> Subject: Detours + FileMon = XP stucks
From: xxxxx@gmail.com
Date: Thu, 15 Nov 2007 11:25:01 -0500 (EST)
X-Message-Number: 12Hi,
We have a code which virtualizes Registry access using MS Detours
library. > It worked fine for us during about a year.For the last time we’ve added a new functionality hooking
GetProcAddress > > in addition to the Registry-related APIs. After that,
XP running this code > began to hang randomly. It hangs only if
SysInternals FileMon is running. > We find that it doesn’t hang with the
newest FileMon version but still > guess that the problem is ours.We don’t use any device driver, only Detours.
Trying to analyze the problem with remote kernel debugging, we see a >
deadlock between VMwareService.exe and one of the System threads.Our code doesn’t run on one of them and
Deadlock happens on real (not virtual) XP and W2K as well.The deadlock brief is following:
…Thanks,
Igor.
Igor,
Every situation asks personal solution for deadlock solving.
I guess your problem appears, because you call GetProcAddress() from its
stub. Check this idea by blocking part of your code, if you can.
As example, I avoid deadlock for LoadLibrary(W) by blocking 2
interceptions from same thread. It is other possible idea for you. 
Regards,
Michael.