This MedLibrary.org supplementary page on Win32 Thread Information Block is provided directly from the open source Wikipedia as a service to our readers. Please see the note below on authorship of this content, as well as the Wikipedia usage guidelines. To search for other content from our encyclopedia supplement, please use the form below:
Related Sponsors
In computing, the Win32 Thread Information Block (TIB) is a data structure in Win32 on x86 that stores info about the currently running thread.
The TIB is officially undocumented for Windows 9x. The Windows NT series DDK includes a struct NT_TIB in winnt.h that documents the subsystem independent part. Wine includes declarations for the extended (subsystem-specific part of) TIB. Yet so many Win32 programs use undocumented fields that it is effectively a part of the API.
The TIB can be used to get a lot of information on the process without calling win32 API. Examples include emulating GetLastError(), GetVersion(). Through the pointer to the PEB one can obtain access to the import tables (IAT), process startup arguments, image name, etc.
Contents of the TIB
| Position | Length | Windows Versions | Description |
|---|---|---|---|
| FS:[0x00] | 4 | Win9x and NT | Current Structured Exception Handling (SEH) frame |
| FS:[0x04] | 4 | Win9x and NT | Top of stack |
| FS:[0x08] | 4 | Win9x and NT | Current bottom of stack |
| FS:[0x10] | 4 | NT | Fiber data |
| FS:[0x14] | 4 | Win9x and NT | Arbitrary data slot |
| FS:[0x18] | 4 | Win9x and NT | Linear address of TIB |
| - | - | NT | End of NT subsystem independent part |
| FS:[0x1C] | 4 | NT | Environment Pointer |
| FS:[0x20] | 4 | NT | Process ID |
| FS:[0x24] | 4 | NT | Current thread ID |
| FS:[0x28] | 4 | NT | Active RPC Handle |
| FS:[0x2C] | 4 | Win9x and NT | Linear address of the thread-local storage array |
| FS:[0x30] | 4 | NT | Linear address of Process Environment Block (PEB) |
| FS:[0x34] | 4 | NT | Last error number |
| FS:[0x38] | 4 | NT | Count of owned critical sections |
| FS:[0x3C] | 4 | NT | Address of CSR Client Thread |
| FS:[0x40] | 4 | NT | Win32 Thread Information |
| FS:[0x44] | 124 | NT,Wine | Win32 client information (NT), user32 private data (Wine), 0x60 = LastError (Win95), 0x74 = LastError (WinME) |
| FS:[0xC0] | 4 | NT | Reserved for Wow32 |
| FS:[0xC4] | 4 | NT | Current Locale |
| FS:[0xC8] | 4 | NT | FP Software Status Register |
| FS:[0xCC] | 216 | NT,Wine | Reserved for OS (NT), kernel32 private data (Wine) |
| FS:[0x124] | 4 | NT | Pointer to KTHREAD (ETHREAD) structure |
| FS:[0x1A4] | 4 | NT | Exception code |
| FS:[0x1A8] | 18 | NT | Activation context stack |
| FS:[0x1BC] | 24 | NT,Wine | Spare bytes (NT), ntdll private data (Wine) |
| FS:[0x1D4] | 40 | NT,Wine | Reserved for OS (NT), ntdll private data (Wine) |
| FS:[0x1FC] | 1248 | NT,Wine | GDI TEB Batch (OS), vm86 private data (Wine) |
| FS:[0x6DC] | 4 | NT | GDI Region |
| FS:[0x6E0] | 4 | NT | GDI Pen |
| FS:[0x6E4] | 4 | NT | GDI Brush |
| FS:[0x6E8] | 4 | NT | Real Process ID |
| FS:[0x6EC] | 4 | NT | Real Thread ID |
| FS:[0x6F0] | 4 | NT | GDI cached process handle |
| FS:[0x6F4] | 4 | NT | GDI client process ID (PID) |
| FS:[0x6F8] | 4 | NT | GDI client thread ID (TID) |
| FS:[0x6FC] | 4 | NT | GDI thread locale information |
| FS:[0x700] | 20 | NT | Reserved for user application |
| FS:[0x714] | 1248 | NT | Reserved for GL |
| FS:[0xBF4] | 4 | NT | Last Status Value |
| FS:[0xBF8] | 214 | NT | Reserved for advapi32 |
| FS:[0xE0C] | 4 | NT | Pointer to deallocation stack |
| FS:[0xE10] | 256 | NT | TLS slots, 4 byte per slot |
| FS:[0xF10] | 8 | NT | TLS links (LIST_ENTRY structure) |
| FS:[0xF18] | 4 | NT | VDM |
| FS:[0xF1C] | 4 | NT | Reserved for RPC |
| FS:[0xF28] | 4 | NT | Thread error mode (RtlSetThreadErrorMode) |
FS maps to a TIB which is embedded in a data block known as the TDB (thread data base). The TIB contains the thread-specific exception handling chain and pointer to the TLS (thread local storage.) The thread local storage is not the same as C local storage.
Accessing the TIB
The TIB can be accessed as an offset of segment register FS.
It is not common to access the TIB fields by an offset from FS:[0], but rather first getting a the linear self-referencing pointer to the stored at FS:[0x18]. That pointer is used in means of pointer arithmetics or cast to a struct pointer.
Example in C inlined-assembly for 32-bit x86:
// gcc (AT&T-style inline assembly). void *getTIB() { void *pTib; __asm__("movl %%fs:0x18, %0" : "=r" (pTib) : : ); return pTib; }
// Microsoft C void *getTib() { void *pTib; __asm { mov EAX, FS:18h mov pTib, EAX } return pTib; }
External links
 |
This article about Microsoft Windows is a stub. You can help Wikipedia by expanding it. |
Wikipedia content modification information:
- This page was last modified on 12 November 2008, at 20:53.
Wikipedia Authorship and Review
Wikipedia content provided here is not reviewed directly by MedLibrary.org. Wikipedia content is authored by an open community of volunteers and is not produced by or in any way affiliated with MedLibrary.org.
Wikipedia Usage Guidelines
This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article on "Win32 Thread Information Block".
The URL for this specific entry is:
All Wikipedia text is available under the terms of the GNU Free Documentation License. (See Copyrights for details). Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc.