创建线程
HANDLE CreateThread(
LPSECURITY_ATTRIBUTES lpThreadAttributes, // 安全属性 通常为NULL
SIZE_T dwStackSize, // 参数用于设定线程可以将多少地址空间用于它自己的堆栈
// 每个线程拥有它自己的堆栈
LPTHREAD_START_ROUTINE lpStartAddress, // 参数用于指明想要新线程执行的线程函数的地址
LPVOID lpParameter, // 线程函数的参数
// 在线程启动执行时将该参数传递给线程函数
// 既可以是数字,也可以是指向包含其他信息的一个数据结构的指针
DWORD dwCreationFlags, // 0 创建完毕立即调度 CREATE_SUSPENDED创建后挂起
LPDWORD lpThreadId // 线程ID
);
// 返回值:线程句柄
线程句柄与线程ID:
线程是由Windows内核负责创建与管理的,句柄相当于一个令牌,有了这个令牌就可以使用线程对象.
线程ID是身份证,唯一的,系统进行线程调度的时候要使用的.
创建线程代码:
//创建一个新的线程
HANDLE hThread = ::CreateThread(NULL, 0, ThreadProc,
NULL, 0, NULL);
//如果不在其他的地方引用它 关闭句柄
::CloseHandle(hThread);
线程函数:
DWORD WINAPI ThreadProc(
LPVOID lpParameter // thread data
)
向线程函数传递变量的两种方式:
(1) 全局变量
(2) 线程参数
挂起线程:
::SuspendThread(hThread);
恢复线程:
::ResumeThread(hThread); 同步调用 异步调用
终止线程: //
方式一: ::TerminateThread(hThread,3);
::WaitForSingleObject(hThread,INFINITE);
::ExitThread(DWORD dwExitCode);
//执行功能
方式二:
线程函数返回
//
方式三:
::TerminateThread(hThread,2);
::WaitForSingleObject(hThread,INFINITE);
判断线程是否结束
BOOL GetExitCodeThread(
HANDLE hThread,
LPDWORD lpExitCode
);
STILL_ACTIVE 正在运行
参数:
hThread: 要结束的线程句柄
dwExitCode: 指定线程的退出代码。可以通过GetExitCodeThread来查看一个线程的退出代码
线程上下文
typedef struct _CONTEXT {
//
// The flags values within this flag control the contents of
// a CONTEXT record.
//
// If the context record is used as an input parameter, then
// for each portion of the context record controlled by a flag
// whose value is set, it is assumed that that portion of the
// context record contains valid context. If the context record
// is being used to modify a threads context, then only that
// portion of the threads context will be modified.
//
// If the context record is used as an IN OUT parameter to capture
// the context of a thread, then only those portions of the thread's
// context corresponding to set flags will be returned.
//
// The context record is never used as an OUT only parameter.
//
DWORD ContextFlags;
//
// This section is specified/returned if CONTEXT_DEBUG_REGISTERS is
// set in ContextFlags. Note that CONTEXT_DEBUG_REGISTERS is NOT
// included in CONTEXT_FULL.
//
DWORD Dr0;
DWORD Dr1;
DWORD Dr2;
DWORD Dr3;
DWORD Dr6;
DWORD Dr7;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_FLOATING_POINT.
//
FLOATING_SAVE_AREA FloatSave;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_SEGMENTS.
//
DWORD SegGs;
DWORD SegFs;
DWORD SegEs;
DWORD SegDs;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_INTEGER.
//
DWORD Edi;
DWORD Esi;
DWORD Ebx;
DWORD Edx;
DWORD Ecx;
DWORD Eax;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_CONTROL.
//
DWORD Ebp;
DWORD Eip;
DWORD SegCs; // MUST BE SANITIZED
DWORD EFlags; // MUST BE SANITIZED
DWORD Esp;
DWORD SegSs;
//
// This section is specified/returned if the ContextFlags word
// contains the flag CONTEXT_EXTENDED_REGISTERS.
// The format and contexts are processor specific
//
BYTE ExtendedRegisters[MAXIMUM_SUPPORTED_EXTENSION];
} CONTEXT;
获取线程CONTEXT结构:
//挂起线程
SuspendThread(线程句柄);
CONTEXT context
//设置要获取的类型
context.ContextFlags = CONTEXT_CONTROL;
//获取
BOOL ok = ::GetThreadContext(hThread,&context);
//设置
context.Eip = 0x401000;
SetThreadContext(hThread,&context);
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
