Re: Deadlock on kernel mode thread (IRP_MJ_CREATE hook) waiting for user mode

Dump the stacks of the deadlocked threads with WinDbg and find out who’s
waiting on what and why.

Areana Mere wrote:

Hi,
I created a filter device which hooks create/cleanup requests and wait for
a user mode pool of threads to process that file (fopen/fread/fclose). In
kernel mode I call KeWaitForSingleObject(event1,…) and the event1 is
signaled when the user mode thread finished the job. It works fine, but
sometime the code waits for ever in the kernel mode hook routine (event1
is never signaled), waiting for the user mode thread to finish the job. In
fact, the user mode thread never exits from fopen() call.
Of course, into my hook routine I skip processing the file when I check
the PID of my user mode process, so there is no problem with reentrancy.
What happened and how could this be avoided?
Thanks in advance!

–
Nick Ryan (MVP for DDK)

Hi,

Thanks for the advice. I will do that. I am able now to reproduce the bug,
but still cannot solve it. It happened all the time I want to save an
Microsoft Office file (.doc, .xls). It looks like it is a lock inside the
OS kernel code . I have found that by putting debug trace into all my
called functions.
I noticed that many people use kernel <> user synchronization on
IRP_MJ_CREATE hook routine. Did my problem happened to anybody else?