Check if a Win32 thread is running or in a suspended state

windows winapi

How do I check to see if a Win32 thread is running or in suspended state?

I can't find any Win32 API which gives the state of a thread. So how do I get the thread state?


Solution 1:

I think - originally - this information was not provided because any API that provided this info would be misleading and useless.

Consider two possible cases - the current thread has suspended the thread-of-interest. Code in the current thread knows about the suspended state and should be able to share it so theres no need for the kernel team to add an API.

The 2nd case, some other / a 3rd thread in the system has suspended the thread of interest (and theres no way to track which thread that was). Now you have a race condition - that other thread could, at any time - unsuspend the thread of interest and the information gleaned from the API is useless - you have a value indicating the thread is suspended when it is in fact, not.

Moral of the story - if you want to know that a thread is suspended - suspend it: The return value from SuspendThread is the previous suspend count of the thread. And now you DO know something useful - The thread WAS AND STILL IS suspended - which is useful. Or that it WASN't (but now is) suspended. Either way, the thread's state is now deterministically known so you can in theory make some intelligent choices based on that - whether to ResumeThread, or keep it suspended.

Solution 2:

You can get this information by calling NtQuerySystemInformation() with the value for SystemProcessesAndThreadsInformation (integer value 5).

If you want an example of what you can do with this information take a look at Thread Status Monitor.

Solution 3:

WMI's Win32_Thread class has a ThreadState property, where 5: "Suspended Blocked" and 6:Suspended Ready.

You will need the Thread's Id to get the right instance directly (the WMI object's Handle property is the thread id).

EDIT: Given this PowerShell query:

gwmi win32_thread | group ThreadState

gives

Count Name  Group
----- ----  -----
    6 2     {, , , ...}
  966 5     {, , , ...}

WMI has a different definition of "Suspended" to Win32.

Solution 4:

In Windows 7, you can use QueryUmsThreadInformation. (UMS stands for User mode scheduling).

See here for UmsThreadIsSuspended.

Related

Is global constants an anti-pattern?
ActionScript 3.0 + Calculate timespan between two dates?
How to setup a cron job in Magento module?
Xcode -- get force_load to work with relative paths
R tm package vcorpus: Error in converting corpus to data frame
Memory alignment on a 32-bit Intel processor
Redirect back in Flask
How to handle key pressed in a Linux console in C?
Too many auto increments with ON DUPLICATE KEY UPDATE
Static variable in Python?
How to display image with WebView loaddata?
How to import a Java project to Eclipse?