Win32 Thread Information Block

Win32 Thread Information Block
Icono de traducción.svg
 Esta página o sección está siendo traducida del idioma inglés a partir del artículo Win32 Thread Information Block, razón por la cual puede haber lagunas de contenidos, errores sintácticos o escritos sin traducir.
Puedes colaborar con Wikipedia continuando con la traducción desde el artículo original.
ISO 639 Icon en.svg


En computación ,el Win32 Thread Information Block (TIB) es una estructura de datos en los sistemas Win32 espesificamente en la arquitectura x86 que almacena informacion hacerca del thread que se esta ejecutando.

El TIB esta indocumentado oficialmente para Windows 9x.La serie Windows NT incluye una estructura NT TIB en winnt.h que lo documenta . Wine incluye declaraciones para extender (una parte especifica del subsistema) TIB

El TIB puede ser usado para obtener buena cantidad de informacion en el proceso sin llamar ninguna API de Win32.Por ejemplo la emulacion de GetLastError() , GetVersion(). A través del puntero en el PEB se puede obtener acceso a la tabla de importacion (IAT) , los argumentos pasados al proceso etc ..

(articulo en ingles.)

In computing, the Win32 Thread Information Block (TIB) is a data structure in Win32 on x86 that stores info about the currently running thread.

The TIB is officially undocumented for Windows 9x. The Windows NT series DDK includes a struct NT_TIB in winnt.h that documents the subsystem independent part. Wine includes declarations for the extended (subsystem-specific part of) TIB. Yet so many Win32 programs use these undocumented fields that they are effectively a part of the API.

The TIB can be used to get a lot of information on the process without calling Win32 API. Examples include emulating GetLastError(), GetVersion(). Through the pointer to the PEB one can obtain access to the import tables (IAT), process startup arguments, image name, etc.

Contents of the TIB

Posición Longitud Version de Windows Descripción
FS:[0x00] 4 Win9x and NT Current Structured Exception Handling (SEH) frame
FS:[0x04] 4 Win9x y NT Top of stack
FS:[0x08] 4 Win9x y NT Current bottom of stack
FS:[0x0C] 4 Desconocido - Subsistema TIB?
FS:[0x10] 4 NT Fiber data
FS:[0x14] 4 Win9x and NT Arbitrary data slot
FS:[0x18] 4 Win9x and NT Linear address of TIB
---- End of Subsistema NT parte independiente ----
FS:[0x1C] 4 NT Environment Pointer
FS:[0x20] 4 NT ID del Proceso
FS:[0x24] 4 NT ID del thread actual
FS:[0x28] 4 NT Active RPC Handle
FS:[0x2C] 4 Win9x and NT Linear address of the thread-local storage array
FS:[0x30] 4 NT Linear address of Process Environment Block (PEB)
FS:[0x34] 4 NT El número del último error
FS:[0x38] 4 NT Count of owned critical sections
FS:[0x3C] 4 NT Address of CSR Client Thread
FS:[0x40] 4 NT Win32 Thread Information
FS:[0x44] 124 NT, Wine Win32 client information (NT), user32 private data (Wine), 0x60 = LastError (Win95), 0x74 = LastError (WinME)
FS:[0xC0] 4 NT Reserved for Wow32
FS:[0xC4] 4 NT Current Locale
FS:[0xC8] 4 NT FP Software Status Register
FS:[0xCC] 216 NT, Wine Reserved for OS (NT), kernel32 private data (Wine)
FS:[0x124] 4 NT Pointer to KTHREAD (ETHREAD) structure
FS:[0x1A4] 4 NT Exception code
FS:[0x1A8] 18 NT Activation context stack
FS:[0x1BC] 24 NT, Wine Spare bytes (NT), ntdll private data (Wine)
FS:[0x1D4] 40 NT, Wine Reserved for OS (NT), ntdll private data (Wine)
FS:[0x1FC] 1248 NT, Wine GDI TEB Batch (OS), vm86 private data (Wine)
FS:[0x6DC] 4 NT GDI Region
FS:[0x6E0] 4 NT GDI Pen
FS:[0x6E4] 4 NT GDI Brush
FS:[0x6E8] 4 NT Real Process ID
FS:[0x6EC] 4 NT Real Thread ID
FS:[0x6F0] 4 NT GDI cached process handle
FS:[0x6F4] 4 NT GDI client process ID (PID)
FS:[0x6F8] 4 NT GDI client thread ID (TID)
FS:[0x6FC] 4 NT GDI thread locale information
FS:[0x700] 20 NT Reserved for user application
FS:[0x714] 1248 NT Reserved for GL
FS:[0xBF4] 4 NT Last Status Value
FS:[0xBF8] 214 NT Reserved for advapi32
FS:[0xE0C] 4 NT Pointer to deallocation stack
FS:[0xE10] 256 NT TLS slots, 4 byte per slot
FS:[0xF10] 8 NT TLS links (LIST_ENTRY structure)
FS:[0xF18] 4 NT VDM
FS:[0xF1C] 4 NT Reserved for RPC
FS:[0xF28] 4 NT Thread error mode (RtlSetThreadErrorMode)

