Hello.

I’m running windows 2000 SP4 and I’ve got a FSD that relies on user mode
threads to complete file system requests. I see a wierd deadlock related
to ntdll!RtlAcquirePebLock. The thread that should have not blocked in
the below stack trace is thread 64c. It is waiting on critical section
77fd0100 which is *probably* acquired by thread 154 or 11c. I don’t know
what ntdll!RtlAcquirePebLock does or when the system attempts to acquire
it. Could anyone throw some light on what could be going on here or how
I could prevent this deadlock ? I’ve looked at the archives and searched
around for info, but with no success so far.
Thanks a lot.

22 Id: 55c.64c Suspend: 1 Teb: 7ffa2000 Unfrozen

ChildEBP RetAddr Args to Child

00 0371f178 77f8822a 00000ab0 00000000 00000000
ntdll!ZwWaitForSingleObject+0xb
01 0371f1ec 77f8819b 77fd0100 77f83403 77fd0170
ntdll!RtlpWaitForCriticalSection+0x9e
02 0371f1f4 77f83403 77fd0170 77f87b4a 00000000
ntdll!RtlEnterCriticalSection+0x46
03 0371f1fc 77f87b4a 00000000 0371f830 00000000
ntdll!RtlAcquirePebLock+0xf
04 0371f498 7c57c251 0371f5d4 0371f518 00000000
ntdll!RtlDosPathNameToNtPathName_U+0xb5
05 0371f520 005188d0 0371f5d4 00000000 0371f534
KERNEL32!GetFileAttributesExW+0x30
06 0371f554 0051d089 0371f830 0371f5d4 043a4594 Via3!get_size+0x10
[c:\viack\via3\src\vkfslib\vkfsvibe.cpp @ 69]
07 0371f7e4 00517dae 0371ff5c 0371f838 0371fa6c
Via3!VkFsVibe::list+0xc99 [c:\viack\via3\src\vkfslib\vkfsvibe.cpp @ 453]
08 0371fe84 0050f65a 0371ff5c 035f0008 014b78fc
Via3!VkFsInterface::list+0x17e
[c:\viack\via3\src\vkfslib\vkfsinterface.cpp @ 98]
09 0371ff70 0050fea0 77f87c86 77f87c5e 014b7668
Via3!VkFsPortal::ThreadProc+0x22a
[c:\viack\via3\src\vkfslib\vkfsportal.cpp @ 124]
0a 0371ffb4 7c57438b 014b7668 77f87c86 77f87c5e
Via3!VkFsPortalThreadProc+0xe0 [c:\viack\via3\src\vkfslib\vkfsportal.cpp
@ 56]
0b 0371ffec 00000000 0050fdc0 014b7668 00000000
KERNEL32!BaseThreadStart+0x52

