Preliminary knowledge:
What is the process? Here's an excerpt from the WIN32 API guide:
"A process is an executing application that includes private virtual address space, code, data, and other operating system resources, such as pipelines, files, and synchronization objects that the process can access." ”
As you can see from the definition above, a process has several objects: the address space, the execution module, and any other objects or resources that the execution program opens or creates. At a minimum, a process must contain an executable module, a private address space, and more than one thread. What is a thread? A thread is actually an execution unit. When Windows produces a process, it automatically generates a main thread for the process. The thread usually starts at the first instruction in the module. If the process requires more threads, it can then be explicitly generated.
When Windwos receives a message that produces a process, it generates a private memory address space for the process, and then maps the executable file to that space. After the main process has been generated for the process under WIN32, you can also call function CreateProcess to generate more threads for your process.
CreateProcess's prototype is as follows:
CreateProcess Proto Lpapplicationname:dword,\
Lpcommandline:dword,\
Lpprocessattributes:dword,\
Lpthreadattributes:dword,\
Binherithandles:dword,\
Dwcreationflags:dword,\
Lpenvironment:dword,\
Lpcurrentdirectory:dword,\
Lpstartupinfo:dword,\
Lpprocessinformation:dword
Don't be intimidated by so many parameters, but you can ignore most of the parameters (let them have the default value).
The name of the
lpapplicationname--> executable file, including or without a path. If this argument is null, then the file name must be passed in the parameter lpcommandline.
lpCommandLine--> The command-line arguments passed to the file to be executed. If Lpapplicationname is null, it must be specified in this parameter, such as "Notepad.exe Readme.txt". The
Lpprocessattributes and lpthreadattributes--> Specify the security properties of the process and the primary thread. You can set them to NULL, which sets the default security properties. The
bInheritHandles--> flag bit. Used to set whether the new process inherits all open handles of the create process.
dwCreationFlags--> has several flags that can be set here to determine the behavior of creating a process, such as: You might want to create a process and don't want it to run immediately, so you can do some checking and modification before it actually runs. You can also set the priority of all threads in the new process here, usually by setting it to Normal_priority_class. The
Lpenvironment--> points to a pointer to the environment block, and generally the environment block contains several environment strings. If this parameter is NULL, the new process inherits the environment block that created the process. The
Lpcurrentdirectory--> points to the current directory and the path to the current directory that is set for the child process. If NULL, the current directory path of the creation process is inherited. The
Lpstartupinfo--> pointer to the startup structure body startupinfo of the new process. Startupinfo tells Windows how to show the appearance of the new process. This parameter has many member variables, and if you do not want anything special about the new process, you can call the Getstartupinfo function to populate the STARTUPINFO structure variables with the startup parameters of the creation process. The
lpprocessinformation--> Pointer to the process_information of the struct body that contains some member variables that identify the uniqueness of the process:
Process_information STRUCT
Hprocess HANDLE?; Handle to the child process
Hthread HANDLE?; Handle to the primary thread of the child process
Dwprocessid DWORD?; ID of the child process
dwThreadID DWORD?; ID of the primary thread of the child process
Process_information ENDS
The process handle and the process ID are two different concepts. The process ID is like a unique value, and the process handle is a return value that is obtained after the associated Windows API is invoked. You cannot use a process handle to identify the uniqueness of a process because this value is not unique. After a new process is invoked on CreateProcess, the process is created and the Cerateprocess function returns immediately. You can call the function getexitcodeprocess to verify that the process is finished. The prototype of the function is as follows:
GetExitCodeProcess Proto Hprocess:dword, Lpexitcode:dword
If the call succeeds, the Lpexitcode contains the status code of the process being queried. If equal to still_active indicates that the process is still present. You can call the function terminateprocess to force a process to terminate. The prototype of the function is as follows:
TerminateProcess Proto Hprocess:dword, Uexitcode:dword
You can specify any one of the exit values. It is not good to end a process with this function because the dynamic connection library that the process loads does not get the message that the process is exiting.