Process32First、Process32Next函数的疑难问题

韦翔罂 2008-10-31 10:14:00

在MSDN有一个演示Process32First应用的示例程序,该程序枚举并显示所有进程的信息。
但该程序运行后竟然无任何信息输出显示,调试跟踪发现问题的根源在于:pe32.th32ModuleID的值总是0,而导致程序无任何信息输出。
也就是说,调用Process32First(hProcessSnap, &pe32)和调用Process32Next(hProcessSnap, &pe32)之后,为什么pe32.th32ModuleID的值总是0?这是怎么回事?
以下是MSDN中复制下来的枚举系统进程信息的示例程序代码:
#include <windows.h>
#include <tlhelp32.h>
#include <stdio.h>
BOOL GetProcessModule (DWORD dwPID, DWORD dwModuleID,
LPMODULEENTRY32 lpMe32, DWORD cbMe32)
{
BOOL bRet = FALSE;
BOOL bFound = FALSE;
HANDLE hModuleSnap = NULL;
MODULEENTRY32 me32 = {0};

// Take a snapshot of all modules in the specified process.

hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPID);
if (hModuleSnap == INVALID_HANDLE_VALUE)
return (FALSE);

// Fill the size of the structure before using it.

me32.dwSize = sizeof(MODULEENTRY32);

// Walk the module list of the process, and find the module of
// interest. Then copy the information to the buffer pointed
// to by lpMe32 so that it can be returned to the caller.

if (Module32First(hModuleSnap, &me32))
{
do
{
if (me32.th32ModuleID == dwModuleID)
{
CopyMemory (lpMe32, &me32, cbMe32);
bFound = TRUE;
}
}
while (!bFound && Module32Next(hModuleSnap, &me32));

bRet = bFound; // if this sets bRet to FALSE, dwModuleID
// no longer exists in specified process
}
else
bRet = FALSE; // could not walk module list

// Do not forget to clean up the snapshot object.

CloseHandle (hModuleSnap);

return (bRet);
}

BOOL GetProcessList ()
{
HANDLE hProcessSnap = NULL;
BOOL bRet = FALSE;
PROCESSENTRY32 pe32 = {0};

// Take a snapshot of all processes in the system.

hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

if (hProcessSnap == INVALID_HANDLE_VALUE)
return (FALSE);

// Fill in the size of the structure before using it.

pe32.dwSize = sizeof(PROCESSENTRY32);

// Walk the snapshot of the processes, and for each process,
// display information.

if (Process32First(hProcessSnap, &pe32))
{
DWORD dwPriorityClass;
BOOL bGotModule = FALSE;
MODULEENTRY32 me32 = {0};

do
{
bGotModule = GetProcessModule(pe32.th32ProcessID,
pe32.th32ModuleID, &me32, sizeof(MODULEENTRY32));
// 就是这里,pe32.th32ModuleID的值总是0,导致无任何信息输出。

if (bGotModule)
{
HANDLE hProcess;

// Get the actual priority class.
hProcess = OpenProcess (PROCESS_ALL_ACCESS,
FALSE, pe32.th32ProcessID);
dwPriorityClass = GetPriorityClass (hProcess);
CloseHandle (hProcess);

// Print the process's information.
printf( "\nPriority Class Base\t%d\n",
pe32.pcPriClassBase);
printf( "PID\t\t\t%d\n", pe32.th32ProcessID);
printf( "Thread Count\t\t%d\n", pe32.cntThreads);
printf( "Module Name\t\t%s\n", me32.szModule);
printf( "Full Path\t\t%s\n\n", me32.szExePath);
}
}
while (Process32Next(hProcessSnap, &pe32));
bRet = TRUE;
}
else
bRet = FALSE; // could not walk the list of processes

// Do not forget to clean up the snapshot object.

CloseHandle (hProcessSnap);
return (bRet);
}

void main()
{
GetProcessList ();
}

...全文
2011 10 打赏 收藏 转发到动态 举报
AI 作业
写回复
用AI写文章
10 条回复
切换为时间正序
请发表友善的回复…
发表回复
zzz822163 2008-11-04
  • 打赏
  • 举报
 回复 


#include <windows.h>

#include <tlhelp32.h>

#include <stdio.h>



//  Forward declarations:

BOOL GetProcessList( );

BOOL ListProcessModules( DWORD dwPID );

BOOL ListProcessThreads( DWORD dwOwnerPID );

void printError( TCHAR* msg );



void main( )

{

  GetProcessList( );

}



BOOL GetProcessList( )

{

  HANDLE hProcessSnap;

  HANDLE hProcess;

  PROCESSENTRY32 pe32;

