Nytro Posted August 31, 2014 Report Posted August 31, 2014 [h=3]Windows Internals - Quantum end context switching[/h] Hello,Lately I decided to start sharing the notes I gather , almost daily , while reverse engineering and studying Windows. As I focused in the last couple of days on studying context switching , I was able to decompile the most involved functions and study them alongside with noting the important stuff. The result of this whole process was a flowchart.Before getting to the flowchart let's start by putting ourselves in the main plot :As you might know, each thread runs for a period of time before another thread is scheduled to run, excluding the cases where the thread is preempted ,entering a wait state or terminated. This time period is called a quantum. Everytime a clock interval ends (mostly 15 ms) the system clock issues an interrupt.While dispatching the interrupt, the thread current cycle count is verified against its cycle count target (quantum target) to see if it has reached or exceeded its quantum so the context would be switched the next thread scheduled to run.Note that a context-switch in Windows doesn't happen only when a thread has exceeded its quantum, it also happens when a thread enters a wait state or when a higher priority thread is ready to run and thus preempts the current thread. As it will take some time to organize my detailed notes and share them here as an article (maybe for later),consider the previous explanation as a small introduction into the topic. However ,the flowchart goes through the details involved in quantum end context switching.Please consider downloading the pdf to be able to zoom as much as you like under your PDF reader because GoogleDocs doesn't provide enough zooming functionality to read the chart.Preview (unreadable) : PDF full size Download :GoogleDocs LinkP.S :- As always , this article is based is on : Windows 7 32-bit- Note that details concerning the routine that does the context switching (SwapContext) aren't included in the chart and are left it for a next post.See you again soon.-Souhail.Sursa: Reverse Engineering 0x4 Fun: Windows Internals - Quantum end context switching Quote