33 Id: 55c.11c Suspend: 1 Teb: 7ff95000 Unfrozen

ChildEBP RetAddr Args to Child

00 0526d6f8 77f8b2fa 0526d764 00100020 0526d778 ntdll!NtOpenFile+0xb
01 0526d7ac 7c57a50f 0526d7b8 0010000e 0526d7cc
ntdll!RtlSetCurrentDirectory_U+0x1b0
02 0526d7c0 76b38c7b 0526d7cc 003a0056 0056005c
KERNEL32!SetCurrentDirectoryW+0x29
03 0526d9d8 76b3656e 00226fc0 0000000b 043aa240
comdlg32!MYLISTBOXITEM::SwitchCurrentDirectory+0x48
04 0526dc1c 76b36391 0000000b 00000001 043aa240
comdlg32!CFileOpenBrowser::OnSelChange+0x1b3
05 0526dc50 76b5811d 043b4fd0 0000000b 00000001
comdlg32!CFileOpenBrowser::JumpToIDList+0x1a6
06 0526dc70 76b5808b 00222338 0022d6a0 043a5fe8
comdlg32!CFileOpenBrowser::_ProcessPidlAsFolder+0x50
07 0526dc8c 76b559f4 70400177 043b0238 0526e3c8
comdlg32!CFileOpenBrowser::_ProcessPidlSelection+0x8d
08 0526dca4 76b5413a 00000000 7832d2a6 043aa244
comdlg32!CFileOpenBrowser::OnDblClick+0x1e
09 0526dcac 7832d2a6 043aa244 043a5fe8 00000005
comdlg32!CFileOpenBrowser::OnDefaultCommand+0x1e
0a 0526dd14 78374dcd 0526e3c8 00000005 043a5fe8
SHELL32!CDefView::_ProcessDblClick+0x46
0b 0526e0ac 783754a6 0526e3c8 77e139a2 043a5fe8
SHELL32!CDefView::_OnLVNotify+0x625
0c 0526e0c4 7831c4fa 0526e3c8 ffffff8e 0000004e
SHELL32!CDefView::_OnNotify+0x79
0d 0526e238 77e11ef0 0002020a 0000004e 00000001
SHELL32!DefView_WndProc+0x514
0e 0526e258 77e13869 7831bfe6 0002020a 0000004e
USER32!UserCallWinProc+0x18
0f 0526e274 77e138ab 00c2cc20 0000004e 00000001
USER32!DispatchClientMessage+0x4b
10 0526e29c 77f9ff57 0526e2ac 00000018 00c2cc20 USER32!__fnDWORD+0x22
11 0526e2c0 77e1372b 0002020a 0000004e 00000001
ntdll!KiUserCallbackDispatcher+0x13
12 0526e2f8 77e139e5 00c2cc20 0000004e 00000001
USER32!SendMessageWorker+0x3a5
13 0526e318 7171603f 0002020a 0000004e 00000001 USER32!SendMessageW+0x8c
14 0526e3a8 7173867d 043a1008 ffffff8e 0526e3c8
COMCTL32!CCSendNotify+0xb92
15 0526e424 71738a28 0002020c 00000001 000000f0
COMCTL32!ListView_HandleMouse+0x207
16 0526e444 717171b9 043a1008 00000001 000000f0
COMCTL32!ListView_OnButtonDown+0x19
17 0526e5b4 77e11ef0 0002020c 00000203 00000001
COMCTL32!ListView_WndProc+0x10e7
18 0526e5d4 77e1204c 717160d2 0002020c 00000203
USER32!UserCallWinProc+0x18
19 0526e660 77e121af 0526e6ac 00000000 77e208fb
USER32!DispatchMessageWorker+0x2e4
1a 0526e66c 77e208fb 0526e6ac 00000001 00c2ae08
USER32!DispatchMessageW+0xb
1b 0526e690 77e28189 000201d4 00c2cce8 00020196
USER32!IsDialogMessageW+0x57e
1c 0526e6cc 77e28012 000201d4 00020196 00000010 USER32!DialogBox2+0x14e
1d 0526e6f0 77e282c8 76b30000 00226250 00000000
USER32!InternalDialogBox+0xd1
1e 0526e710 77e35bcf 76b30000 00226250 00020196
USER32!DialogBoxIndirectParamAorW+0x34
1f 0526e730 76b372c7 76b30000 00226250 00020196
USER32!DialogBoxIndirectParamW+0x19
20 0526e77c 76b38097 00000000 00000001 76b35457
comdlg32!NewGetFileName+0x231
21 0526e788 76b35457 0526e840 0526f8f4 043ae1b0
comdlg32!NewGetOpenFileName+0xb
22 0526e808 76b35290 0526e840 76b4188b 00000104
comdlg32!GetFileName+0xcf
23 0526f8d0 76b38089 0526f8f4 76b4188b 0048a124
comdlg32!GenericGetFileNameA+0x42a
24 0526f8dc 0048a124 0526f8f4 0526fcfc 00000001
comdlg32!GetOpenFileNameA+0x20
25 0526fc78 0048d636 00000000 0000037a 00000000
Via3!CMeetingWnd::OnOpenMyComputer+0x198
[c:\viack\via3\src\listener\meetingwnd.cpp @ 1934]
26 0526fca4 004bb09f 00020196 00000111 0000037a
Via3!CMeetingWnd::ProcessWindowMessage+0xac4
[c:\viack\via3\src\listener\meetingwnd.h @ 178]
27 0526fcf4 77e11ef0 04137008 00000111 0000037a
Via3!ATL::CWindowImplBaseTatl::cwindow
>::WindowProc+0x59 [c:\program files\microsoft visual studio .net
2003\vc7\atlmfc\include\atlwin.h @ 3017]
28 0526fd14 77e13869 0017c0d0 00020196 00000111
USER32!UserCallWinProc+0x18
29 0526fd30 77e138ab 00c259e0 00000111 0000037a
USER32!DispatchClientMessage+0x4b
2a 0526fd58 77f9ff57 0526fd68 00000018 00c259e0 USER32!__fnDWORD+0x22
2b 0526fd7c 77e1372b 00020196 00000111 0000037a
ntdll!KiUserCallbackDispatcher+0x13
2c 0526fdb4 77e16015 00c259e0 00000111 0000037a
USER32!SendMessageWorker+0x3a5
2d 0526fdd4 0048daa1 00020196 00000111 0000037a USER32!SendMessageA+0x8c
2e 0526fde8 0048ec19 00000111 0000037a 00000000
Via3!CMenuBar::OnCommand+0x16 [c:\viack\via3\src\listener\menubar.cpp @
1107]
2f 0526fe04 004bb09f 00020192 00000111 0000037a
Via3!CMenuBar::ProcessWindowMessage+0xed
[c:\viack\via3\src\listener\menubar.h @ 76]
30 0526fe54 77e11ef0 04137338 00000111 0000037a
Via3!ATL::CWindowImplBaseTatl::cwindow
>::WindowProc+0x59 [c:\program files\microsoft visual studio .net
2003\vc7\atlmfc\include\atlwin.h @ 3017]
31 0526fe74 77e1204c 0018c200 00020192 00000111
USER32!UserCallWinProc+0x18
32 0526ff00 77e121af 0526ff70 00000000 77e208fb
USER32!DispatchMessageWorker+0x2e4
33 0526ff0c 77e208fb 0526ff70 0526ff70 0526ff78
USER32!DispatchMessageW+0xb
34 0526ff30 77e20f28 00020196 00c25c98 006d2ea0
USER32!IsDialogMessageW+0x57e
35 0526ff54 00474508 00020196 0526ff70 00130000
USER32!IsDialogMessageA+0x131
36 0526ffb4 7c57438b 0002019a 00130000 00188e80
Via3!CMeetingBar::MBarThreadProc+0x16c
[c:\viack\via3\src\listener\meetingbar.cpp @ 838]
37 0526ffec 00000000 0047439c 040e0108 00000000
KERNEL32!BaseThreadStart+0x52