FS maps to a TIB which is embedded in a data block known as the TDB (thread data base). The TIB contains the thread-specific exception handling chain and pointer to the TLS (thread local storage.) The thread local storage is not the same as C local storage.

Accessing the TIB

The TIB can be accessed as an offset of segment register FS.

It is not common to access the TIB fields by an offset from FS:[0], but rather first getting a linear self-referencing pointer to it stored at FS:[0x18]. That pointer can be used with pointer arithmetics or be cast to a struct pointer.

Example in C inlined-assembly for 32-bit x86:

// gcc (AT&T-style inline assembly).
void *getTIB()
{
    void *pTib;
    __asm__("movl %%fs:0x18, %0" : "=r" (pTib) : : );
    return pTib;
}

// Microsoft C
void *getTib()
{
    void *pTib;
    __asm {
        mov EAX, FS:[18h]
        mov [pTib], EAX
    }
    return pTib;
}

// Using Microsoft's intrinsics instead of inline assembly
void *getTib()
{
    void *pTib = ( void * ) __readfsdword( 0x18 );
    return pTib;
}

Enlaces externos

Plantilla:Windows-stub


Wikimedia foundation. 2010.

Игры ⚽ Поможем написать курсовую

Mira otros diccionarios:

  • Win32 Thread Information Block — In computing, the Win32 Thread Information Block (TIB) is a data structure in Win32 on x86 that stores info about the currently running thread.The TIB is officially undocumented for Windows 9x. The Windows NT series DDK includes a struct NT TIB… …   Wikipedia

  • Thread (computer science) — This article is about the concurrency concept. For the multithreading in hardware, see Multithreading (computer architecture). For the form of code consisting entirely of subroutine calls, see Threaded code. For other uses, see Thread… …   Wikipedia

  • List of Microsoft Windows components — The following is a list of Microsoft Windows components. Contents 1 Configuration and maintenance 2 User interface 3 Applications and utilities 4 Windows Server components …   Wikipedia

  • TIB — may mean:* Therapy Interfering Behavior * Forbundet Træ Industri Byg i Danmark, the Danish Timber Industry and Construction Workers Union * Tibet * the Win32 Thread Information Block *Tebibit (Tib), a unit of information used, for example, to… …   Wikipedia

  • Microsoft-specific exception handling mechanisms — Microsoft Windows OS family employs some exception handling mechanisms that are based on the operation system specifics. Contents 1 Structured Exception Handling 1.1 Usage 1.2 Implementation 1.3 …   Wikipedia

  • Структурная обработка исключений — (англ. SEH Structured Exception Handling)  механизм обработки программных и аппаратных исключений в ОС Microsoft Windows, позволяющий программистам контролировать обработку исключений, а также являющийся отладочным средством[1].… …   Википедия

  • Technical features new to Windows Vista — This article is part of a series on Windows Vista New features Overview Technical and core system Security and safety Networking technologies I/O technologies Management and administration Removed features …   Wikipedia

  • Comparison of operating systems — Usage share of web client operating systems. (Source: Median values from Usage share of operating systems for August 2011.)   Windows XP (35.21%) …   Wikipedia

  • Oxygene (programming language) — Oxygene Developer RemObjects Software Stable release 3.0.21 (August 29, 2009; 2 years ago (2009 08 29)) Influenced by Object Pas …   Wikipedia

  • Comparison of C Sharp and Java — The correct title of this article is Comparison of C# and Java. The substitution or omission of the # sign is because of technical restrictions. Programming language comparisons General comparison Basic syntax Basic instructions …   Wikipedia

Compartir el artículo y extractos

Link directo
Do a right-click on the link above
and select “Copy Link”