Tuesday, March 31, 2009

Reply to a very old query

There was a query on one of my earlier post  (Reference : Posting  on Processes and threads ) asking  how would a simple 'C' code with no explicit thread create statement behave.

I decided to track all the activies by a simple executable compiled from the below code.. Yes the 1st program that you wrote.. The hello world.

The procmon utility captures everything including the Process Create and  Thread Create calls.
 

Lets examine a very simple 'C' Code to explain the windows thread creation and execution.

Consider the following code.

 
#include "stdio.h"
#include "conio.h"

int main()
{
printf("Hello World! \n");

getch();
return 0;
} 

 
Now lets see what happens in the back ground. As you might have observed, eventhough there is no explicit thread creation routine in the
code snippet, windows creates a thread and queues it for execution.

So, in short even a very simple hello world application will have  a thread created.

HelloWorld.exe Process Start 
HelloWorld.exe Thread Create 
HelloWorld.exe Load Image C:\Users\skarunakaran\Desktop\HelloWorld.exe
HelloWorld.exe Load Image C:\Windows\System32\ntdll.dll
HelloWorld.exe Load Image C:\Windows\System32\kernel32.dll
HelloWorld.exe RegOpenKey HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots
HelloWorld.exe RegOpenKey HKLM\COMPONENTS\AssemblyStorageRoots
HelloWorld.exe RegOpenKey HKLM\System\CurrentControlSet\Control\SafeBoot\Option
HelloWorld.exe RegOpenKey HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
HelloWorld.exe RegQueryValue HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled
HelloWorld.exe RegCloseKey HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers
HelloWorld.exe RegOpenKey HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
HelloWorld.exe Load Image C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll
HelloWorld.exe RegOpenKey HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HelloWorld.exe RegOpenKey HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions
HelloWorld.exe RegQueryValue HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\MSVCR90.dll
HelloWorld.exe RegOpenKey HKLM\System\CurrentControlSet\Control\Session Manager
HelloWorld.exe RegQueryValue HKLM\System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode
HelloWorld.exe RegQueryValue HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\ntdll.dll
HelloWorld.exe RegQueryValue HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\kernel32.dll
HelloWorld.exe RegOpenKey HKLM\System\CurrentControlSet\Control\Nls\CustomLocale
HelloWorld.exe RegQueryValue HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\en-US
HelloWorld.exe RegCloseKey HKLM\System\CurrentControlSet\Control\Nls\CustomLocale
HelloWorld.exe Thread Exit 
HelloWorld.exe Process Exit 



Posted by at 1 comment:
Labels:

Monday, March 30, 2009

Our Short and Sweet Trip :-)

                                                              Araku Valley      


The idea of visiting Vizag or Visakhapatnam came natural  to me.. I always loved this place. A hectic life and job in those areas for almost 4 years just couldn't make the place boring for me..

It is really a nice feeling to be at a place after a gap, where you have spent good amount of time ... You start relating things.. You start switching between past and present... You start seeing places in an all new perspective..

It was a short trip for us.. around 4 days..  We tried the new train service Garib Rath for the first time... A real nice experience... We checked in to a hotel named "Orange".. A comfortable stay.. Vizag has some real nice beaches.. And a must watch is a decommissioned submarine put up as a mesuem... Kailasa Giri ( Kailasa Hill ) is one hill very close to the sea.. You have "Rope Way" to go up and Tram service to see around... Real nice view.

One place that topped our "Must watch places "    is Arakku Valley.  The best time to be there is during November-December when the whole valley appear as yellow.. This I heard is the best hill station in Andhra, and the next one is Horsleay hills.




Posted by at No comments:
Labels: ,

Monday, March 16, 2009

I am back :)


It has been quite long a silence. I was indeed busy with couple of key project deliverables. :-)

Has been doing some reading on Robocopy and other possible data transfer mechanism to perform a bulk data transfer.

Last week I did try booting up and installing "Ubuntu" too.. 

Will see you guys soon with more posts !!

P.S. I am a much fit person now :-). I started getting up early in the morning these days..  And yes !! I am playing badminton too..  See what change a medical report with a note on high cholestrol can make to a person. :-)

Cheers !!!

 

Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)