47 Id: 55c.154 Suspend: 1 Teb: 7ff88000 Unfrozen
# ChildEBP RetAddr Args to Child
00 06c1fdf8 77f8822a 00000ab0 00000000 00000000
ntdll!ZwWaitForSingleObject+0xb
01 06c1fe6c 77f8819b 77fd0100 77f83403 77fd0170
ntdll!RtlpWaitForCriticalSection+0x9e
02 06c1fe74 77f83403 77fd0170 7c579869 77f82091
ntdll!RtlEnterCriticalSection+0x46
03 06c1fe7c 7c579869 77f82091 00000000 00000000
ntdll!RtlAcquirePebLock+0xf
04 06c1feb8 7c57a72d 7ff88bf8 00000000 00000018
KERNEL32!BaseGetNamedObjectDirectory+0xf
05 06c1feec 7c581505 a0000000 00000001 7ff88c00 KERNEL32!OpenEventW+0x46
06 06c1ff0c 68c43de0 a0000000 00000001 68c411c0 KERNEL32!OpenEventA+0x68
07 06c1ff54 68c432f5 00000001 06c1ff80 06c1ff78
RAPILIB!GetRapiEventHandle+0x52
08 06c1ffb4 7c57438b 00000000 0205cf7c 75013a28
RAPILIB!ThreadFunction+0x6e
09 06c1ffec 00000000 68c43287 00000000 00000000
KERNEL32!BaseThreadStart+0x52</atl::cwindow></atl::cwindow>

Hello folks.

When does the peb lock get acquired by windows ? How can I prevent
windows from acquiring the peb lock. I have a pseudo FSD using RDBSSLIB
that satisfies file system requests using a user mode process. Is there
a flag I can set using the RDR framework that can prevent windows from
acquiring the PEB lock ?

It seems to me that when my process calls NtOpenFile, the peb lock is
getting acquired. Hence, when I call GetFileAttributes from my process
from another thread, the other thread tries to acquire the peb lock and
hence waits. This results in a deadlock which is what I am trying to
prevent.

I’ll be happy to provide more details if you need them. I’m missing
basic understanding of how peb locks work.Please help throw some light
on this issue. I’ve been struggling with it since a long time and can’t
find an answer to it.

Thanks.

Message> When does the peb lock get acquired by windows ? How can I prevent windows

from acquiring the peb lock. I have a pseudo FSD using
RDBSSLIB that satisfies file system

I guess the problem is not in acquiring PEB lock, but in your filter.

There’s no “flag fo disable PEB lock acquiring”. Basically, locks are acquired
for a reason (usually), you can’t just stop doing it.
Rather try to analyze where in your filter is the problem.

L.