tags:

views:

415

answers:

4
+1  Q: 

determine if a process is dead or not - by PID

I have two different way to check whether a process is still up and running:

1) using GetExitCodeProcess() 2) walking the list of processes using CreateToolhelp32Snapshot() and checking PIDs

now, in both cases I'm still getting that a process that I terminated with TerminateProcess is till alive even tho it is not.

Is there a way to positively know whether a process is still alive or dead passing the PID? thanks!

+3  A: 

Don't use PID for something like this. PIDs are reused and have a very narrow range, with a very high collision probability. In other words, you will find a running process but will be a different process.

Remus Rusanu  2009-11-30 21:37:29
thank you. what will be a better solution? Code please
Jessica  2009-11-30 21:41:45
There is no pixie dust. Better describe your requirements, why do you kill processes and why do you care if they are still running? Most times the solution involves some IPC shared resource, like a semaphore, which requires cooperation from the process (be able to have your code executed in the process). For foreign processes there really isn't any solution afaik.
Remus Rusanu  2009-11-30 21:58:35
Use a windows process shareable Kernel Object -- e.g., a Named Pipe (windows named pipe not Unix). If a PID is reused you can be certain it won't open a named pipe of the same name unless its a process of the same type. However, I have a feeling your not going for this level of synchronization granularity.
Hassan Syed  2009-11-30 22:00:27
Btw, does TerminateProcess return success?
Remus Rusanu  2009-11-30 22:04:40
yes. you can see that the application is terminated as well.
Jessica  2009-11-30 22:25:42
considering you verified that it is not *another* process that hijacks the PID, is there anything particular to these apps? Do they ahve a debugger attached by any chance?
Remus Rusanu  2009-11-30 22:34:26
no, no debugger. apparently there is a lag on the update of the process table. I don't like windows.
Jessica  2009-11-30 22:46:04
+2  A: 

A call to GetExitCodeProcess should return STILL_ACTIVE for active processes. After a call to TerminateProcess, the process will be dead, and a different value will be returned.

Another way to check if a process is alive is WaitForSingleObject. If you call this on the process handle with a timeout of 0, it will immediately return WAIT_TIMEOUT if the process is still running.

Andomar  2009-11-30 21:37:31
well, that's not the case. After TerminateProcess() is called I check with GetExitCodeProcess and it returns STILL_ACTIVE. I think the process table is not getting updated or it taking time to do so
Jessica  2009-11-30 21:39:59
It is possible for TerminateProcess to specify STILL_ACTIVE (259) as an error code; that would make a dead process look like a living process. You can double-check with `WaitForSingleObject` (edited answer)
Andomar  2009-11-30 21:41:35
thanks for the tip. I added the code and it returns WAIT_TIMEOUT (258), so the process is running. Even after the kill
Jessica  2009-11-30 21:48:31
I am having a problem understanding the logic behind it. The call will return immediately. What is the return status when the process is dead? (not WAIT_TIMEOUT)
Jessica  2009-11-30 21:51:21
When the process is dead, `WaitForSingleObject` returns `WAIT_OBJECT_0`, meaning the wait was successful. That means the process handle was signalled (done.)
Andomar  2009-11-30 21:58:40
ok, so back to where I started. even after a nasty terminate process windows still returns me that the application is still alive.I mean, I see the application gone...
Jessica  2009-11-30 22:27:59
A: 

You cannot assume a low level API call functions the way it seems or how you think it should function from its name or high level description. A kernel still has things to do and often calls are just requests to the kernel and there are a multitude of things a kernel needs to do (depending on implementation) before it will actually release the PID. In this case after you issue the call you may assume the process is dead, however the kernel still has to clean up.

From MSDN :

The TerminateProcess function is use to unconditionally cause a process to exit. The state of global data maintained by dynamic-link libraries (DLLs) may be compromised if TerminateProcess is used rather than ExitProcess.

TerminateProcess initiates termination and returns immediately. This stops execution of all threads within the process and requests cancellation of all pending I/O. The terminated process cannot exit until all pending I/O has been completed or canceled.

A process cannot prevent itself from being terminated.

Hassan Syed  2009-11-30 21:53:54
thanks for the information
Jessica  2009-11-30 22:44:57
A: 

Hi there.

Could you make use of the Process Status API? There are functions for enumerating all running processes on a system - this could help you.

Cheers. Jas.

Jason Evans  2009-11-30 22:03:02

related questions

any good tool for makefile generation?
How do you pass a function as a parameter in C?
Where should a veteran C programmer start in order to master Java ?
Any good book on best practice and guidelines in developing a SDK in C?
How do you determine the size of a file in C?
Decoding printf statements in C (Printf Primer)
Shift operator in C
How to avoid redefining VERSION, PACKAGE, etc.
Alpha blending sprites in Nintendo DS Homebrew
When should I use type abstraction in embedded systems
How to implement continuations?
What are the barriers to understanding pointers and what can be done to overcome them?
Anyone have experience creating a shared library in MATLAB?
String.indexOf function in C
Passing multidimensional arrays as function arguments in C
C/C++ library for reading MIDI signals from a USB MIDI device
Choosing a static code analysis tool
How do you printf an unsigned long long int?
Good STL-like library for C.
Rockbox audio format
Why am I getting a malloc: double free error with realloc()?
Should I learn C?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS