Processes and Threads
This section provides documentation for the Windows API functions related to process and thread management. These functions allow you to create, manage, and monitor processes and threads within the Windows operating system.
Core Concepts
- Process: An instance of a running program. Each process has its own memory space, handles, and security context.
- Thread: The basic unit of CPU utilization; it comprises a thread ID, a program counter, a register set, and a stack. Processes can have multiple threads, sharing the process's resources.
- Handle: A unique identifier that refers to an object (like a process or thread) managed by the operating system.
- Context Switch: The process of saving the state of a running process or thread so that it can be restored and resumed at a later point, and restoring the state of a different process or thread that is to be run.
Key API Functions
The following are some of the most commonly used API functions for process and thread management:
Process Management
| Function | Description |
|---|---|
CreateProcess |
Creates a new process and its primary thread. The new process runs the specified executable. |
ExitProcess |
Terminates the calling process and all its threads. |
GetCurrentProcess |
Returns a pseudo-handle for the current process. |
GetProcessId |
Retrieves the identifier of the specified process. |
OpenProcess |
Retrieves a handle to an access-limited copy of a specified process object. |
TerminateProcess |
Specifies an existing process and terminates it and all its threads. |
Thread Management
| Function | Description |
|---|---|
CreateThread |
Creates a new thread within the calling process. |
ExitThread |
Terminates the calling thread. |
GetCurrentThread |
Returns a pseudo-handle for the current thread. |
GetThreadId |
Retrieves the identifier of the specified thread. |
OpenThread |
Retrieves a handle to an access-limited copy of a specified thread object. |
TerminateThread |
Specifies an existing thread and terminates it. |
Example: Creating a New Process
The following C++ code snippet demonstrates how to create a new process using CreateProcess:
#include <windows.h>
#include <iostream>
int main() {
STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);
ZeroMemory(&pi, sizeof(pi));
// Specify the command line to execute
// For example, launching Notepad
const char* commandLine = "notepad.exe";
if (CreateProcess(
NULL, // No module name (use command line)
(LPSTR)commandLine, // Command line
NULL, // Process handle not inheritable
NULL, // Thread handle not inheritable
FALSE, // Set handle inheritance to FALSE
0, // No creation flags
NULL, // Use parent's environment block
NULL, // Use parent's starting directory
&si, // Pointer to STARTUPINFO structure
&pi // Pointer to PROCESS_INFORMATION structure
)) {
std::cout << "Process created successfully." << std::endl;
std::cout << "Process ID: " << pi.dwProcessId << std::endl;
std::cout << "Thread ID: " << pi.dwThreadId << std::endl;
// Wait until child process exits.
WaitForSingleObject(pi.hProcess, INFINITE);
// Close process and thread handles.
CloseHandle(pi.hProcess);
CloseHandle(pi.hThread);
} else {
std::cerr << "CreateProcess failed (" << GetLastError() << ")." << std::endl;
}
return 0;
}