WCTwait chain traveral.docx
《WCTwait chain traveral.docx》由会员分享,可在线阅读,更多相关《WCTwait chain traveral.docx(34页珍藏版)》请在冰豆网上搜索。
![WCTwait chain traveral.docx](https://file1.bdocx.com/fileroot1/2022-11/19/81c92b00-f9cb-48cc-991a-d4e95a84c195/81c92b00-f9cb-48cc-991a-d4e95a84c1951.gif)
WCTwaitchaintraveral
WaitChainTraversal(WCT)enablesdebuggerstodiagnoseapplicationhangsanddeadlocks.Awaitchainisanalternatingsequenceofthreadsandsynchronizationobjects;eachthreadwaitsfortheobjectthatfollowsit,whichisownedbythesubsequentthreadinthechain.
Athreadwaitsforasynchronizationobjectfromthetimeitrequestsituntilithasacquiredit.Alockisownedbyathreadfromthetimethethreadacquiresit,untilitreleasesit.Lockownershipisequivalenttothelockwaitingforthethreadtoreleaseit.Therefore,ifthread1waitsforalockthatisownedbythread2,thisisthesameassayingthatthread1waitsforthread2.WCTcurrentlysupportsthefollowingsynchronizationprimitives:
∙ALPC
∙COM
∙Criticalsections
∙Mutexes
∙SendMessage
∙Waitoperationsonprocessesandthreads
Toretrievethewaitchainforoneormorethreads,createaWCTsessionusingtheOpenThreadWaitChainSessionandGetThreadWaitChainfunctions.WCTsessionsarerepresentedbyahandleoftypeHWCT.Sessionscanbeeithersynchronousorasynchronousinnature.Synchronoussessionswillblockthecallingthreaduntilawaitchainhasbeenretrieved.Synchronoussessionscannotbecanceled.AsynchronoussessionsdonotblockthecallingthreadandcanbecanceledbytheapplicationusingtheCloseThreadWaitChainSessionfunction.ResultsfromasynchronousoperationsaremadeavailablethroughaWaitChainCallbackcallbackfunctionprovidedbytheapplication.
Forasynchronoussessions,thecallercanspecifyapointertoacontextdatastructurethroughGetThreadWaitChain.Thesamepointerispassedtothecallbackfunction.Thiscontextdatastructureisuser-definedandopaquetoWCT.ItcanbeusedbytheapplicationtocommunicatecontextbetweenaWCTqueryandacallbackfunction.Acommonapproachistopassaneventhandlethroughthisstructure;whenthecallbackisexecuted,itsignalsthiseventandinformssomemonitoringthreadthatthequeryhasbeencompleted.
Relatedtopics
UsingWCT
WCTReference
ThefollowingsamplecodedemonstratestheuseofthewaitchaintraversalAPI.Itenumeratesallthreadsinthesystemandprintsthewaitchainforeachthread.
Toenumerateallthreadsinthesystem,runthesamplewithnoparameters.Toenumerateonlythethreadsfromaspecifiedprocess,runthesampleandpasstheprocessidentifierasaparameter.Thesampleperformsthefollowingsteps:
1.CallstheRegisterWaitChainCOMCallbackfunctiontoregistertheCOMcallbackfunctions.
2.CallstheOpenThreadWaitChainSessionfunctiontocreatethewaitchainsession.
3.CallstheAdjustTokenPrivilegesfunctiontoenabletheSE_DEBUG_NAMEprivilege.
4.CallstheEnumProcessesandCreateToolhelp32Snapshotfunctionstoenumeratethespecifiedthreads.
5.CallstheGetThreadWaitChaintoretrieveanarrayofWAITCHAIN_NODE_INFOstructuresthatcontainthenodesofthewaitchain.
6.Printsinformationfromthewaitchain.
7.CallstheCloseThreadWaitChainSessionfunctiontocleanupthewaitchain.
Copy
//Copyright(C)Microsoft.Allrightsreserved.
/*
*SamplecodefortheWaitChainTraversal(WCT)API.
*
*Thisprogramenumeratesallthreadsinthesystemandprintsthe
*waitchainforeachofthem.Itshouldberunfromanelevated
*commandprompttogetresultsforservices.
*
*/
#ifndefUNICODE
#defineUNICODE
#endif
#include
#include
#include
#include
#include
#include
#include
#pragmacomment(lib,"Psapi.lib")
#pragmacomment(lib,"Advapi32.lib")
typedefstruct_STR_ARRAY
{
CHARDesc[32];
}STR_ARRAY;
//Human-readablenamesforthedifferentsynchronizationtypes.
STR_ARRAYSTR_OBJECT_TYPE[]=
{
{"CriticalSection"},
{"SendMessage"},
{"Mutex"},
{"Alpc"},
{"Com"},
{"ThreadWait"},
{"ProcWait"},
{"Thread"},
{"ComActivation"},
{"Unknown"},
{"Max"}
};
//GlobalvariabletostoretheWCTsessionhandle
HWCTg_WctHandle=NULL;
//GlobalvariabletostoreOLE32.DLLmodulehandle.
HMODULEg_Ole32Hnd=NULL;
//
//Functionprototypes
//
void
PrintWaitChain(
__inDWORDThreadId
);
BOOL
GrantDebugPrivilege()
/*++
RoutineDescription:
Enablesthedebugprivilege(SE_DEBUG_NAME)forthisprocess.
Thisisnecessaryifwewanttoretrievewaitchainsforprocesses
notownedbythecurrentuser.
Arguments:
None.
ReturnValue:
TRUEifthisprivilegecouldbeenabled;FALSEotherwise.
--*/
{
BOOLfSuccess=FALSE;
HANDLETokenHandle=NULL;
TOKEN_PRIVILEGESTokenPrivileges;
if(!
OpenProcessToken(GetCurrentProcess(),
TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,
&TokenHandle))
{
printf("Couldnotgettheprocesstoken");
gotoCleanup;
}
TokenPrivileges.PrivilegeCount=1;
if(!
LookupPrivilegeValue(NULL,
SE_DEBUG_NAME,
&TokenPrivileges.Privileges[0].Luid))
{
p