Spy++ and Context Switches
-
Vovka
- Уже с Приветом
- Posts: 1906
- Joined: 14 Mar 2001 10:01
Spy++ and Context Switches
Любопытно, откуда Spy++ берёт "Context Switches" для нити - количество раз, сколько нить становилась активной? И почему это значение увеличивается каждый раз, когда делаем refresh?
-
russianguy
- Уже с Приветом
- Posts: 1382
- Joined: 29 Mar 2000 10:01
- Location: WA
struct _KTHREAD {
struct _DISPATCHER_HEADER Header;
struct _LIST_ENTRY MutantListHead;
void *InitialStack;
void *StackLimit;
void *Teb;
void *TlsArray;
void *KernelStack;
byte DebugActive;
byte State;
byte Alerted[2];
byte Iopl;
byte NpxState;
char Saturation;
char Priority;
struct _KAPC_STATE ApcState;
uint32 ContextSwitches;
int32 WaitStatus;
byte WaitIrql;
char WaitMode;
byte WaitNext;
byte WaitReason;
struct _KWAIT_BLOCK *WaitBlockList;
struct _LIST_ENTRY WaitListEntry;
uint32 WaitTime;
char BasePriority;
byte DecrementCount;
char PriorityDecrement;
char Quantum;
struct _KWAIT_BLOCK WaitBlock[4];
void *LegoData;
uint32 KernelApcDisable;
uint32 UserAffinity;
byte SystemAffinityActive;
byte PowerState;
byte NpxIrql;
byte Pad[1];
void *ServiceTable;
struct _KQUEUE *Queue;
uint32 ApcQueueLock;
struct _KTIMER Timer;
struct _LIST_ENTRY QueueListEntry;
uint32 Affinity;
byte Preempted;
byte ProcessReadyQueue;
byte KernelStackResident;
byte NextProcessor;
void *CallbackStack;
void *Win32Thread;
struct _KTRAP_FRAME *TrapFrame;
struct _KAPC_STATE *ApcStatePointer[2];
char PreviousMode;
byte EnableStackSwap;
byte LargeStack;
byte ResourceIndex;
uint32 KernelTime;
uint32 UserTime;
struct _KAPC_STATE SavedApcState;
byte Alertable;
byte ApcStateIndex;
byte ApcQueueable;
byte AutoAlignment;
void *StackBase;
struct _KAPC SuspendApc;
struct _KSEMAPHORE SuspendSemaphore;
struct _LIST_ENTRY ThreadListEntry;
char FreezeCount;
char SuspendCount;
byte IdealProcessor;
byte DisableBoost;
};
struct _DISPATCHER_HEADER Header;
struct _LIST_ENTRY MutantListHead;
void *InitialStack;
void *StackLimit;
void *Teb;
void *TlsArray;
void *KernelStack;
byte DebugActive;
byte State;
byte Alerted[2];
byte Iopl;
byte NpxState;
char Saturation;
char Priority;
struct _KAPC_STATE ApcState;
uint32 ContextSwitches;
int32 WaitStatus;
byte WaitIrql;
char WaitMode;
byte WaitNext;
byte WaitReason;
struct _KWAIT_BLOCK *WaitBlockList;
struct _LIST_ENTRY WaitListEntry;
uint32 WaitTime;
char BasePriority;
byte DecrementCount;
char PriorityDecrement;
char Quantum;
struct _KWAIT_BLOCK WaitBlock[4];
void *LegoData;
uint32 KernelApcDisable;
uint32 UserAffinity;
byte SystemAffinityActive;
byte PowerState;
byte NpxIrql;
byte Pad[1];
void *ServiceTable;
struct _KQUEUE *Queue;
uint32 ApcQueueLock;
struct _KTIMER Timer;
struct _LIST_ENTRY QueueListEntry;
uint32 Affinity;
byte Preempted;
byte ProcessReadyQueue;
byte KernelStackResident;
byte NextProcessor;
void *CallbackStack;
void *Win32Thread;
struct _KTRAP_FRAME *TrapFrame;
