When a thread suffers an exception, for example, the CPU usage is too high and an exception is thrown, you must know which module the thread was created. Therefore, regardless of the operating system, obtaining the thread name is an important step in diagnosing thread-related problems.
The usual way to get the thread name from the thread ID is to first obtain the thread entry address, then enumerate all loaded modules in the process, and finally determine the thread entry address within the scope of the loaded module. You can obtain the toolhelp APIs of the createconlhelp32snapshot/module32first/module32next series of modules loaded in the enumerated process. If the thread entry address is obtained, no Win32 API of the thread is available. However, in Windows NT based operating systems (including Windows NT 4.0/2000/XP/2003, etc.), an undisclosed native API is available: ntqueryinformationthread. The statement is as follows:
DWORD winapi ntqueryinformationthread (
Handle threadhandle,
Thread_information_class threadinformationclass,
Pvoid threadinformation,
Ulong threadinformationlength,
Pulong returnlength
);
Available thread entry address:
DWORD getthreadstartaddress (DWORD dwthreadid)
{
Handle hthread = openthread (thread_all_access, false, dwthreadid );
DWORD retaddr, Len, error;
Retaddr = Len = 0;
Error = ntqueryinformationthread (hthread, 9, & retaddr, sizeof (retaddr), & Len );
Closehandle (hthread );
If (error! = 0)
Retaddr = 0;
Return retaddr;
}
I am not so lucky on Windows CE, and there is no ready-made API available. The official Windows CE base Team blog can use remote kernel tracker to answer this question, but you need to build a special kernel image, enable some profiler functions-this is obviously impractical in the displayed problem diagnosis. Is there a way to get the entry address just like the Windows desktop OS without any special configuration? Yes, but some hack methods are required. After carefully studying the data structure of the thread kernel under CE, we will find that one of the thread structures records the thread entry address.
Typedef struct thread {
DWORD _ 1 [3];
Pprocess pproc;/* 0C: pointer to current process */
Pprocess pownerproc;/* 10: pointer to owner process */
DWORD _ 2 [18];
DWORD dwstartaddr;/* 5C: thread PC at creation, used to get thread name */
DWORD _ 3 [10];
} Thread, * pthread;/* thread */
Therefore, you need to find a way to obtain the data based on the thread ID or handle. Further research found that the thread kernel data structure can be obtained through the handle:
Pthread PTH = handletothread (threadhandle );
In Windows CE, the thread ID and handle value are the same !! Therefore, we can write a function to get the entry address from the thread ID:
DWORD getthreadstartaddress (DWORD dwthreadid)
{
DWORD dwstartaddress = 0;
Bool foldmode = setkmode (true );
Pthread PTH = handletothread (handle) dwthreadid );
If (PTH)
{
Dwstartaddress = (DWORD) mapptrtoprocess (lpvoid) PTH-> dwstartaddr, PTH-> pownerproc-> hproc );
}
Return dwstartaddress;
}
To use these kernel data structures, we also need other auxiliary structures and functions. The complete code is as follows. Of course, this is definitely not recommended by the official team, but it is important to solve the problem. What do you mean.
Typedef struct process {
DWORD _ 1 [2];
Handle hproc;/* 08: handle for this process, needed only for SC _getprocfromptr */
} Process, * pprocess;
Typedef struct thread {
DWORD _ 1 [3];
Pprocess pproc;/* 0C: pointer to current process */
Pprocess pownerproc;/* 10: pointer to owner process */
DWORD _ 2 [18];
DWORD dwstartaddr;/* 5C: thread PC at creation, used to get thread name */
DWORD _ 3 [10];
} Thread, * pthread;/* thread */
Typedef struct Cinfo {
Char acname [4];/* 00: Object Type ID string */
Uchar disp;/* 04: type of dispatch */
Uchar type;/* 05: API handle type */
Ushort cmethods;/* 06: # of methods in dispatch table */
Const pfnvoid * ppfnmethods;/* 08: PTR to array of methods (in server address space )*/
Const DWORD * pdwsig;/* 0C: PTR to array of method signatures */
Pprocess pserver;/* 10: PTR to server process */
} Cinfo;/* Cinfo */
Typedef Cinfo * pcinfo;
Typedef struct _ hdata, * phdata;
Struct _ hdata {
DWORD _ 1 [2];/* 00: Links for active handle list */
Handle hvalue;/* 08: current value of handle (nonce )*/
DWORD lock;/* 0C: access information */
DWORD ref;/* 10: reference information */
Const Cinfo * PCI;/* 14: PTR to object class description structure */
Pvoid pvobj;/* 18: PTR to object */
DWORD dwinfo;/* 1c: Extra handle info */
};/* 20: sizeof (hdata )*/
# Ifdef x86
Struct kdatastruct {
Lpdword lpvtls;/* 0x000 current Thread Local Storage pointer */
Handle ahsys [num_sys_handles];/* 0x004 if this moves, change KAPI. H */
DWORD _ 1 [4];
Ulong handlebase;/* 0x094 base address of handle table */
};/* Kdatastruct */
# Endif
# Ifdef arm
Struct kdatastruct {
Lpdword lpvtls;/* 0x000 current Thread Local Storage pointer */
Handle ahsys [num_sys_handles];/* 0x004 if this moves, change KAPI. H */
DWORD _ 1 [6];
Ulong handlebase;/* 0x09c handle table base address */
};/* Kdatastruct */
# Endif
# Define handletothread (h) (thread *) getobjectptrbytype (h), sh_curthread ))
# Define handle_address_mask 0x1ffffffc
Void H2p (handle H, phdata & phdret)
{
If (ulong) H <num_sys_handles + sys_handle_base & (ulong) h> = sys_handle_base)
H = (kdatastruct *) puserkdata)-> ahsys [(uint) h-SYS_HANDLE_BASE];
If (h)
