System crash after driver unloads

When i disable my device from the device manager, my driver unload routine is getting called after all the pnp irp’s. When the unload routine returns, the OS tries to unload my driver module and the system hangs here.

The stack shows: MmGrowKernelStack on top with MmTrimAllsystemPageableMemory.

Can someone tell me where the problem can be?

Giri.

Do you have any separate threads you started in your driver?

-J

At 12:30 AM 3/8/2003, you wrote:

When i disable my device from the device manager, my driver unload routine
is getting called after all the pnp irp’s. When the unload routine
returns, the OS tries to unload my driver module and the system hangs here.

The stack shows: MmGrowKernelStack on top with MmTrimAllsystemPageableMemory.

Can someone tell me where the problem can be?

Giri.

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

yes justin. I start 4 threads from my driver in IRP_MN_START_DEVICE and exit them in IRP_MN_REMOVE_DEVICE.

Regards,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 1:08 AM
Subject: [ntdev] Re: System crash after driver unloads

Do you have any separate threads you started in your driver?

-J

At 12:30 AM 3/8/2003, you wrote:

When i disable my device from the device manager, my driver unload routine is getting called after all the pnp irp’s. When the unload routine returns, the OS tries to unload my driver module and the system hangs here.

The stack shows: MmGrowKernelStack on top with MmTrimAllsystemPageableMemory.

Can someone tell me where the problem can be?

Giri.

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

I would be curios to see the mechanism that you use to verify your threads
have terminated before unloading. I ran into a very similar problem early
on. The book I used said wait on an event semaphore set at the end of the
thread (only works for Win9x), but in 2K xp you cannot do that… you
must wait on an object to the thread handle. Is that any help? I can
elaborate if this has any bearing on your troubles…

-Justin

At 08:31 PM 3/8/2003, you wrote:

yes justin. I start 4 threads from my driver in IRP_MN_START_DEVICE and
exit them in IRP_MN_REMOVE_DEVICE.

Regards,
Giri.
----- Original Message -----
From: mailto:zeppelinJustin Frodsham
>To: mailto:xxxxxNT Developers Interest List
>Sent: Sunday, March 09, 2003 1:08 AM
>Subject: [ntdev] Re: System crash after driver unloads
>
>Do you have any separate threads you started in your driver?
>
>-J
>
>At 12:30 AM 3/8/2003, you wrote:
>>When i disable my device from the device manager, my driver unload
>>routine is getting called after all the pnp irp’s. When the unload
>>routine returns, the OS tries to unload my driver module and the system
>>hangs here.
>>
>>The stack shows: MmGrowKernelStack on top with
>>MmTrimAllsystemPageableMemory.
>>
>>Can someone tell me where the problem can be?
>>
>>Giri.
>>—
>>You are currently subscribed to ntdev as: zeppelin@io.com
>>To unsubscribe send a blank email to xxxxx@lists.osr.com
>—
>You are currently subscribed to ntdev as: xxxxx@sasken.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>—
>You are currently subscribed to ntdev as: zeppelin@io.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com</mailto:xxxxx></mailto:zeppelin>

Actually… after re-reading your symptoms, I am not sure I have any
useful information for you.

-Justin

At 08:31 PM 3/8/2003, you wrote:

yes justin. I start 4 threads from my driver in IRP_MN_START_DEVICE and
exit them in IRP_MN_REMOVE_DEVICE.

Regards,
Giri.
----- Original Message -----
From: mailto:zeppelinJustin Frodsham
>To: mailto:xxxxxNT Developers Interest List
>Sent: Sunday, March 09, 2003 1:08 AM
>Subject: [ntdev] Re: System crash after driver unloads
>
>Do you have any separate threads you started in your driver?
>
>-J
>
>At 12:30 AM 3/8/2003, you wrote:
>>When i disable my device from the device manager, my driver unload
>>routine is getting called after all the pnp irp’s. When the unload
>>routine returns, the OS tries to unload my driver module and the system
>>hangs here.
>>
>>The stack shows: MmGrowKernelStack on top with
>>MmTrimAllsystemPageableMemory.
>>
>>Can someone tell me where the problem can be?
>>
>>Giri.
>>—
>>You are currently subscribed to ntdev as: zeppelin@io.com
>>To unsubscribe send a blank email to xxxxx@lists.osr.com
>—
>You are currently subscribed to ntdev as: xxxxx@sasken.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>—
>You are currently subscribed to ntdev as: zeppelin@io.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com</mailto:xxxxx></mailto:zeppelin>

Hi Justin,
I have a termination event object (KEVENT) associated with each thread. When i get IRP_MN_REMOVE device i instruct the threads to exit via a variable (whose value the threads will be iteratively checking).

