DoK – Where Dreams Come From

C'è chi vede il bicchiere mezzo pieno e chi lo vede mezzo vuoto… Per me, l'acqua che manca, è traboccata fuori ;)

Process Controller is a system tray-based utility to monitor and control the activity and resources of your system in real time.

Posted on | febbraio 27, 2007 | No Comments

OverviewProcess Controller is a system tray-based utility to monitor and control the activity and resources of your system in real time. This version is based on the excellent original for BeOS by Georges-Edouard Berenger. With it you can:

  • See how much processing power and memory is currently being used in the system.
  • Quit any application, assuming you have sufficient privileges.
  • View the memory usage of each application.
  • View the activity of each process and thread in real-time.
  • View all windows created by each process.

Process Controller in the Tray
When run, Process Controller appears in the system tray showing two small meters. The left-hand meter shows the current processor utilisation and the right-hand meter shows the current memory load. You can change the colours used as well as selecting to just display processor usage. On dual processor systems, the left-hand meter is split into two smaller meters showing processor load for each CPU.

When clicked, Process Controller pops up this menu:

The ‘Quit an Application’ Menu

This menu allows you to close an application cleanly by posting a WM_CLOSE message to each of the application’s windows. Note that not all applications can receive WM_CLOSE messages (if an application has no windows or you’re logged on with insufficient security rights), in which case these applications will not appear in the list.

Quit an Application

The ‘Spy Memory Usage’ Menu

This menu lets you see how much memory is being used both across the system and individually by each process. It should be noted that some of these values may be inaccurate due to the way Windows manages memory, and limitations in the APIs.

The following shows the level of information Process Controller can provide about memory usage:

Spy Memory

The top line (System Resources & Caches) details the total amount of Committed memory. That is, the sum of both physical RAM installed in the PC and the current paging file size. In this example, 272.4MB of memory are currently committed by the operating system (indicated by both the blue and purple areas). The PC used in this example has 192MB of phyiscal RAM so approximately 80MB is currently paged (stored on disk).

The other figure (106.5MB in this example) and indicated by the dark blue area is the sum of all the currently running processes’ working sets (a process’ working set is the number of pages it has touched recently – this gives an approximate amount of memory the process is using). The difference between the two – indicated by just the purple area – indicates how much memory is currently used by the operating system, which includes the disk cache, cached binaries (so applications start faster next time they’re run), device drivers, and other internal structures.

All the other entries show how much memory each process is using. Here, the right-hand value shows the process’ virtual size – this is the maximum amount of memory the process has access to and is represented as a percentage of the total committed memory by the light blue bar. The left-hand value show the process’ current working set, which is a good approximation of how much memory the process is currently using; indicated by the dark blue part of the bar.

Process Properties
Selecting any process from the menu will bring up a window detailing a bit more information about the process. The window will remain open until it is either closed or the process it represents terminates. It can also be made to stay on top of other windows by right-clicking anywhere within it and selecting the option from the menu that appears.

The ‘Spy Windows’ Menu

This menu lets you drill down into all the top-level windows a process has created. Currently Process Controller groups up all the windows for all threads (a thread actually creates a window, not a process) and lists them in a menu showing the window’s title, if it has one, and class name. Selecting a window brings up a properties window similar to that shown above that provides more information on the window and allows you to toggle its visible state.

Spy Windows

The ‘Kill, Debug or Change Priority’ Menu

This menu provides multiple options:

  • View the activity of all processes and threads running on your PC.
  • Kill a particular process (assuming you have sufficient privileges) by selecting it from the menu.
  • Kill or launch a debugger on a particular thread by selecting it.
  • Alter a thread’s priority (see below) by selecting an alternative priority from the menu.

Spy Windows

Note that there are some processes which always run under Windows, typically these processes cannot be killed or modified in any way:

  • Client Server Run-Time Subsystem (csrss.exe) – Responsible for managing console windows, creating and deleting threads and parts of the 16-bit virtual MS-DOS environment.
  • Local Security Authentication Server (lsass.exe) – Authenticates users for the Winlogon service and, if successful, generates the user’s access token, which other processes the user initiates inherit.
  • Task Scheduler (mstask.exe) – Runs tasks at pre-determined times.
  • Session Manager (smss.exe) – Starts the user session and launches both the winlogon and csrss processs. It also sets things such as system variables. Once it’s launched winlogon and csrss it sleeps waitign for either of these two processes to end, it this happens under normal circumstances the system shuts down; otherwise smss causes the system to stop responding.
  • Spooler (spoolsv.exe) – Manages spooled print or fax jobs.
  • Service Host (svchost.exe) – Acts as a host for other processes running from dlls. More than one of these can exist in the system at any one time.
  • Services Control Manager (services.exe) – Responsible for starting, stopping and interacting with system services.
  • System – Runs kernel-mode threads.
  • System Idle Process – A single-thread process whose job it is to account for processor time when the CPU isn’t running other threads.
  • Windows Logon App (winlogon.exe) – Responsible for managing user logon and logoff. Sleeps most of the time, only waking when the user presses CTRL, ALT and DELETE simultaneously, at which point it shows the security dialog box.
  • Windows Management Instrumentation (winmgmt.exe) – Or WMI as it’s more commonly known. This process initialises when the first client application connects.

Process and Thread Priorities

Thread Priority Menu
Threads are scheduled to run based on their scheduling priority. Each thread is assigned a scheduling priority, which ranges from from zero (lowest priority) to 31 (highest priority). Only the zero-page thread can have a priority of zero. The zero-page thread is a system thread responsible for zeroing any free pages when there are no other threads that need to run.

The system treats all threads with the same priority as equal. The system assigns time slices in a round-robin fashion to all threads with the highest priority. If none of these threads are ready to run, the system assigns time slices in a round-robin fashion to all threads with the next highest priority. If a higher-priority thread becomes available to run, the system ceases to execute the lower-priority thread (without allowing it to finish using its time slice), and assigns a full time slice to the higher-priority thread.

The priority of each thread is determined by the following criteria:

  • The priority class of its process
  • The priority level of the thread within the priority class of its process

The priority class and priority level are combined to form the base priority of a thread. To complicate matters further individual threads can be given a priority boost, which affects their dynamic priority – currently Process Controller ignores the dynamic priority of a thread.

Priority Classes

Each process belongs to one of the following priority classes:

  • IDLE_PRIORITY_CLASS
  • BELOW_NORMAL_PRIORITY_CLASS
  • NORMAL_PRIORITY_CLASS
  • ABOVE_NORMAL_PRIORITY_CLASS
  • HIGH_PRIORITY_CLASS
  • REALTIME_PRIORITY_CLASS

Note that BELOW_NORMAL_PRIORITY_CLASS and ABOVE_NORMAL_PRIORITY_CLASS are only supported on Windows 2000 and above.

By default, the priority class of a process is NORMAL_PRIORITY_CLASS. However, if the calling process is IDLE_PRIORITY_CLASS or BELOW_NORMAL_PRIORITY_CLASS, the new process will inherit this class. Processes that monitor the system, such as screen savers or applications that periodically update a display, should use IDLE_PRIORITY_CLASS. This prevents the threads of this process, which do not have high priority, from interfering with higher priority threads.

Priority Levels

The following are priority levels within each priority class:

  • THREAD_PRIORITY_IDLE
  • THREAD_PRIORITY_LOWEST
  • THREAD_PRIORITY_BELOW_NORMAL
  • THREAD_PRIORITY_NORMAL
  • THREAD_PRIORITY_ABOVE_NORMAL
  • THREAD_PRIORITY_HIGHEST
  • THREAD_PRIORITY_TIME_CRITICAL

All threads are created using THREAD_PRIORITY_NORMAL, which means that the thread priority is the same as the process priority class. After a thread is created, it can adjust its priority relative to other threads in the process. This is what Process Controller currently allows you to do.

Comments

Leave a Reply