Previous post on thread synchronization and context switches used number of thread context switches as one of the performance indicators. One might have hard times getting the number from operating system though.
The only well documented access to amount of context switches seems to be accessing corresponding performance counters. Thread performance counter will list available thread instances and counters “Thread(<process-name>/<thread-number>)/Context Switches/sec” will provide context switch rate per second.
While access to performance counters is far not the most convenient API, to access data programmatically one would really prefer absolute number of switches rather than rate per second (which is still good for interactive monitoring).
A gate into kernel world to grab the data of interest is provided with NtQuerySystemInformation function. Although mentioned in documentation, it is marked as unreliable for use, and Windows SDK static library is missing it so one has to obtain it using GetModuleHandle/GetProcAddress it explicity.
typedef NTSTATUS (WINAPI *NTQUERYSYSTEMINFORMATION)(SYSTEM_INFORMATION_CLASS SystemInformationClass, PVOID SystemInformation, ULONG SystemInformationLength, PULONG ReturnLength); NTQUERYSYSTEMINFORMATION NtQuerySystemInformation = (NTQUERYSYSTEMINFORMATION) GetProcAddress(GetModuleHandle(_T("ntdll.dll")), "NtQuerySystemInformation"); ATLASSERT(NtQuerySystemInformation); ATLVERIFY(NtQuerySystemInformation(...) == 0);
Having this done, the function is capable of providing SystemProcessInformation/SYSTEM_PROCESS_INFORMATION data about running processes.
MSDN documents only a part of the structure, and the rest of the data contains information of interest. Returned data contains a list of variable length SYSTEM_PROCESS_INFORMATION structures, each of which has a fixed part (partially documented on MSDN), and embeds list of variable length structures for every thread running within the process.
For 32-bit Win32 platform, layout of the structure is documented on Internet, for example, here: SYSTEM_THREAD on Undocumented functions of NTDLL.
For 64-bit x64 (amd64) platform the access method works too, however I had to fit the structure layout so that it matches actual data:
typedef struct _SYSTEM_THREAD_INFORMATION { ULONGLONG KernelTime; ULONGLONG UserTime; ULONGLONG CreateTime; ULONG WaitTime; ULONG Reserved1; PVOID StartAddress; CLIENT_ID ClientId; KPRIORITY Priority; LONG BasePriority; ULONG ContextSwitchCount; ULONG State; KWAIT_REASON WaitReason; } SYSTEM_THREAD_INFORMATION, *PSYSTEM_THREAD_INFORMATION; typedef struct _SYSTEM_PROCESS_INFORMATION { ULONG NextEntryOffset; ULONG NumberOfThreads; ULONGLONG Reserved[3]; ULONGLONG CreateTime; ULONGLONG UserTime; ULONGLONG KernelTime; UNICODE_STRING ImageName; KPRIORITY BasePriority; HANDLE ProcessId; HANDLE InheritedFromProcessId; ULONG HandleCount; ULONG Reserved2[2]; ULONG PrivatePageCount; // Garbage VM_COUNTERS VirtualMemoryCounters; IO_COUNTERS IoCounters; SYSTEM_THREAD_INFORMATION Threads[1]; } SYSTEM_PROCESS_INFORMATION, *PSYSTEM_PROCESS_INFORMATION;
Each structure contains thread identifier and related absolute number of context switches.
Also, the same information is visually available from Process Explorer:
A more complete code snippet to access the data from x64 code is here in a small application/project, lines 18-144 within #pragma region.
Code link updated: https://www.alax.info/trac/public/browser/trunk/Utilities/Miscellaneous/EventSynchronizationTest01/EventSynchronizationTest01.cpp