Termination of the Windows kernel process and child processes

1 method of Process termination:

<1> Return of the entry point function of the main thread (preferably using this method)

A thread in the <2> process calls the EXITPROCESSS function (this method should be avoided).

<3> There is also a thread in the process that calls the TerminateProcess function (which should avoid using such a method).

All threads in the <4> process terminate execution themselves (this is almost never happening).

1.1 Main thread entry point function return

This should always be the way to design your application. That is, only when the entry point function of the main thread returns, its process terminates execution. This is the only way to ensure that all thread resources are properly purged.

<1> C + + objects will be freed using their destructors

<2> the operating system can properly release the stack memory used by the thread

The <3> system sets the exit code of the process to the return value of the entry point function

The <4> system subtracts the count of kernel objects by 1

1.2 Calling the ExitProcess function

Voidexitprocess (Uexitcode)

Compared to the main thread's entry point function return, it is less secure and does not guarantee that resources will be cleaned up.

By calling the ExitProcess function. The C++/C execution-time startup code ensures that when the main thread returns from its entry point function, the process terminates execution regardless of whether there are other threads executing in the process.

Assume that you call ExitThread in the Enter point function. The main thread will stop executing, but assume that there are other threads in the process. The process will not terminate.

ExitProcess and ExitThread ensure that the operating system resources are purged when the function is called, but there is no guarantee that the resources will be properly purged during C/s execution. So don't call these resources.

It is also introduced when the entry point function of the main thread is returned. The Exit function at execution time is called when the C + + execution occurs. The Exit function will complete the following actions

<1> calling the _onexit function to register the person no matter what function

<2> call destructors for all global and static C + + objects

<3> Call the ExitProcess function of the system. Pass the nmainretval to it.

Allows the operating system to undo the process and set its exit code.

1.3 Calling the TerminateProcess function

BOOL terminateprocess (HANDLE hprocess,uintnexitcode)

This function notifies all threads in the process to terminate. When all threads are terminated. The process also terminates, but it does not tell the process that the associated DLL is going to be terminated. The things it does:

<1> all open handles are closed

<2> All threads will be terminated

<3> the state of the process object becomes terminated, and the thread that satisfies all waiting processes ends

The status of all thread objects in the <4> process becomes terminated. Threads that meet the end of all waiting threads

The terminating state of the <5> process is changed from still_active to the return code of the process

This function is asynchronous. It tells the operating system that you want to terminate a process. But when the function returns, you cannot guarantee that the process has been killed. If you want to know for sure if a process is killed, you can use the WaitForSingleObject function.

2 situation at the end of the process

<1> all remaining threads in the process will be terminated

<2> the user object specified in the process, the GDI object is freed. Kernel object is closed

<3> status programming of kernel objects receive notification status

Exit code for the <4> process is changed from still_active to ExitProcess or terminateprocess

<5> process Kernel object count minus 1

The ability to find exit codes for a process through function boolgetexitcodeprocess (HANDLE handle,lpdword lpexitcode). Assuming that the code is still_active, the process has not been terminated. Assuming this is not the case, it means that the process has been terminated.

3 Sub-processes

In the program to achieve a function of a common 3 ways:

<1> calling functions

<2> Open New Threads

<3> opening up new processes

3.1 Calling functions

It is common to call functions. But its disadvantage is because in the same thread, so you have to wait for this function to run complete, the ability to run the following code

3.2 Opening new threads

This allows the code of other threads to run at the same time as the new thread runs, but this disadvantage is when the data is exchanged between different threads. will cause problems with synchronization.

3.3 Pioneering the sub-process

This is a bit of the ability to protect data. The ability to run synchronously, and to wait for the new process to run and run the code of other processes. The disadvantage is to open up new processes, which can result in wasted address space.

Termination of the Windows kernel process and child processes