📄 csdn技术中心 windows2000 进程-线程分析(一).htm
字号:
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt"><SPAN
lang=EN-US><FONT size=3><SPAN
style="mso-spacerun: yes">
</SPAN>CONST<SPAN style="mso-spacerun: yes"> </SPAN>BYTE
*pbANDbits,</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt"><SPAN
lang=EN-US><FONT size=3><SPAN
style="mso-spacerun: yes">
</SPAN>CONST<SPAN style="mso-spacerun: yes"> </SPAN>BYTE
*pbXORbits );</FONT></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN
lang=EN-US><o:p><FONT size=3> </FONT></o:p></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><B><SPAN lang=EN-US
style="FONT-SIZE: 12pt">1</SPAN></B><B><SPAN
style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">.</SPAN></B><B><SPAN
lang=EN-US style="FONT-SIZE: 12pt">2 </SPAN></B><B><SPAN
style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">进程的内核对象句柄表</SPAN></B><B><SPAN
lang=EN-US style="FONT-SIZE: 12pt"><o:p></o:p></SPAN></B></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN
lang=EN-US><SPAN style="mso-spacerun: yes">
</SPAN></SPAN><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">当一个进程被初始化时,系统要为他分配一个句柄表。该句柄表只用于内核对象,不用于用户对象或</SPAN><SPAN
lang=EN-US>GDI</SPAN><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">对象。句柄表在</SPAN><SPAN
lang=EN-US>Windows 2000</SPAN><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">、</SPAN><SPAN
lang=EN-US>Windows98</SPAN><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">、</SPAN><SPAN
lang=EN-US>Windows CE</SPAN><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">中的实现方式都不相同。而且没有关于句柄表的详细结构和管理方法的详细资料,因此,下面的阐述不保证所有的细节都正确无误。</SPAN></FONT></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN
lang=EN-US><v:shapetype id=_x0000_t75 stroked="f" filled="f"
path="m@4@5l@4@11@9@11@9@5xe" o:preferrelative="t" o:spt="75"
coordsize="21600,21600"><v:stroke
joinstyle="miter"></v:stroke><v:formulas><v:f
eqn="if lineDrawn pixelLineWidth 0"></v:f><v:f
eqn="sum @0 1 0"></v:f><v:f eqn="sum 0 0 @1"></v:f><v:f
eqn="prod @2 1 2"></v:f><v:f
eqn="prod @3 21600 pixelWidth"></v:f><v:f
eqn="prod @3 21600 pixelHeight"></v:f><v:f
eqn="sum @0 0 1"></v:f><v:f eqn="prod @6 1 2"></v:f><v:f
eqn="prod @7 21600 pixelWidth"></v:f><v:f
eqn="sum @8 21600 0"></v:f><v:f
eqn="prod @7 21600 pixelHeight"></v:f><v:f
eqn="sum @10 21600 0"></v:f></v:formulas><v:path
o:connecttype="rect" gradientshapeok="t"
o:extrusionok="f"></v:path><o:lock aspectratio="t"
v:ext="edit"></o:lock></v:shapetype><v:shape id=_x0000_i1025
style="WIDTH: 414.75pt; HEIGHT: 114pt" type="#_x0000_t75"><IMG
src="CSDN技术中心 Windows2000 进程-线程分析(一).files/CSDN_Dev_Image_2003-10-231455150.jpg"
o:title="process's handle table"><FONT
size=3></FONT></v:shape></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><B><SPAN
lang=EN-US>1</SPAN></B><B><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">.</SPAN><SPAN
lang=EN-US>2</SPAN></B><B><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">.</SPAN><SPAN
lang=EN-US>1 </SPAN></B><B><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">创建内核对象</SPAN><SPAN
lang=EN-US><o:p></o:p></SPAN></B></FONT></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN
lang=EN-US><SPAN style="mso-spacerun: yes">
</SPAN></SPAN><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">当进程初次被初始化时,它的句柄表是空的。然后,当进程中的线程调用创建内核对象的函数时,内核就为该对象分配一个内存块,并对它初始化。这时,内核对象对该进程的句柄表进行扫描,找出一个空位置。然后将在该位置上设置相应的内核对象的数据结构的内存地址、访问屏蔽位和标志位。</SPAN></FONT></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN
lang=EN-US><SPAN style="mso-spacerun: yes">
</SPAN></SPAN><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">用于创建内核对象的所有函数均返回与进程相关的句柄,这些句柄可以被该进程中的所有线程使用。这些句柄值实际上是放入进程的句柄表中的索引,它用于标识内核对象存放的位置。实际上在</SPAN><SPAN
lang=EN-US>Windows2000</SPAN><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">中,函数的返回值是创建内核对象时写入进程句柄表中的字节数。而不是索引本身。关于句柄的含义并没有文档资料,而且其实现方式是随时会变化的。</SPAN></FONT></P>
<P class=MsoNormal
style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt"><SPAN
