts for CPU Starvation



Scheduling on SMP Systems

Affinity

Ideal and Last Processor

Choosing a Processor for a Ready Thread

Selecting a Thread to Run on a Specific CPU

When the Highest-Priority Ready Threads Are Not Running ?



Job Objects

A job object is a nameable, securable, shareable kernel object that allows control of one or more processes as a group.

basic function

to allow groups of processes to be managed and manipulated as a unit



A process can be a member of only one job object

Win32 API Functions for Jobs

CreateJobObject

OpenJobObject

AssignProcessToJobObject

TerminateJobObject

SetInformationJobObject

QueryInformationJobObject



EXPERIMENT

Viewing the Job Object

lecture 8 processes, threads, and jobs (2)

Documents