原文发表于百度空间,2009-03-30
==========================================================================

四.句柄表的扩容:已分配的句柄表被用完时,ExpAllocateHandleTableEntrySlow被调用以分配一个新的句柄表,实现对句柄表的扩容.每次增加粒度都是一个一级表的大小(大小为PAGE_SIZE,句柄容量为PAGE_SIZE/sizeof(HANDLE_TABLE_ENTRY)*HANDLE_VALUE_INC=0x800),但是根据具体情况不同,表的结构可能会发生改变,可能只是增加了一个一级表,也有可能由一级升级为二级表等等,情况比较多.搞清这个函数的调用时机对于分析该函数的流程非常重要.

BOOLEAN

ExpAllocateHandleTableEntrySlow (

     IN PHANDLE_TABLE HandleTable,

     IN BOOLEAN DoInit

     )

/*++

Routine Description:

     This worker routine allocates a new handle table entry for the specified

     handle table.

     Note: The caller must have already locked the handle table

Arguments:

     HandleTable - Supplies the handle table being used

     DoInit - If FALSE then the caller (duplicate) doesn't need the free list built

Return Value:

     BOOLEAN - TRUE, Retry the fast allocation path, FALSE, We failed to allocate memory

--*/

{

    ULONG i,j;

     PHANDLE_TABLE_ENTRY NewLowLevel;

     PHANDLE_TABLE_ENTRY *NewMidLevel;

     PHANDLE_TABLE_ENTRY **NewHighLevel;

    ULONG NewFree, OldFree;

    ULONG OldIndex;

    PVOID OldValue;

    ULONG_PTR CapturedTable = HandleTable->TableCode;

    ULONG TableLevel = (ULONG)(CapturedTable & LEVEL_CODE_MASK); //当前句柄表的级数

     PAGED_CODE();

    //

    // Initializing NewLowLevel is not needed for

    // correctness but without it the compiler cannot compile this code

    // W4 to check for use of uninitialized variables.

    //

     NewLowLevel = NULL;

     CapturedTable = CapturedTable & ~LEVEL_CODE_MASK; //当前句柄表的基址

    if ( TableLevel ==  ) {//当前是一级表,这时再增加容量就需要升级为二级表了

        //

        //   We have a single level. We need to ad a mid-layer

        //   to the process handle table

        //

  //分配一个二级表,ExpAllocateMidLevelTable的流程前面已经分析过了,它同时还分配了一个新的一级表,放在NewMidLevel[0]中

         NewMidLevel = ExpAllocateMidLevelTable( HandleTable, DoInit, &NewLowLevel );

        if (NewMidLevel == NULL) {

            return FALSE;

         }

        //

        //   Since ExpAllocateMidLevelTable initialize the

        //   first position with a new table, we need to move it in

        //   the second position, and store in the first position the current one

        //

         NewMidLevel[] = NewMidLevel[]; //把刚申请到的一级表放入第二个位置

         NewMidLevel[] = (PHANDLE_TABLE_ENTRY)CapturedTable; //第一个位置存放CapturedTable,即最初的一级表

        //之所以按这个顺序放置,是为了保证位置靠前的句柄表确实已经满载~

        //

        //   Encode the current level and set it to the handle table process

        //

         CapturedTable = ((ULONG_PTR)NewMidLevel) | ; //当前新的TableCode值,最低位置1,这是二级表的标志

         OldValue = InterlockedExchangePointer( (PVOID *)&HandleTable->TableCode, (PVOID)CapturedTable );//设置新的TableCode值

     } else if (TableLevel == ) {//已经是二级表,则需要看具体情况是再分配一个一级表就可以了,还是可能升级为三级表

        //

        //   We have a 2 levels handle table

        //

         PHANDLE_TABLE_ENTRY *TableLevel2 = (PHANDLE_TABLE_ENTRY *)CapturedTable;

        //

        //   Test whether the index we need to create is still in the

        //   range for a 2 layers table

        //

         i = HandleTable->NextHandleNeedingPool / (LOWLEVEL_COUNT * HANDLE_VALUE_INC); //i是当前一级表的个数

        if (i < MIDLEVEL_COUNT) { //若比二级表的最大容量小,则只需要再分配一个一级表(LowLevelTable)就可以了

            //

            //   We just need to allocate a new low-level

            //   table

            //

             NewLowLevel = ExpAllocateLowLevelTable( HandleTable, DoInit ); //再申请一个一级表

            if (NewLowLevel == NULL) {

                return FALSE;

             }

            //

            //   Set the new one to the table, at appropriate position

            //

             OldValue = InterlockedExchangePointer( (PVOID *) (&TableLevel2[i]), NewLowLevel ); //放入二级表中

             EXASSERT (OldValue == NULL);

         } else {//已达到二级表最大数目,需要升级至三级表

            //

            //   We exhausted the 2 level domain. We need to insert a new one

            //

             NewHighLevel = ExpAllocateTablePagedPool( HandleTable->QuotaProcess,

                                                       HIGHLEVEL_SIZE

                                                     );//申请一个表作为三级表

            if (NewHighLevel == NULL) {

                return FALSE;