struct _KAPC_STATE *ApcStatePointer[2];
char PreviousMode;
byte EnableStackSwap;
byte LargeStack;
byte ResourceIndex;
uint32 KernelTime;
uint32 UserTime;
struct _KAPC_STATE SavedApcState;
byte Alertable;
byte ApcStateIndex;
byte ApcQueueable;
byte AutoAlignment;
void *StackBase;
struct _KAPC SuspendApc;
struct _KSEMAPHORE SuspendSemaphore;
struct _LIST_ENTRY ThreadListEntry;
char FreezeCount;
char SuspendCount;
byte IdealProcessor;
byte DisableBoost;
};
-
Vovka
- Уже с Приветом
- Posts: 1906
- Joined: 14 Mar 2001 10:01
-
russianguy
- Уже с Приветом
- Posts: 1382
- Joined: 29 Mar 2000 10:01
- Location: WA
#define _WIN32_WINNT 0x0500
#include <stdio.h>
#include <TCHAR.h>
#include <windows.h>
#pragma comment(linker, "/DEFAULTLIB:ntdll.lib")
//
// stolen/modified winternl.h
//
extern "C"{
typedef enum _SYSTEM_INFORMATION_CLASS {
SystemBasicInformation = 0,
SystemPerformanceInformation = 2,
SystemTimeOfDayInformation = 3,
SystemProcessInformation = 5,
SystemProcessorPerformanceInformation = 8,
SystemInterruptInformation = 23,
SystemExceptionInformation = 33,
SystemRegistryQuotaInformation = 37,
SystemLookasideInformation = 45
} SYSTEM_INFORMATION_CLASS;
DWORD WINAPI NtQuerySystemInformation (
IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
OUT PVOID SystemInformation,
IN ULONG SystemInformationLength,
OUT PULONG ReturnLength OPTIONAL
);
typedef struct _SYSTEM_PROCESS_INFORMATION_EX {
ULONG NextEntryOffset;
ULONG NumOfThreads;
BYTE Reserved1[48];
PVOID Reserved2[3];
HANDLE UniqueProcessId;
PVOID Reserved3;
ULONG HandleCount;
BYTE Reserved4[4];
PVOID Reserved5[11];
SIZE_T PeakPagefileUsage;
SIZE_T PrivatePageCount;
LARGE_INTEGER Reserved6[6];
struct {
PVOID TReserved00;
PVOID TReserved01;
PVOID TReserved02;
PVOID TReserved03;
PVOID TReserved04;
PVOID TReserved05;
PVOID TReserved06;
PVOID TReserved07;
PVOID TReserved08;
PVOID tid;
PVOID pri;
PVOID TReserved0B;
PVOID ctxswtch;
PVOID TReserved0D;
PVOID TReserved0E;
PVOID TReserved0F;
}Threads[1];
} SYSTEM_PROCESS_INFORMATION_EX, *PSYSTEM_PROCESS_INFORMATION_EX;
}
//from ntstatus.h
#define STATUS_INFO_LENGTH_MISMATCH 0xC0000004
int main(int argc, char* argv[])
{
DWORD dwSize = 0x10000;
#define SIZE_INCREMENT 0x2000
#define SIZE_MAX 0x0A00000
DWORD i = 0, j = 0;
PSYSTEM_PROCESS_INFORMATION_EX pex0 = NULL, pex = NULL;
pex0 = (PSYSTEM_PROCESS_INFORMATION_EX)VirtualAlloc(NULL, SIZE_MAX, MEM_RESERVE, PAGE_READWRITE);
if(pex0==NULL)goto _X;
if(VirtualAlloc(pex0, dwSize, MEM_COMMIT, PAGE_READWRITE)==NULL)goto _X;
while(STATUS_INFO_LENGTH_MISMATCH == NtQuerySystemInformation(SystemProcessInformation, pex0, dwSize, NULL)){
dwSize+=SIZE_INCREMENT;
if(VirtualAlloc(pex0, dwSize, MEM_COMMIT, PAGE_READWRITE)==NULL)goto _X;
}
pex = pex0;
while(TRUE){
//process
printf("pid = 0x%04x, threads = %d\n", pex->UniqueProcessId, pex->NumOfThreads);
//dump threads
for(j=0;j<pex->NumOfThreads;j++)
printf("# %02d, tid = 0x%04x, pri = %d, ctx swtch = %d\n", j, pex->Threads[j].tid, pex->Threads[j].pri, pex->Threads[j].ctxswtch);
//next process
printf("\n");
if(pex->NextEntryOffset==0)break;
pex = PSYSTEM_PROCESS_INFORMATION_EX((PBYTE)pex + pex->NextEntryOffset);
}
_X:
if(pex0)VirtualFree(pex0, 0, MEM_RELEASE);
printf("bye\n");
return 0;
}
#include <stdio.h>
#include <TCHAR.h>
#include <windows.h>
#pragma comment(linker, "/DEFAULTLIB:ntdll.lib")
//
// stolen/modified winternl.h
//
extern "C"{
typedef enum _SYSTEM_INFORMATION_CLASS {
SystemBasicInformation = 0,
SystemPerformanceInformation = 2,
SystemTimeOfDayInformation = 3,
SystemProcessInformation = 5,
SystemProcessorPerformanceInformation = 8,
SystemInterruptInformation = 23,
SystemExceptionInformation = 33,
SystemRegistryQuotaInformation = 37,
SystemLookasideInformation = 45
} SYSTEM_INFORMATION_CLASS;
DWORD WINAPI NtQuerySystemInformation (
IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
OUT PVOID SystemInformation,
IN ULONG SystemInformationLength,
OUT PULONG ReturnLength OPTIONAL
);
typedef struct _SYSTEM_PROCESS_INFORMATION_EX {
ULONG NextEntryOffset;
ULONG NumOfThreads;
BYTE Reserved1[48];
PVOID Reserved2[3];
HANDLE UniqueProcessId;
PVOID Reserved3;
ULONG HandleCount;
BYTE Reserved4[4];
PVOID Reserved5[11];
SIZE_T PeakPagefileUsage;
SIZE_T PrivatePageCount;
LARGE_INTEGER Reserved6[6];
struct {
PVOID TReserved00;
PVOID TReserved01;
PVOID TReserved02;
PVOID TReserved03;
PVOID TReserved04;
PVOID TReserved05;
PVOID TReserved06;
PVOID TReserved07;
PVOID TReserved08;
PVOID tid;
PVOID pri;
PVOID TReserved0B;
PVOID ctxswtch;
PVOID TReserved0D;
PVOID TReserved0E;
PVOID TReserved0F;
}Threads[1];
} SYSTEM_PROCESS_INFORMATION_EX, *PSYSTEM_PROCESS_INFORMATION_EX;
}
//from ntstatus.h
#define STATUS_INFO_LENGTH_MISMATCH 0xC0000004
int main(int argc, char* argv[])
{
DWORD dwSize = 0x10000;
#define SIZE_INCREMENT 0x2000
#define SIZE_MAX 0x0A00000
DWORD i = 0, j = 0;
PSYSTEM_PROCESS_INFORMATION_EX pex0 = NULL, pex = NULL;
pex0 = (PSYSTEM_PROCESS_INFORMATION_EX)VirtualAlloc(NULL, SIZE_MAX, MEM_RESERVE, PAGE_READWRITE);
if(pex0==NULL)goto _X;
if(VirtualAlloc(pex0, dwSize, MEM_COMMIT, PAGE_READWRITE)==NULL)goto _X;
while(STATUS_INFO_LENGTH_MISMATCH == NtQuerySystemInformation(SystemProcessInformation, pex0, dwSize, NULL)){
dwSize+=SIZE_INCREMENT;
if(VirtualAlloc(pex0, dwSize, MEM_COMMIT, PAGE_READWRITE)==NULL)goto _X;
}
pex = pex0;
while(TRUE){
//process
printf("pid = 0x%04x, threads = %d\n", pex->UniqueProcessId, pex->NumOfThreads);
//dump threads
for(j=0;j<pex->NumOfThreads;j++)
printf("# %02d, tid = 0x%04x, pri = %d, ctx swtch = %d\n", j, pex->Threads[j].tid, pex->Threads[j].pri, pex->Threads[j].ctxswtch);
//next process
printf("\n");
if(pex->NextEntryOffset==0)break;
pex = PSYSTEM_PROCESS_INFORMATION_EX((PBYTE)pex + pex->NextEntryOffset);
}
_X:
if(pex0)VirtualFree(pex0, 0, MEM_RELEASE);
printf("bye\n");
return 0;
}