Arun Kishan - Process Management in Windows Vista
- Posted: Sep 11, 2006 at 11:28 AM
- 71,296 Views
- 16 Comments
Download
How do I download the videos?
- To download, right click the file type you would like and pick “Save target as…” or “Save link as…”
Why should I download videos from Channel9?
- It's an easy way to save the videos you like locally.
- You can save the videos in order to watch them offline.
- If all you want is to hear the audio, you can download the MP3!
Which version should I choose?
- If you want to view the video on your PC, Xbox or Media Center, download the High Quality WMV file (this is the highest quality version we have available).
- If you'd like a lower bitrate version, to reduce the download time or cost, then choose the Medium Quality WMV file.
- If you have a Zune, WP7, iPhone, iPad, or iPod device, choose the low or medium MP4 file.
- If you just want to hear the audio of the video, choose the MP3 file.
Right click “Save as…”
- Mid Quality WMV (Lo-band, Mobile)
- WMV (WMV Video)
Ever wonder how threads and processes are managed in Windows? What's new in Windows Vista in terms of Process Management? Vista introduces a new type of process called a protected process. What are "protected processes"? How do they work? What's a Process,
anyway? A thread? Here, Arun Kishan, the developer who works on Windows' Process Manager sub-component talks about all this and more. If you want to learn how processing happens in Windows, then watch this video.
Check out Arun's whitepaper on Protected Processes.
Check out Arun's whitepaper on Protected Processes.
Comments Closed
Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation,
please create a new thread in our Forums,
or
Contact Us and let us know.
Follow the Discussion
Good stuff
I can see how this might work for explicit waits (Sleep, WaitForSingleObjectEx) since you already have handing for being interrupted by APCs there in the form of alertable waits, but what about in the general case of e.g. ReadFile? Does your explanation imply that there a way to cause arbitrary kernel functions to unwind instantly without corrupting internal kernel state, or do you just wait for all such calls to terminate naturally before doing the cleanup just before the kernel -> user transition as normal? But in the case of long running calls kernel mode functions I could see that being a problem..
Thanks in advance!
BSP
Thanks for this video. It helped me understand how windows manages threads that I program in my apps. Great video. Keep it up.
Threads only ever "die" on the return to user mode. For the same reason, system threads cannot be terminated. Instead, they must voluntarily exit (direct call to terminate), or exit their main routine. Most kernel code will continue to run uninterrupted, however, the assumption is that unbounded kernel-mode waits, etc. should not be easily controllable by a user. User-mode waits, however, are instantly aborted in the kernel once the kernel-mode half of the terminate APC is delivered.
You are absolutely right that long running kernel code, or code running with APCs disabled in kernel, will not take the kernel APC or will otherwise not terminate immediately. So TerminateThread really ensures that the target will no longer run in usermode, not that it will instantly unwind its kernel state and exit. I was only trying to stress that the mechanism is designed to ensure kernel state is unwound rather than exiting in place.
Fixed. Thanks for pointing that out...
C
1) About code injection: crackers and hackers now , cannot do code injection into running processes? Like dll injection will fail? Will this also affect global system hooks? like mouse hook and the likes?
how is that actually good?
2) What happens when the system is low on threads? when you do something like, QueueWorkItem, and use the system threads to do work in your application, and you "abuse this", in a server application, what would happen to the system at this stage when its under stress? Does it shutdown? or just queues the new work items until an existing system thread is free to process it? Can a new thread be created and added to the system thread pool/ Is this actually a good thing or a bad thing for a uniprocessor system?
3) Is it actually good to use the system thread pool or to create a new unique thread for your specific application?
2) There is no one-one mapping between work items and threads. Work queues and the threadpool try to manage the number of threads based on the workload / CPU availability. For example, the Vista threadpool tries to keep # CPU threads running, but will throttle threads back when it detects this number has been exceeded. Additional threads are created as needed in this range; the excess work items accumulate and are serviced by threads as they become available.
3) It depends on your application. If it is a piece of code you just want to execute asynchronously, threadpool provides an efficient and simple means of accomplishing this. It does, however, introduce additional overhead. In other cases, you may need a dedicated thread for a task whose operation / life cycle you may need finer grained control over.
Thanks for the reply. I like the new protected process with in vista. But I wish if we can have examples as to how to create a protected process using Visual Studio 2005 in C#. Like an introduction as to how to create a protected application.
Also, in the video , it was mentioned that the END PROCESS api will just kill of the process on the spot and this should be used only as a last measure, and if we know the state the process is in (most of us dont know that because we did not write the application that might go on a loop or hangs). But there are "Service" processes that simply refuse to be killed. You often get "Access denied" or something along those words. Can you explain that?
Great and detailed on Porcess/Thread. I have been using threads in user mode and it is nice to know more about the implementation of process/thread in O/S. I am not sure if I understand 100% about the subject(s) (I probably need to revisit the clip again). One thing I don't get it is system process (pid = 4) and system idle process. How they are related and who got created first?
Thanks
This was great. I had been wondering how this worked for quite some time.
Thanks and regards,
Pranav
process management in windows vista i need to make a written project on this...plzz help...
Hi Arun,
Great video!!
I would like some clarifications on Terminate and SuspendThread - specifically when thread is executing in kernel.
Remove this comment
Remove this thread
close