             }

             NewMidLevel = ExpAllocateMidLevelTable( HandleTable, DoInit, &NewLowLevel );//给这个三级表申请一个二级表,至于为什么,原因前面分析ExpAllocateMidLevelTable时就分析过了,只不那是给二级表申请了一个一级表,道理是一样的~~

            if (NewMidLevel == NULL) {

                 ExpFreeTablePagedPool( HandleTable->QuotaProcess,

                                        NewHighLevel,

                                        HIGHLEVEL_SIZE

                                      );

                return FALSE;

             }

            //

            //   Initialize the first index with the previous mid-level layer

            //

             NewHighLevel[] = (PHANDLE_TABLE_ENTRY*)CapturedTable;//把原来的二级表地址放入三级表的第一个位置

             NewHighLevel[] = NewMidLevel; //刚申请的二级表放在第二个位置

            //

            //   Encode the level into the table pointer

            //

             CapturedTable = ((ULONG_PTR)NewHighLevel) | ; //设置TableCode低两位为2,即三级表的标志

            //

            //   Change the handle table pointer with this one

            //

             OldValue = InterlockedExchangePointer( (PVOID *)&HandleTable->TableCode, (PVOID)CapturedTable );//设置新的TableCode

         }

     } else if (TableLevel == ) {//当前已经是三级表了,情况分为三种:表全满,二级表满,一级表满

        //

        //   we have already a table with 3 levels

        //

        ULONG RemainingIndex;

         PHANDLE_TABLE_ENTRY **TableLevel3 = (PHANDLE_TABLE_ENTRY **)CapturedTable;

         i = HandleTable->NextHandleNeedingPool / (MIDLEVEL_THRESHOLD * HANDLE_VALUE_INC); //三级表中二级表的个数

        //

        //   Check whether we exhausted all possible indexes.

        //

        if (i >= HIGHLEVEL_COUNT) { //二级表个数超出三级表的容易则失败!(实际上达不到这个数)

            return FALSE;

         }

        if (TableLevel3[i] == NULL) { //确定这个位置可用,还没有放置二级表指针, 这也表明需要申请一个新的二级表了

            //

            //   The new available handle points to a free mid-level entry

            //   We need then to allocate a new one and save it in that position

            //

             NewMidLevel = ExpAllocateMidLevelTable( HandleTable, DoInit, &NewLowLevel );//申请一个二级表

            if (NewMidLevel == NULL) {

                return FALSE;

             }

             OldValue = InterlockedExchangePointer( (PVOID *) &(TableLevel3[i]), NewMidLevel );//放入刚才的位置

             EXASSERT (OldValue == NULL);

         } else { //若TableLevel3[i]不为NULL,则表明TableLevel3[i]这个二级表已存在,但还没有放满,只需要给这个二级表再申请一个一级表就可以了

            //

            //   We have already a mid-level table. We just need to add a new low-level one

            //   at the end

            //

             RemainingIndex = (HandleTable->NextHandleNeedingPool / HANDLE_VALUE_INC) -

                               i * MIDLEVEL_THRESHOLD;

             j = RemainingIndex / LOWLEVEL_COUNT;//计算出新的一级表在TableLevel3[i]这个二级表中的偏移

             NewLowLevel = ExpAllocateLowLevelTable( HandleTable, DoInit ); //只需要申请一个一级表

            if (NewLowLevel == NULL) {

                return FALSE;

             }

             OldValue = InterlockedExchangePointer( (PVOID *)(&TableLevel3[i][j]) , NewLowLevel );//把刚申请的一级表放入TableLevel3[i]这个二级表中

             EXASSERT (OldValue == NULL);

         }

     }

    //

    // This must be done after the table pointers so that new created handles

    // are valid before being freed.

    //

     OldIndex = InterlockedExchangeAdd ((PLONG) &HandleTable->NextHandleNeedingPool,

                                        LOWLEVEL_COUNT * HANDLE_VALUE_INC);//设置新的NextHandleNeedingPool,增量为一个一级句柄表的句柄容量(即一级表中HANDLE_TABEL_ENTRY的个数再乘4)
                                                                           //并把原来的NextHandleNeedingPool值放入OldIndex,也就是说,OldIndex是曾经的句柄值上限

    if (DoInit) {//这里对刚申请的一级表进行一些初始化工作

        //

        // Generate a new sequence number since this is a push

        //

         OldIndex += HANDLE_VALUE_INC + GetNextSeq();//GetNextSeq()的结果为0,所以相当于只加了一个HANDLE_VALUE_INC,即4,此时的OldIndex是新分配的句柄表中的最小句柄

        //

        // Now free the handles. These are all ready to be accepted by the lookup logic now.

