Presentation is loading. Please wait.

Presentation is loading. Please wait.

计算机系 信息处理实验室 Lecture 7 Processes, Threads, and Jobs (1)

Published byCornelius Ray Modified over 9 years ago

Similar presentations

Presentation on theme: "计算机系 信息处理实验室 Lecture 7 Processes, Threads, and Jobs (1)"— Presentation transcript:

1 计算机系 信息处理实验室 Lecture 7 Processes, Threads, and Jobs (1) xlanchen@04/01/2005

2 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 2 Contents The internal structures of process How to create a process The internal structures of thread How to create a thread Thread Scheduling Job Objects

3 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 3 Process structures Kernel data structures KPROCESS (knl - per process) EPROCESS (executive - per process) KTHREAD (knl – per thread) ETHREAD (executive – per thread) WIN32K.SYS (knl – one struct per USER/GDI thread) Subsystem data structures CSRSS (Win32 subsystem – per user thread) User mode data structures Process Environment Block (one per process) TEB (one per thread)

4 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 4 A simplified diagram

5 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 5 EPROCESS

6 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 6 EXPERIMENT Displaying the Format of an EPROCESS Block

7 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 7 KPROCESS

8 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 8 PEB

9 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 9 EXPERIMENT Examining the PEB

10 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 10 Kernel Variables Related to Process PsActiveProcessHead PsIdleProcess PsInitialSystemProcess PspCreateProcessNotifyRoutine PspCreateProcessNotifyRoutineCount PspLoadImageNotifyRoutine PspLoadImageNotifyRoutineCount PspCidTable

11 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 11 Performance Counters With these counters track the processes running on your system; retrieve these counters programmatically or view them with the Performance tool. Process-Related Performance Counters Privileged Time Processor Time User Time Elapsed Time ID Process Creating Process ID Thread Count Handle Count

12 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 12 Functions CreateProcess /CreateProcessAsUser /CreateProcessWithLogonW OpenProcess ExitProcess /TerminateProcess FlushInstructionCache GetProcessTimes /GetExitCodeProcess /GetCommandLine GetCurrentProcessId /GetProcessVersion GetStartupInfo GetEnvironmentStrings /GetEnvironmentVariable Get/SetProcessShutdownParameters GetGuiResources

13 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 13 EXPERIMENT Viewing Process Information with Task Manager

14 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 14 EXPERIMENT Viewing the Process Tree

15 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 15 EXPERIMENT Viewing Thread Activity with QuickSlice

16 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 16 EXPERIMENT Viewing Process Details with Process Viewer

17 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 17 EXPERIMENT Using the Kernel Debugger !process Command

18 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 18 Creating a Win32 process CreateProcess CreateProcessAsUser CreateProcessWithLogonW Three parts of the OS are involved: Kernel32.dll Executive Subsystem process (Csrss) Csrss executive Kernel32.dll

19 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 19 Main stages of CreateProcess Open the image file (.exe) to be executed inside the process. Create the 2K executive process object. Create the initial thread (stack, context, and 2K executive thread object). Notify the Win32 subsystem of the new process so that it can set up for the new process and thread. Start execution of the initial thread (unless the CREATE_SUSPENDED flag was specified). In the context of the new process and thread, complete the initialization of the address space (such as load required DLLs) and begin execution of the program.

20 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 20 The main stages of process creation

21 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 21 Some notes CreationFlags  the priority class Priority class Normal (default) Real-time Below Normal Idle … Desktop

22 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 22 Stage 1: Opening the Image to Be Executed The executable file  the appropriate Win32 image Mapped into a section object of the new process

23 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 23 Choosing a Win32 image

24 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 24 Decision Tree for Stage 1 If the image is a/an This image will run And this will happen POSIX executable filePosix.exe Restarts Stage 1 OS/2 1.x imageOs2.exe MS-DOS App. (*.exe, *.com, *.pif) Ntvdm.exe Win16 App.Ntvdm.exe Command procedure MS-DOS App. (*.bat, *.cmd) Cmd.exe

25 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 25 Stage 2 Creating the Windows 2000 Executive Process Object NtCreateProcess Setting up the EPROCESS block Creating the initial process address space Creating the kernel process block Concluding the setup of the process address space Setting up the PEB Completing the setup of the executive process object

26 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 26 Stage 3: KiInitializeContextThread Creating the Initial Thread and Its Stack and Context Stack Size Context NtCreateThread  initial thread Suspended state

