Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Alternative to psutil.Process(pid).name

Tags:

performance

python

pywin32

I have measured the performance of psutil.Process(pid).name and it turns out that it is more than ten times slower than for example psutil.Process(pid).exe. Because the last one of these functions requires different privileges over the path, I cannot just just extract the filename from the path. My question is: Are there any alternatives to psutil.Process(pid).name, which does the same?

like image 850
I_like_traffic_lights Avatar asked Feb 23 '23 16:02

I_like_traffic_lights

1 Answers

You mentioned this is for windows. I took a look at what psutil does for windows. It looks like psutil.Process().name is using the windows tool help API. If you look at psutil's Process code and trace .name, it goes to get_name() in process_info.c. It is looping through all the pids on your system until it finds the one you're looking for. I think this may be a limitation of the toolhelp API. But this is why it's slower than .exe, which uses a different API path, that (as you pointed out), requires additional privilege.

The solution I came up with is to use ctypes and ctypes.windll to call the windows ntapi directly. It only needs PROCESS_QUERY_INFORMATION, which is different than PROCESS_ALL_ACCESS:

import ctypes
import os.path

# duplicate the UNICODE_STRING structure from the windows API

class UNICODE_STRING(ctypes.Structure):
    _fields_ = [
      ('Length', ctypes.c_short),
      ('MaximumLength', ctypes.c_short),
      ('Buffer', ctypes.c_wchar_p)
    ]

# args

pid = 8000 # put your pid here

# define some constants; from windows API reference

MAX_TOTAL_PATH_CHARS = 32767
PROCESS_QUERY_INFORMATION = 0x0400 
PROCESS_IMAGE_FILE_NAME = 27

# open handles

ntdll = ctypes.windll.LoadLibrary('ntdll.dll')
process = ctypes.windll.kernel32.OpenProcess(PROCESS_QUERY_INFORMATION,
  False, pid)

# allocate memory

buflen = (((MAX_TOTAL_PATH_CHARS + 1) * ctypes.sizeof(ctypes.c_wchar)) +
  ctypes.sizeof(UNICODE_STRING))
buffer = ctypes.c_char_p(' ' * buflen) 

# query process image filename and parse for process "name"

ntdll.NtQueryInformationProcess(process, PROCESS_IMAGE_FILE_NAME, buffer,
  buflen, None)
pustr = ctypes.cast(buffer, ctypes.POINTER(UNICODE_STRING))
print os.path.split(pustr.contents.Buffer)[-1]

# cleanup

ctypes.windll.kernel32.CloseHandle(process)
ctypes.windll.kernel32.FreeLibrary(ntdll._handle)
like image 141
kag Avatar answered Mar 06 '23 20:03

kag
Sign in to Comment

Related questions

Fuzzy matching a string within a large body of text in Python (url)
Reading Structure Binary Data in Python?
Python Prepared Statements. Problems with SELECT IN
How to backup python dependencies or modules already installed
Is there something you can put in your code which starts an interactive interperter (in python)
What can be done about "The command is too long to execute" error in MATLAB?
date2num , ValueError: ordinal must be >= 1
Ball Physics problem Python
virtualenv not using own packages
Python Audio Frame Pitch Change
Python Popen writing to stdin not working when in a thread
Django template question: how to output just the text if the variable has html in it?
What's the get_Text() equivalent in python bindings for Selenium/Webdriver
Having problems profiling memory in Python program using Valgrind
python objects, garbage collection
How to install numpy in a virtualenv on Debian?
Why am I getting "Exception: (404, u'Not Found')" with Suds
Why can't I unpack a float with other types and get the expected result?
Convert list of positions [4, 1, 2] of arbitrary length to an index for a nested list
How to get current function name in Python C-API?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!