        //

        while () {

             OldFree = ReadForWriteAccess (&HandleTable->FirstFree); //OldFree是原来的FirstFree的值

             NewLowLevel[LOWLEVEL_COUNT - ].NextFreeTableEntry = OldFree; //把一级表的最后一项的NextFreeHandle指向以前的HandleTable->FirstFree,
                  //这就相当于把原来的FreeHandleList连在了新申请的句柄表的FreeHandleList链后面,成为一条新的FreeHandleList

            //

            // These are new entries that have never existed before. We can't have an A-B-A problem

            // with these so we don't need to take any locks

            //

             NewFree = InterlockedCompareExchange ((PLONG)&HandleTable->FirstFree,

                                                   OldIndex,//用为新的FirstFree的值放入,新申请的句柄将从这个值开始

                                                   OldFree);

            if (NewFree == OldFree) {//成功,就跳出这个循环了

                break;

             }

         }

     }

    return TRUE;

}

【旧文章搬运】Windows句柄表分配算法分析(二)的更多相关文章

  1. 【旧文章搬运】Windows句柄表分配算法分析(一)

    原文发表于百度空间,2009-03-30========================================================================== 阅读提示: ...

  2. 【旧文章搬运】Windows句柄表分配算法分析(实验部分)

    原文发表于百度空间,2009-03-31========================================================================== 理论结合实 ...

  3. 【旧文章搬运】Windows句柄表分配算法分析(三)

    原文发表于百度空间,2009-03-30========================================================================== 三.当需要 ...

  4. 【旧文章搬运】Windows句柄分配算法(一)

    原文发表于百度空间,2009-04-04========================================================================== 分析了Wi ...

  5. 【旧文章搬运】Windows句柄分配算法(二)

    原文发表于百度空间,2009-04-04========================================================================== 在创建句柄 ...

  6. 【旧文章搬运】Windows句柄表格式

    原文发表于百度空间,2009-02-28========================================================================== 句柄是Wi ...

  7. 【旧文章搬运】Windows内核常见数据结构(进程相关)

    原文发表于百度空间,2008-7-24========================================================================== 进程的相关结 ...

  8. 【旧文章搬运】更正一个枚举PspCidTable时的错误

    原文发表于百度空间及看雪论坛,2009-02-27 看雪论坛地址:https://bbs.pediy.com/thread-82919.htm============================= ...

  9. 【旧文章搬运】深入分析Win7的对象引用跟踪机制

    原文发表于百度空间及看雪论坛,2010-09-12 看雪论坛地址:https://bbs.pediy.com/thread-120296.htm============================ ...

随机推荐

  1. Spring框架 JdbcTemplate类 @Junit单元测试,可以让方法独立执行 如:@Test

    package cn.zmh.PingCe; import org.junit.Test; import org.springframework.jdbc.core.BeanPropertyRowMa ...

  2. 微软CIO如何与业务部门打交道?

    微软公司副总裁兼CIO Tony Scott是一个非常智慧的人,他拒绝和CEO讨论IT成本的问题,认为IT不应该谈论成本,而是应该谈论IT提供服务的价值.在满足业务部门需求.为业务部门提供适当的IT支 ...

  3. How to Install a Language Pack

    https://www.phpbb.com/kb/article/how-to-install-a-language-pack

  4. 线性表的顺序存储和链式存储的实现(C)

    //线性表的顺序存储 #include <stdio.h>typedef int DataType;#define MaxSize 15//定义顺序表typedef struct { Da ...

  5. Answer&#39;s Question about pointer

    When you create a new pointer, this will be in heap until you delete it.  So what you said is sort o ...

  6. vim编码方式配置的学习和思考

    哎呀呀,今天9月30号,立即就要十一长假了,心里还有点小小浮躁.工作已经基本做完,想成为技术大牛怎么能够如此浮躁.为了应付浮躁的心灵,决定写一篇小博,平静一把. 今天一个配置文件须要有中文,而且同事是 ...

  7. 【Jqurey EasyUI+Asp.net】----DataGrid数据绑定,以及增、删、改(SQL)

    也懒得打其他字了,直接进入主题吧 1.首先,数据表Rex_Test ID int 自增 tName varchar(10) 姓名 tEmail varchar(80) 邮箱 2.至于代码里的Jqure ...

  8. NAND FLash基础概念介绍

    一.引脚介绍 引脚名称 引脚功能 CLE 命令锁存功能 ALE 地址锁存功能 /CE 芯片使能 /RE 读使能 /WE 写使能 /WP 写保护 R/B 就绪/忙输出信号 Vcc 电源 Vss 地 N. ...

  9. Linux启动过程笔记

    Linux启动过程 1.启动流程(BIOS->MBR:Boot Code->引导GRUB->载入内核->运行init->runlevel) 2./boot/grub/下有 ...

  10. WebSocket 和 Socket 的区别

    WebSocket 和 Socket 的区别   英文:TheAlchemist 链接:http://www.jianshu.com/p/59b5594ffbb0 <刨根问底 HTTP 和 We ...