27 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 27 Stage 4: Notifying the Win32 Subsystem About the New Process Kernel32.dll sends a message to the Win32 subsystem Process and thread handles Entries in the creation flags ID of the process's creator Flag indicating whether the process belongs to a Win32 application (so that Csrss can determine whether or not to show the startup cursor)

28 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 28 Upon receiving the message, the Win32 subsystem set up for the new process and thread Allocate Csrss process/thread block

29 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 29 Stage 5: Starting Execution of the Initial Thread the initial thread is now resumed

30 计算机系 信息处理实验室 xlanchen@04/01/2005Understanding the Inside of Windows2000 30 Stage 6: Performing Process Initialization in the Context of the New Process KiThreadStartup

Download ppt "计算机系 信息处理实验室 Lecture 7 Processes, Threads, and Jobs (1)"

Similar presentations

计算机系 信息处理实验室 Lecture 9 Memory Management(1)

计算机系 信息处理实验室 Lecture 9 Memory Management(1)
计算机系 信息处理实验室 Lecture 3 System Mechanisms (1)

计算机系 信息处理实验室 Lecture 3 System Mechanisms (1)
计算机系 信息处理实验室 Lecture 10 Memory Management(2)

计算机系 信息处理实验室 Lecture 10 Memory Management(2)
Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS4: Scheduling and Dispatch 4.3. Windows Process.

Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS4: Scheduling and Dispatch 4.3. Windows Process.
计算机系 信息处理实验室 Understanding the Inside of Microsoft Windows 2000 2005 Spring 陈香兰.

计算机系 信息处理实验室 Understanding the Inside of Microsoft Windows Spring 陈香兰.
6 장 Process, Thread ( 앞부분 ) 발표자 : 김미선. 발표주제 1.Process 내부 2.Thread 내부 3.CreateProcess 흐름 4.Thread Activity 검사.

6 장 Process, Thread ( 앞부분 ) 발표자 : 김미선. 발표주제 1.Process 내부 2.Thread 내부 3.CreateProcess 흐름 4.Thread Activity 검사.
计算机系 信息处理实验室 Lecture 5 Startup and Shutdown

计算机系 信息处理实验室 Lecture 5 Startup and Shutdown
Windows 2000 System Architecture (continued) Computing Department, Lancaster University, UK.

Windows 2000 System Architecture (continued) Computing Department, Lancaster University, UK.
计算机系 信息处理实验室 Lecture 15 File Systems

计算机系 信息处理实验室 Lecture 15 File Systems
Chap 4 Multithreaded Programming. Thread A thread is a basic unit of CPU utilization It comprises a thread ID, a program counter, a register set and a.

Chap 4 Multithreaded Programming. Thread A thread is a basic unit of CPU utilization It comprises a thread ID, a program counter, a register set and a.
计算机系 信息处理实验室 Leture1 concepts and tools 2005 Spring 陈香兰.

计算机系 信息处理实验室 Leture1 concepts and tools 2005 Spring 陈香兰.
计算机系 信息处理实验室 Lecture 8 Processes, Threads, and Jobs (2)

计算机系 信息处理实验室 Lecture 8 Processes, Threads, and Jobs (2)
计算机系 信息处理实验室 Lecture 16 Networking

计算机系 信息处理实验室 Lecture 16 Networking
计算机系 信息处理实验室 Lecture 11 Security

计算机系 信息处理实验室 Lecture 11 Security
Slide 6-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 6 Implementing Processes, Threads, and Resources.

Slide 6-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 6 Implementing Processes, Threads, and Resources.
CSE 451: Operating Systems Winter 2009 Module 4 Processes Mark Zbikowski Gary Kimura.

CSE 451: Operating Systems Winter 2009 Module 4 Processes Mark Zbikowski Gary Kimura.
CSCE 351: Operating System Kernels

CSCE 351: Operating System Kernels
3.5 Interprocess Communication

3.5 Interprocess Communication
Process Management. External View of the OS Hardware fork() CreateProcess() CreateThread() close() CloseHandle() sleep() semctl() signal() SetWaitableTimer()

Process Management. External View of the OS Hardware fork() CreateProcess() CreateThread() close() CloseHandle() sleep() semctl() signal() SetWaitableTimer()
CS-502 Fall 2006Processes in Unix, Linux, & Windows 1 Processes in Unix, Linux, and Windows CS502 Operating Systems.

CS-502 Fall 2006Processes in Unix, Linux, & Windows 1 Processes in Unix, Linux, and Windows CS502 Operating Systems.

Similar presentations

Ads by Google