Multithreading (Windows) Process Creation / Exiting / Termination - - PowerPoint PPT Presentation

multithreading windows
SMART_READER_LITE
LIVE PREVIEW

Multithreading (Windows) Process Creation / Exiting / Termination - - PowerPoint PPT Presentation

Jul 22, 2023 370 likes •513 views

BS1 WS19/20 topic-based slides Multithreading (Windows) Process Creation / Exiting / Termination Comparison between UNIX and Windows Thread Creation / Termination / Suspending / Resuming Fibers Jobs Processing API: Windows

slide-1
SLIDE 1

BS1 WS19/20 – topic-based slides

Multithreading (Windows)

  • Process Creation / Exiting / Termination
  • Comparison between UNIX and Windows
  • Thread Creation / Termination / Suspending / Resuming
  • Fibers
  • Jobs
slide-2
SLIDE 2

Operating Systems 16

Processing API: Windows

  • CreateProcess
  • OpenProcess
  • GetCurrentProcessId - returns a global ID
  • GetCurrentProcess - returns a handle
  • ExitProcess
  • TerminateProcess - no DLL notifjcation
  • Get/SetProcessShutdownParameters
  • GetExitCodeProcess
  • GetProcessTimes
  • GetStartupInfo
slide-3
SLIDE 3

Operating Systems 17

Process Creation

  • No parent/child relation in Win32 Subsystem
  • CreateProcess() – new process with primary thread

BOOL CreateProcess( LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFO lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)

slide-4
SLIDE 4

Operating Systems 18

typedef struct _PROCESS_INFORMATION { HANDLE hProcess; HANDLE hThread; DWORD dwProcessId; DWORD dwThreadId; } PROCESS_INFORMATION;

Parameters

  • fdwCreate:
  • CREATE_SUSPENDED, DETACHED_PROCESS,

CREATE_NEW_CONSOLE, CREATE_NEW_PROCESS_GROUP

  • lpStartupInfo:
  • Main window appearance
  • Parent‘s info: GetStartupInfo
  • hStdIn, hStdOut, hStdErr fjelds for I/O redirection
  • lpProcessInformation:
  • Ptr to handle & ID
  • f new proc/thread
slide-5
SLIDE 5

Operating Systems 19

  • Shared resources must be released before exiting
  • Mutexes, semaphores, events
  • But:
  • _fjnally, _except

handlers are not executed

  • n ExitProcess
  • TerminateProcess leaves

target process no time to react

VOID ExitProcess( UINT uExitCode); BOOL TerminateProcess( HANDLE hProcess, UINT uExitCode); BOOL GetExitCodeProcess( HANDLE hProcess, LPDWORD lpExitCode);

Exiting and Terminating a Process

slide-6
SLIDE 6

Operating Systems 20

UNIX & Windows Comparison

  • Windows API has no equivalent to fork()
  • CreateProcess() similar to fork()/exec()
  • fork/exec allow the parent to execute logic inside the child
  • CreateProcess disallows this, adds function parameters instead
  • UNIX $PATH != Windows $PATH (lpCommandLine argument)
  • current directory (‘dot’) is part of the PATH in Windows
  • Windows Subsystem API has no process parent/child relations
  • No UNIX process groups in Windows API
  • Limited form: group = processes to receive a console event
slide-7
SLIDE 7

Operating Systems 22

Threading API: Windows

  • CreateThread
  • CreateRemoteThread
  • GetCurrentThreadId - returns global ID
  • GetCurrentThread - returns handle
  • SuspendThread/ResumeThread
  • ExitThread
  • TerminateThread - no DLL notifjcation
  • GetExitCodeThread
  • GetThreadTimes
slide-8
SLIDE 8

Operating Systems 23

Windows API Thread Creation

  • lpstartAddr points to function declared as
  • lpvThreadParm is 32-bit argument
  • LPIDThread points to DWORD that receives thread ID

non-NULL pointer!

  • CbStack == 0: thread stack size defaults to primary thread stack size

DWORD WINAPI ThreadFunc(LPVOID) HANDLE CreateThread ( LPSECURITY_ATTRIBUTES lpsa, DWORD cbStack, LPTHREAD_START_ROUTINE lpStartAddr, LPVOID lpvThreadParm, DWORD fdwCreate, LPDWORD lpIDThread)

slide-9
SLIDE 9

Operating Systems 24

When the last thread in a process terminates, the process itself terminates (TerminateThread() does not execute fjnal SEH)

  • Thread continues to exist until last handle is closed

(CloseHandle())

  • Returns exit code or STILL_ACTIVE

BOOL GetExitCodeThread ( HANDLE hThread, LPDWORD lpdwExitCode) VOID ExitThread( DWORD devExitCode )

Windows API Thread Termination

slide-10
SLIDE 10

Operating Systems 25

  • Each thread has suspend count
  • Can only execute if suspend count == 0
  • Thread can be created in suspended state
  • Both functions return suspend count or 0xFFFFFFFF on failure

DWORD ResumeThread (HANDLE hThread) DWORD SuspendThread(HANDLE hThread)

Suspending and Resuming Threads

slide-11
SLIDE 11

Operating Systems 27

Fibers

  • Implemented completely in user mode
  • no “internals” ramifjcations
  • Fibers are still scheduled as threads
  • Fiber APIs allow difgerent execution contexts within a thread

stack

fjber-local storage

some registers (essentially those saved and restored for a procedure call)

cooperatively “scheduled” within the thread

  • Analogous to threading libraries under many Unix systems
  • Analogous to co-routines in assembly language
  • Allow easy porting of apps that “did their own threads” under other systems
slide-12
SLIDE 12

Operating Systems 28

Windows: Jobs

  • Jobs are collections of processes
  • Can be used to specify limits on CPU, memory, and security
  • Enables control over some unique process & thread settings not available through any

process or thread system call

E.g. length of thread time slice

  • How do processes become part of a job?
  • Job object has to be created (CreateJobObject)
  • Then processes are explicitly added (AssignProcessToJob)

Processes created by processes in a job automatically are part of the job

– Unless restricted, processes can “break away” from a job

  • Then quotas and limits are defjned (SetInformationJobObject)

Examples on next slide…

Job Processes

slide-13
SLIDE 13

Operating Systems 29

Windows: Job Settings

  • Quotas and restrictions:
  • Quotas: total CPU time, # active processes, per-process CPU time, memory usage
  • Run-time restrictions: priority of all the processes in job; processors threads in job

can run on

  • Security restrictions: limits what processes can do

Not acquire administrative privileges

Not accessing windows outside the job, no reading/writing the clipboard

  • Scheduling class: number from 0-9 (5 is default) - afgects length of thread

timeslice (or quantum)

E.g. can be used to achieve “class scheduling” (partition CPU)

slide-14
SLIDE 14

Operating Systems 30

Windows: Jobs

  • Examples where Windows OS uses jobs:
  • Add/Remove Programs (“ARP Job”)
  • WMI provider
  • RUNAS service (SecLogon) uses jobs to terminate processes at log
  • ut

– SU from NT4 ResKit didn’t do this

  • Process Explorer highlights processes that are members of jobs
  • Color can be confjgured with Options->Confjgure Highlighting
  • For processes in a job, click on Job tab in process properties to see

details