  DWORD dwPriorityClass;



  // Take a snapshot of all processes in the system.

  hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );

  if( hProcessSnap == INVALID_HANDLE_VALUE )

  {

    printError( "CreateToolhelp32Snapshot (of processes)" );

    return( FALSE );

  }



  // Set the size of the structure before using it.

  pe32.dwSize = sizeof( PROCESSENTRY32 );



  // Retrieve information about the first process,

  // and exit if unsuccessful

  if( !Process32First( hProcessSnap, &pe32 ) )

  {

    printError( "Process32First" );  // Show cause of failure

    CloseHandle( hProcessSnap );     // Must clean up the snapshot object!

    return( FALSE );

  }



  // Now walk the snapshot of processes, and

  // display information about each process in turn

  do

  {

    printf( "\n\n=====================================================" );

    printf( "\nPROCESS NAME:  %s", pe32.szExeFile );

    printf( "\n-----------------------------------------------------" );



    // Retrieve the priority class.

    dwPriorityClass = 0;

    hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID );

    if( hProcess == NULL )

      printError( "OpenProcess" );

    else

    {

      dwPriorityClass = GetPriorityClass( hProcess );

      if( !dwPriorityClass )

        printError( "GetPriorityClass" );

      CloseHandle( hProcess );

    }



    printf( "\n  process ID        = 0x%08X", pe32.th32ProcessID );

    printf( "\n  thread count      = %d",   pe32.cntThreads );

    printf( "\n  parent process ID = 0x%08X", pe32.th32ParentProcessID );

    printf( "\n  Priority Base     = %d", pe32.pcPriClassBase );

    if( dwPriorityClass )

      printf( "\n  Priority Class    = %d", dwPriorityClass );



    // List the modules and threads associated with this process

    ListProcessModules( pe32.th32ProcessID );

    ListProcessThreads( pe32.th32ProcessID );



  } while( Process32Next( hProcessSnap, &pe32 ) );



  CloseHandle( hProcessSnap );

  return( TRUE );

}





BOOL ListProcessModules( DWORD dwPID )

{

  HANDLE hModuleSnap = INVALID_HANDLE_VALUE;

  MODULEENTRY32 me32;



  // Take a snapshot of all modules in the specified process.

  hModuleSnap = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID );

  if( hModuleSnap == INVALID_HANDLE_VALUE )

  {

    printError( "CreateToolhelp32Snapshot (of modules)" );

    return( FALSE );

  }



  // Set the size of the structure before using it.

  me32.dwSize = sizeof( MODULEENTRY32 );



  // Retrieve information about the first module,

  // and exit if unsuccessful

  if( !Module32First( hModuleSnap, &me32 ) )

  {

    printError( "Module32First" );  // Show cause of failure

    CloseHandle( hModuleSnap );     // Must clean up the snapshot object!

    return( FALSE );

  }



  // Now walk the module list of the process,

  // and display information about each module

  do

  {

    printf( "\n\n     MODULE NAME:     %s",             me32.szModule );

    printf( "\n     executable     = %s",             me32.szExePath );

    printf( "\n     process ID     = 0x%08X",         me32.th32ProcessID );

    printf( "\n     ref count (g)  =     0x%04X",     me32.GlblcntUsage );

    printf( "\n     ref count (p)  =     0x%04X",     me32.ProccntUsage );

    printf( "\n     base address   = 0x%08X", (DWORD) me32.modBaseAddr );

    printf( "\n     base size      = %d",             me32.modBaseSize );



  } while( Module32Next( hModuleSnap, &me32 ) );



  CloseHandle( hModuleSnap );

  return( TRUE );

}



BOOL ListProcessThreads( DWORD dwOwnerPID ) 

{ 

  HANDLE hThreadSnap = INVALID_HANDLE_VALUE; 

  THREADENTRY32 te32; 

 

  // Take a snapshot of all running threads  

  hThreadSnap = CreateToolhelp32Snapshot( TH32CS_SNAPTHREAD, 0 ); 

  if( hThreadSnap == INVALID_HANDLE_VALUE ) 

    return( FALSE ); 

 

  // Fill in the size of the structure before using it. 

  te32.dwSize = sizeof(THREADENTRY32 ); 

 

  // Retrieve information about the first thread,

  // and exit if unsuccessful

  if( !Thread32First( hThreadSnap, &te32 ) ) 

  {

    printError( "Thread32First" );  // Show cause of failure

    CloseHandle( hThreadSnap );     // Must clean up the snapshot object!

    return( FALSE );

  }



  // Now walk the thread list of the system,

  // and display information about each thread

  // associated with the specified process

  do 

  { 

    if( te32.th32OwnerProcessID == dwOwnerPID )

    {

      printf( "\n\n     THREAD ID      = 0x%08X", te32.th32ThreadID ); 

      printf( "\n     base priority  = %d", te32.tpBasePri ); 

      printf( "\n     delta priority = %d", te32.tpDeltaPri ); 

    }

  } while( Thread32Next(hThreadSnap, &te32 ) ); 



  CloseHandle( hThreadSnap );

  return( TRUE );

}



void printError( TCHAR* msg )

{

  DWORD eNum;

  TCHAR sysMsg[256];

  TCHAR* p;



  eNum = GetLastError( );

  FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,

         NULL, eNum,

         MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language

         sysMsg, 256, NULL );



  // Trim the end of the line and terminate it with a null

  p = sysMsg;

  while( ( *p > 31 ) || ( *p == 9 ) )

    ++p;

  do { *p-- = 0; } while( ( p >= sysMsg ) &&

                          ( ( *p == '.' ) || ( *p < 33 ) ) );



  // Display the message

  printf( "\n  WARNING: %s failed with error %d (%s)", msg, eNum, sysMsg );

}

楼上已经说的很清楚了,你MSDN太老了,换个新的吧,这是新MSDN里的例子
cnzdgs 2008-10-31
  • 打赏
  • 举报
 回复
PROCESSENTRY32

Describes an entry from a list that enumerates the processes residing in the system address space when a snapshot was taken.


typedef struct tagPROCESSENTRY32 { DWORD dwSize; DWORD cntUsage; DWORD th32ProcessID; ULONG_PTR th32DefaultHeapID; DWORD th32ModuleID; DWORD cntThreads; DWORD th32ParentProcessID; LONG pcPriClassBase; DWORD dwFlags; TCHAR szExeFile[MAX_PATH];
} PROCESSENTRY32, *PPROCESSENTRY32;
Members
dwSize
Size of the structure, in bytes. Before calling the Process32First function, set this member to sizeof(PROCESSENTRY32). If you do not initialize dwSize, Process32First fails.
cntUsage
This member is no longer used and is always set to zero.
th32ProcessID
Process identifier.
th32DefaultHeapID
This member is no longer used and is always set to zero.
th32ModuleID
This member is no longer used and is always set to zero.
cntThreads
Number of execution threads started by the process.
th32ParentProcessID
Process identifier of the process that created this process (its parent process).
pcPriClassBase
Base priority of any threads created by this process.
dwFlags
This member is no longer used, and is always set to zero.
szExeFile
Pointer to a null-terminated string that specifies the name of the executable file for the process.
sanshao27 2008-10-31
  • 打赏
  • 举报
 回复
[Quote=引用 1 楼 laolaoliu2002 的回复:]
用函数CreateToolhelp32Snapshot()获得当前运行进程的快照后,我们可以利用process32First函数来获得第一个进程的句柄
[/Quote]
同意
zhoujianhei 2008-10-31
  • 打赏
  • 举报
 回复
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS| TH32CS_SNAPMODULE, 0);

孤客天涯 2008-10-31
  • 打赏
  • 举报
 回复
你要提升你的权限
//提升进程权限
HANDLE hToken=NULL;
if(OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,&hToken))
{
SetPrivilege(hToken, SE_DEBUG_NAME, TRUE);
CloseHandle(hToken);
}
BOOL SetPrivilege(HANDLE hToken,LPCTSTR Privilege,BOOL bEnablePrivilege) //设置当前进程特权
{
TOKEN_PRIVILEGES tp;
LUID luid;
TOKEN_PRIVILEGES tpPrevious;
DWORD cbPrevious=sizeof(TOKEN_PRIVILEGES);
if(!LookupPrivilegeValue( NULL, Privilege, &luid )) return FALSE;
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid= luid;
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken,FALSE,&tp,sizeof(TOKEN_PRIVILEGES),&tpPrevious,&cbPrevious);
if (GetLastError() != ERROR_SUCCESS) return FALSE;
tpPrevious.PrivilegeCount=1;
tpPrevious.Privileges[0].Luid=luid;
if(bEnablePrivilege)
{
tpPrevious.Privileges[0].Attributes |= (SE_PRIVILEGE_ENABLED);
}
else
{
tpPrevious.Privileges[0].Attributes ^= (SE_PRIVILEGE_ENABLED &
tpPrevious.Privileges[0].Attributes);
}
AdjustTokenPrivileges(hToken,FALSE,&tpPrevious,cbPrevious,NULL,NULL);
if (GetLastError() != ERROR_SUCCESS) return FALSE;
return TRUE;
}
韦翔罂 2008-10-31
  • 打赏
  • 举报
 回复
希望大家能够实际运行我的代码后给出实际可解决问题的办法,非常感谢!
孤客天涯 2008-10-31
  • 打赏
  • 举报
 回复

PROCESSENTRY32 process_info;
DWORD m_CurrentPrecessID=GetCurrentProcessId();
HANDLE handle=CreateToolhelp32Snapshot(TH32CS_SNAPALL|TH32CS_INHERIT,m_CurrentPrecessID);
if (Process32First(handle,&process_info))
{

while (Process32Next(handle,&process_info))
{
...
}
}
CloseHandle(handle);
stivenjia 2008-10-31
  • 打赏
  • 举报
 回复
TH32CS_SNAPMODULE意思是建立某个进程的Module的映像而0号系统进程你是没有权限进行映像的。
laolaoliu2002 2008-10-31
  • 打赏
  • 举报
 回复
http://topic.csdn.net/t/20040107/23/2643957.html

http://blog.csdn.net/chinafe/archive/2006/09/28/1301782.aspx
laolaoliu2002 2008-10-31
  • 打赏
  • 举报
 回复
用函数CreateToolhelp32Snapshot()获得当前运行进程的快照后,我们可以利用process32First函数来获得第一个进程的句柄
“ 输出1900年之后任意一年的日历 ”完整编程思路!
采用自顶向下、逐步求精的设计方法。这种分解问题的思想很重要,可以帮助我们更好地分析疑难问题,特别是对于工程项目,较多的功能和耦合会让问题无从下手,只有采用自顶向下、逐步求精、分而治之的思想才能很好地解决这类问题! 题目:根据用户输入年份,显示该年12个月的日历,并对应具体的星期几。 分析:首先根据问题处理的思路,可以分为三个过程:UserInput,Process,Print。User...
DPDK疑难杂症之发包Tx失败
目录现象原因具体原因解决参考 现象 DPDK场景下网卡批量发包失败(计划发送N个,实际只能发送M个)。 用GDB跟进去的话会发现是网卡发送队列的DD标志位未置位。 原因 DPDK 程序通过 ixgbe或者i40e pmd 驱动可以直接操作网卡的寄存器和 ring Buffer,当上层业务存在问题,发送一些“不合规”的数据包时,这些有问题的数据包会直接进入网卡,引发硬件问题。 在内核态时,这些有问题的数据包会被内核驱动检查过滤掉。 但是DPDK程序的检查是自己控制的,无法做到精准检查。 具体原因 引发发送
在SQL Server 2005性能问题的疑难解答
出版日期:二零零五年十月一日 作家:苏尼尔阿加瓦尔,鲍里斯·巴雷什尼科夫,汤姆·戴维森,基思·埃尔莫尔,登齐尔·里贝罗,于尔根·托马斯 适用于:SQL Server 2005中 摘要:体验偶尔慢下来的SQL Server数据库,这是并不鲜见。 设计拙劣的数据库或系统,配置不当的工作量,但几个这种类型的性能问题很多可能的原因。 管理员需要积极主动地防止或减少问题发生时,诊断原因并采
【GaussDB】深度解析:创建存储过程卡死且无法Kill会话的疑难排查
GaussDB存储过程创建卡死问题排查摘要 问题描述:在GaussDB 506.0.0版本中,执行包含复杂嵌套查询的存储过程创建语句时,会话卡死且无法通过Ctrl+C或kill命令终止。通过简化测试用例(包含多层嵌套的UNION ALL查询)成功复现问题。 排查过程: 查看会话状态显示为active,无阻塞 尝试pg_terminate_session和pg_terminate_backend均失败 进一步分析发现是查询优化器在处理复杂嵌套时进入死循环 问题本质:查询优化器对特定SQL模式的递归处理存在缺陷
Drop Table对MySQL的性能影响分析
【作者】 王栋:携程技术保障中心数据库专家,对数据库疑难问题的排查和数据库自动化智能化运维工具的开发有强烈的兴趣。 【问题描述】 最近碰到有台MySQL实例出现了MySQL服务短暂hang死,表现为瞬间的并发线程上升,连接数暴增。 排查Error Log文件中有page_cleaner超时的信息,引起我们的关注: 2019-08-24T23:47:09.361836+08:00 0 [N...
进程/线程/DLL

15,472

社区成员

49,171

社区内容

发帖
与我相关
我的任务
社区描述
VC/MFC 进程/线程/DLL
社区管理员
  • 进程/线程/DLL社区
加入社区
  • 近7日
  • 近30日
  • 至今

加载中

查看更多榜单
社区公告
暂无公告

试试用AI创作助手写篇文章吧

+ 用AI写文章