lang=EN-US><o:p><FONT size=3> </FONT></o:p></SPAN></P>
<P class=MsoNormal
style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt"><SPAN
style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'"><FONT
size=3>用于创建内核对象的一些函数:</FONT></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN
lang=EN-US><o:p><FONT size=3> </FONT></o:p></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN
lang=EN-US><o:p><FONT size=3> </FONT></o:p></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt"><SPAN
lang=EN-US><FONT size=3>HANDLE CreateThread(</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 32.25pt"><SPAN
lang=EN-US><FONT size=3>PSECURITY_ATTRIBUTES<SPAN
style="mso-spacerun: yes">
</SPAN>psa,</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 32.25pt"><SPAN
lang=EN-US><FONT size=3>DWOD<SPAN
style="mso-spacerun: yes">
</SPAN>dwStackSize,</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 32.25pt"><SPAN
lang=EN-US><FONT size=3>LPTHREAD_START_ROUTINE<SPAN
style="mso-spacerun: yes">
</SPAN>pfnStartAddr,</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 32.25pt"><SPAN
lang=EN-US><FONT size=3>PVOID<SPAN
style="mso-spacerun: yes">
</SPAN>pvParam,</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 32.25pt"><SPAN
lang=EN-US><FONT size=3>DWORD<SPAN
style="mso-spacerun: yes">
</SPAN>dwCreationFlags,</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 32.25pt"><SPAN
lang=EN-US><FONT size=3>PDWORD<SPAN
style="mso-spacerun: yes">
</SPAN>pdwThreadId );</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt"><SPAN
lang=EN-US><o:p><FONT size=3> </FONT></o:p></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt"><SPAN
lang=EN-US><FONT size=3>HANDLE CreateSemaphore(</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 32.25pt"><SPAN
lang=EN-US><FONT size=3>PSECURITY_ATTRIBUTES<SPAN
style="mso-spacerun: yes">
</SPAN>psa,</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 32.25pt"><SPAN
lang=EN-US><FONT size=3>LONG<SPAN
style="mso-spacerun: yes">
</SPAN>lInitialCount,</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 32.25pt"><SPAN
lang=EN-US><FONT size=3>LONG<SPAN
style="mso-spacerun: yes">
</SPAN>lMaximumCount,</FONT></SPAN></P>
<P class=MsoNormal
style="BACKGROUND: #e0e0e0; MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 32.25pt"><SPAN
lang=EN-US><FONT size=3>PCTSTR<SPAN
style="mso-spacerun: yes">
</SPAN>pszName );</FONT></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN
lang=EN-US><o:p><FONT size=3> </FONT></o:p></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><B><SPAN
style="FONT-SIZE: 12pt; COLOR: red; FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">猜测:</SPAN></B><FONT
size=3><SPAN
style="COLOR: blue; FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">首先,可以肯定,在</SPAN><SPAN
lang=EN-US style="COLOR: blue">Windows 2000</SPAN><SPAN
style="COLOR: blue; FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">下每创建一个进程就会对应的产生一个进程内核对象,</SPAN><SPAN
lang=EN-US style="COLOR: blue">Windows</SPAN><SPAN
style="COLOR: blue; FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">本身维护一张系统全局进程表,该进程表中的每一行对应一个进程内核对象,即一个实际的进程。当一个进程创建了一个子进程时,该子进程对应的内核对象句柄并不会写入其父进程的句柄表中。而是直接写入系统全局进程表中。同样,对于每个线程也会产生一个线程内核对象,关于该内核对象的信息也被保存在系统全局线程表中。而</SPAN><SPAN
lang=EN-US style="COLOR: blue">Windows</SPAN><SPAN
style="COLOR: blue; FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">就是依据这两个表来管理和调度系统中的进程和线程的。这里提到的进程内核对象应该就是《操作系统》一书中在进程控制结构一节中提到的进程控制块(</SPAN><SPAN
lang=EN-US style="COLOR: blue">Process Control Block</SPAN><SPAN
style="COLOR: blue; FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">)</SPAN><SPAN
lang=EN-US style="COLOR: blue">PCB</SPAN><SPAN
style="COLOR: blue; FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'">。在该书中提到的进程映像(</SPAN><SPAN
lang=EN-US style="COLOR: blue">Process Image</SPAN><SPAN
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -