6

I can suspend a thread of another process by using SuspendThread(). Is there any way to also suspend the execution of that process altogether? If yes, please post code.

Thanks.

PS: Since you will ask "Why do you want to do this" I'll post it here. I am dealing with legacy software that is not maintained anymore. I don't have access to the source code. Right now I need it to pause until a file is filled with data and then resume the execution.

Kirill V. Lyadvinsky
  • 97,037
  • 24
  • 136
  • 212
wonderer
  • 3,487
  • 11
  • 49
  • 59

3 Answers3

2

The only way is to suspend all threads of that process.

If you want to see actual code, check the sample here.

Kirill V. Lyadvinsky
  • 97,037
  • 24
  • 136
  • 212
  • would that suspend the process itself? I tried suspending all thread but the main process is still active. – wonderer Aug 07 '09 at 13:43
  • A process includes one or more threads that actually execute the code in the process (technically, processes don’t run, threads do). – Kirill V. Lyadvinsky Aug 07 '09 at 13:48
  • If you read that article on Codeproject, note that "some programs are not well-written" includes a lot of well-written programs that happen to be using a mutex in an entirely legitimate way. Suspending is always a bit risky and awkward (though for your particular example, it is probably hard to find something much better). – Damon Apr 21 '11 at 08:35
0

> The only way is to suspend all threads of that process.

No.
Use Undocumented Kernel apis (exported since NT 3.1) to suspend the Pid.

  • thanks for the comments, but just saying "use undocumented API" won't give me any answer. If you know of any undocumented API please post it and give some sample code. – wonderer Aug 10 '09 at 12:48
0

If the process has or spawns many threads rapidly or asynchronously, your subject to a race condition with SuspendThread().

A way to accomplish the same thing (that is process wide) is to attach as a debugger to the target process with DebugActiveProcess() and then simply call DebugBreakProcess. When a process is at a break point, no new threads will be created and all execution, process wide will stop.

RandomNickName42
  • 5,923
  • 1
  • 36
  • 35