📄 tut14.html
字号:
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Author" content="Iczelion">
<meta name="GENERATOR" content="Mozilla/4.51 [en] (Win95; I) [Netscape]">
<title>Iczelion's Win32 Assembly Tutorial 14: Process</title>
</head>
<body text="#FFFFFF" bgcolor="#000000" link="#FFFF00" vlink="#C0C0C0" alink="#C0FFC0">
<center>
<h1>
<font face="Arial,Helvetica"><font color="#999900">Tutorial 14: Process</font></font></h1></center>
<font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>We will
learn what a process is and how to create and terminate it.</font></font></font><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<p><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>Download
the example <a href="files/tut14.zip">here</a>.</font></font></font>
<h3>
<font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>Preliminary:</font></font></font></h3>
<font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>What is
a process? I quote this definition from Win32 API reference:</font></font></font>
<blockquote><i><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>"A
process is an executing application that consists of a private virtual
address space, code, data, and other operating system resources, such as
files, pipes, and synchronization objects that are visible to the process."</font></font></font></i></blockquote>
<font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>As you
can see from the definition above, a process "owns" several objects: the
address space, the executing module(s), and anything that the executing
modules create or open. At the minimum, a process must consist of an executing
module, a private address space and a thread. Every process must have at
least one thread. What's a thread? A thread is actually an execution queue.
When Windows first creates a process, it creates only one thread per process.
This thread usually starts execution from the first instruction in the
module. If the process later needs more threads, it can explicitly create
them.</font></font></font>
<br><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>When
Windows receives a command to create a process, it creates the private
memory address space for the process and then it maps the executable file
into the space. After that it creates the primary thread for the process.</font></font></font>
<br><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>Under
Win32, you can also create processes from your own programs by calling
CreateProcess function. CreateProcess has the following syntax:</font></font></font><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<p><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>CreateProcess
proto lpApplicationName:DWORD,\</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
lpCommandLine:DWORD,\<br>
lpProcessAttributes:DWORD,\</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
lpThreadAttributes:DWORD,\</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
bInheritHandles:DWORD,\</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
dwCreationFlags:DWORD,\</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
lpEnvironment:DWORD,\</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
lpCurrentDirectory:DWORD,\</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
lpStartupInfo:DWORD,\</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
lpProcessInformation:DWORD</font></font></font></b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<p><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>Don't
be alarmed by the number of parameters. We can ignore most of them.</font></font></font><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<p><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>lpApplicationName
--> The name of the executable file with or without pathname that you want
to execute. If this parameter is null, you must provide the name of the
executable file in the lpCommandLine parameter.</font></font></font>
<br><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>lpCommandLine
--> The command line arguments to the program you want to execute. Note
that if the lpApplicationName is NULL, this parameter must contain the
name of the executable file too. Like this: "notepad.exe readme.txt"</font></font></font>
<br><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>lpProcessAttributes
and lpthreadAttributes --> Specify the security attributes for the process
and the primary thread. If they're NULLs, the default security attributes
are used.</font></font></font>
<br><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>bInheritHandles
--> A flag that specify if you want the new process to inherit all opened
handles from your process.</font></font></font>
<br><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>dwCreationFlags
--> Several flags that determine the behavior of the process you want to
created, such as, do you want to process to be created but immediately
suspended so that you can examine or modify it before it runs? You can
also specify the priority class of the thread(s) in the new process. This
priority class is used to determine the scheduling priority of the threads
within the process. Normally we use NORMAL_PRIORITY_CLASS flag.</font></font></font>
<br><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>lpEnvironment
--> A pointer to the environment block that contains several environment
strings for the new process. If this parameter is NULL, the new process
inherits the environment block from the parent process.</font></font></font>
<br><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>lpCurrentDirectory
--> A pointer to the string that specifies the current drive and directory
for the child process. NULL if you want the child process to inherit
from the parent process.</font></font></font>
<br><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>lpStartupInfo
--> Points to a STARTUPINFO structure that specifies how the main window
for the new process should appear. The STARTUPINFO structure contains many
members that specifies the appearance of the main window of the child process.
If you don't want anything special, you can fill the STARTUPINFO structure
with the values from the parent process by calling GetStartupInfo function.</font></font></font>
<br><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>lpProcessInformation
--> Points to a PROCESS_INFORMATION structure that receives identification
information about the new process. The PROCESS_INFORMATION structure
has the following members:</font></font></font>
<blockquote><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>PROCESS_INFORMATION
STRUCT</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
hProcess HANDLE ?
; handle to the child process</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
hThread
HANDLE ?
; handle to the primary thread of the child process</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
dwProcessId DWORD ?
; ID of the child process</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>
dwThreadId DWORD ?
; ID of the primary thread of the child process</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>PROCESS_INFORMATION
ENDS</font></font></font></b></blockquote>
<font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>Process
handle and process ID are two different things. A process ID is a unique
identifier for the process in the system. A process handle is a value returned
by Windows for use with other process-related API functions. A process
handle cannot be used to identify a process since it's not unique.</font></font></font><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<p><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>After
the CreateProcess call, a new process is created and the CreateProcess
call return immediately. You can check if the new process is still active
by calling GetExitCodeProcess function which has the following syntax:</font></font></font><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<p><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>GetExitCodeProcess
proto hProcess:DWORD, lpExitCode:DWORD</font></font></font></b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<p><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>If
this call is successful, lpExitCode contains the termination status of
the process in question. If the value in lpExitCode is equal to <b>STILL_ACTIVE</b>,
then that process is still running.</font></font></font><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<p><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>You
can forcibly terminate a process by calling TerminateProcess function.
It has the following syntax:</font></font></font><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<p><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>TerminateProcess
proto hProcess:DWORD, uExitCode:DWORD</font></font></font></b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<p><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>You
can specify the desired exit code for the process, any value you like.
TerminateProcess is not a clean way to terminate a process since any dll
attached to the process will not be notified that the process was terminated.</font></font></font>
<br><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<h3>
<font face="Arial,Helvetica"><font color="#CCCCCC"><font size=+0>Example:</font></font></font></h3>
<font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>The following
example will create a new process when the user selects the "create process"
menu item. It will attempt to execute "msgbox.exe". If the user wants to
terminate the new process, he can select the "terminate process" menu item.
The program will check first if the new process is already destroyed, if
it is not, the program will call TerminateProcess function to destroy
the new process.</font></font></font><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1></font></font></font>
<p><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>.386</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>.model
flat,stdcall</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>option
casemap:none</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>WinMain
proto :DWORD,:DWORD,:DWORD,:DWORD</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>include
\masm32\include\windows.inc</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>include
\masm32\include\user32.inc</font></font></font></b>
<br><b><font face="Arial,Helvetica"><font color="#CCCCCC"><font size=-1>include
\masm32\include\kernel32.inc</font></font></font></b>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -