ave you ever wanted to manage processes in Win32 code? When it comes to this, there's good and bad news. On the good news side, you can do virtually everything you desire, including block your current process waiting for another process to terminate. On the bad news side, you must work with an API that is not one for the faint-hearted. CreateProcess
is the one-size-fits-all function that creates a new Win32 process and manages impersonation and security settings. This function has quite a quirky syntax. The Win32 SDK supplies several functions including CreateProcess
that provide the core functionalities. The Win32 SDK provides ToolHelp API, a secondary SDK, but it is not available on all possible combinations of Win32 operating systems. ToolHelp API offers more advanced functions including the capability to list modules and dependencies, capture the memory footprint, and ping process.
Fortunately, the .NET Process class allows you to gain full control over system processes. You can start and stop processes and retrieve information about running processes such as the list of loaded modules and the characteristics of the memory occupied. The class also features handy methods to know whether a process is responding or has just exited and with which return code. Programmers also have full control over the style of the window the process runs in. After an overview of the capabilities of the Process class, this article demonstrates how to hide running console processes, monitor their execution, and capture any output. I'll use this strategy to create a sample Compression class to use with WinZip and gzip (popular tools for compressing data).
|The Process class provides access to both local and remote processes and enables you to start and stop processes on the local machine. The class represents a superset of the capabilities of the CreateProcess Win32 API.|
Nicely enough, .NET groups all these platform services under a single classthe Process
class. Whatever you need to do that involves spawning a new process or controlling a running one, you can do from this unique (and rather powerful) entry point.
The Process Class
The Process class provides access to local and remote processes and enables you to start and stop processes on the local machine. The class represents a superset of the capabilities of the CreateProcess
Win32 API. In addition, the Process class makes working with running instances of applications particularly easy. For example, you only need a single line of code to start a new process from within a .NET application:
If you need to open a particular document, say, a Word document, it's even easier.
In this case, the Process class is smart enough to figure out that the argument is not an executable. It looks up the system registry for a match on the extension (.doc
in this case), gets the executable associated with that type of file, and starts it up. This behavior reveals another powerful Win32 API function working under the hoodShellExecuteEx
, which is designed to open a documentbe it an executable (that is, an .exe
file), or a document file associated with a program (such as a .txt
or a .doc
The Process class has both instance and shared (static, if you speak C#) methods. Table 1
lists all the methods exposed by the class. Looking at the table will give you a clear idea of the class' capabilities.
Table 1: Methods exposed by the Process class.
Closes the process and frees all the resources associated with the instance.
Sends a WM_CLOSE message to the main window of the process. Makes sense only if the process has a user interface.
Shared method, enables the SeDebugPrivilege privilege on the current thread, meaning that the current process can operate as a debugger.
Shared method, returns a new instance of the Process class associated with the currently active process.
Shared method, returns a new instance of the Process class associated with the process matching the specified ID and machine name.
Shared method, returns an array of Process objects each associated with a currently active process.
Shared method, returns an array of Process objects each associated with a currently active process with the specified name (for example, all instances of Notepad).
Immediately terminates the associated process.
Shared method, revokes the privilege that enables the current process to operate as a debugger.
Discards any cached information about the process and resets the associated Process object.
Shared method, starts a process and returns the associated Process object. This method also has an instance-based version.
Stops the current process until the associated process exits or for the specified duration.
Causes the current process to wait for the associated process to enter an idle state.