Hello.
I have found a strange deadlock when I combine some programs on the same machine.
The situation is as follows:
Sometimes the system gets almost dead. The user mode application do not work or works slowly.
Using WinDbg I have found that when that situation occurs, many threads (from different apps) are waiting on the same semaphore.
This semaphore is the one contained in the eresource nt!CmpRegistryLock.
This eresource is acquired whenever a Registry operation takes place at the Configuration Manager level.
It is an executive resource, so threads that acquire it for shared mode use a semaphore.
The threads that I see stopped on that resource are all them waiting on the semaphore, not on the resource event, so I assume they are acquiring it as a shared resource but being stopped because someone has acquired the resource already for exclusive use.
The problem is that the one that has acquired the resource for exclusive use is not releasing it.
The thread that holds the lock belongs to a user mode program that looks ‘apparently’ normal (it is an automatic updater of an installed application).
Is it possible for an ordinary user mode program to call Registry functions in such a way that the lock would be held forever?
Inaki.
Forever not likely but a call to a lengthy registry operation such as RegSaveKey for a large hive like HKLM\Software will hold this lock for several minutes leaving the impression your system is frozen up forever.
Regards,
Daniel Terhell
Resplendence Software Projects
http://www.resplendence.com
“I?aki Castillo” wrote in message news:xxxxx@ntdev…
Hello.
I have found a strange deadlock when I combine some programs on the same machine.
The situation is as follows:
Sometimes the system gets almost dead. The user mode application do not work or works slowly.
Using WinDbg I have found that when that situation occurs, many threads (from different apps) are waiting on the same semaphore.
This semaphore is the one contained in the eresource nt!CmpRegistryLock.
This eresource is acquired whenever a Registry operation takes place at the Configuration Manager level.
It is an executive resource, so threads that acquire it for shared mode use a semaphore.
The threads that I see stopped on that resource are all them waiting on the semaphore, not on the resource event, so I assume they are acquiring it as a shared resource but being stopped because someone has acquired the resource already for exclusive use.
The problem is that the one that has acquired the resource for exclusive use is not releasing it.
The thread that holds the lock belongs to a user mode program that looks ‘apparently’ normal (it is an automatic updater of an installed application).
Is it possible for an ordinary user mode program to call Registry functions in such a way that the lock would be held forever?
Inaki.