The birth and death of a process

The execution of a procedure inevitably results in a process. The most straightforward way to execute a program is to double-click an executable icon in the shell to execute the app process starting with the shell call CreateProcess is activated. 1.shell call CreateProcess activation App.exe 2. Generate a process core object with a count value of 1 3. The system establishes a 4GB address space for this process 4. The loader loads the necessary code into the above address space, including the App.exe program, data, and the required dynamic link function library DLLs. How does the loader know to load those DLLs? They are recorded in the. idata section of the executable file PE file. 5. The system establishes a thread for this process, called the main thread. The thread is the allocated object for the CPU time. 6. System calls the C Runtime function library's startup code 7.Startup code calls the WinMain function of the app program 8.App program starts running 9. The user closes the app main window, which is the end of the message loop in WinMain, so WinMain ends 10. Go back to startup code 11. Back to System, system call ExitProcess End Process

The birth and death of a thread

Executes the program code, which is the work of the thread. When a process is set up, the main thread is also generated. So every Windows program has a thread at the beginning. We can call Craetethread to generate additional threads, and the system will help us do the following things:

1. Configure "Thread object" whose handle will be the return value of CreateThread

2. Set the count value to 1

3. Configuring the context of a thread

4. Preserving the stack of threads

5. Set the stack pointer buffer (SS) and the pointer buffer (IP) in the context.

The so-called job switching (context switch) is actually a switch to the thread context.

http://blog.csdn.net/zang141588761/article/details/49512053

The birth and death of a process