Signalling termination (K)events happens to be the last but one statement in each threads function and the last statement is PsTerminateSystemThread which is sometimes not getting executed before the module is paged out

Did a work-around by KeDelayExecutionThread in the IRP_MN_REMOVE_DEVICE thread. Is there an elegant solution…what abt waiting on the thread handle to disappear? How do we implement that?

cheers,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 5:28 PM
Subject: [ntdev] Re: System crash after driver unloads

I would be curios to see the mechanism that you use to verify your threads have terminated before unloading. I ran into a very similar problem early on. The book I used said wait on an event semaphore set at the end of the thread (only works for Win9x), but in 2K xp you cannot do that… you must wait on an object to the thread handle. Is that any help? I can elaborate if this has any bearing on your troubles…

-Justin

At 08:31 PM 3/8/2003, you wrote:

yes justin. I start 4 threads from my driver in IRP_MN_START_DEVICE and exit them in IRP_MN_REMOVE_DEVICE.

Regards,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 1:08 AM
Subject: [ntdev] Re: System crash after driver unloads

Do you have any separate threads you started in your driver?

-J

At 12:30 AM 3/8/2003, you wrote:
When i disable my device from the device manager, my driver unload routine is getting called after all the pnp irp’s. When the unload routine returns, the OS tries to unload my driver module and the system hangs here.

The stack shows: MmGrowKernelStack on top with MmTrimAllsystemPageableMemory.

Can someone tell me where the problem can be?

Giri.

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

threads are waitable objects. Just call
KeWaitFor[Single|Multiple]Object on the thread object(s) from your
remove routine. The kernel will signal the thread object after the
thread terminates. You would then release the reference you took on the
thread object at creation in your remove routine and continue with the
unload process.

-p

From: Seshagiri Babu K V [mailto:xxxxx@sasken.com]
Sent: Monday, March 10, 2003 7:21 AM
To: NT Developers Interest List

Hi Justin,
I have a termination event object (KEVENT) associated with each thread.
When i get IRP_MN_REMOVE device i instruct the threads to exit via a
variable (whose value the threads will be iteratively checking).

Signalling termination (K)events happens to be the last but one
statement in each threads function and the last statement is
PsTerminateSystemThread which is sometimes not getting executed before
the module is paged out

Did a work-around by KeDelayExecutionThread in the IRP_MN_REMOVE_DEVICE
thread. Is there an elegant solution…what abt waiting on the thread
handle to disappear? How do we implement that?

cheers,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 5:28 PM
Subject: [ntdev] Re: System crash after driver unloads

I would be curios to see the mechanism that you use to verify your
threads have terminated before unloading. I ran into a very similar
problem early on. The book I used said wait on an event semaphore set
at the end of the thread (only works for Win9x), but in 2K xp you cannot
do that… you must wait on an object to the thread handle. Is that
any help? I can elaborate if this has any bearing on your troubles…

-Justin

At 08:31 PM 3/8/2003, you wrote:

yes justin. I start 4 threads from my driver in IRP_MN_START_DEVICE and
exit them in IRP_MN_REMOVE_DEVICE.

Regards,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 1:08 AM
Subject: [ntdev] Re: System crash after driver unloads

Do you have any separate threads you started in your driver?

-J

At 12:30 AM 3/8/2003, you wrote:
When i disable my device from the device manager, my driver unload
routine is getting called after all the pnp irp’s. When the unload
routine returns, the OS tries to unload my driver module and the system
hangs here.
The stack shows: MmGrowKernelStack on top with
MmTrimAllsystemPageableMemory.
Can someone tell me where the problem can be?
Giri.

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Out of curiosity, do you know if it’s possible to WaitForSingleObject() for
a thread’s completion in user-mode too?

Mat

-----Original Message-----
From: Peter Wieland [mailto:xxxxx@windows.microsoft.com]
Sent: Monday, March 10, 2003 1:31 PM
To: NT Developers Interest List
Subject: [ntdev] Re: System crash after driver unloads

threads are waitable objects. Just call
KeWaitFor[Single|Multiple]Object on the thread object(s) from your
remove routine. The kernel will signal the thread object after the
thread terminates. You would then release the reference you took on the
thread object at creation in your remove routine and continue with the
unload process.

-p

From: Seshagiri Babu K V [mailto:xxxxx@sasken.com]
Sent: Monday, March 10, 2003 7:21 AM
To: NT Developers Interest List

Hi Justin,
I have a termination event object (KEVENT) associated with each thread.
When i get IRP_MN_REMOVE device i instruct the threads to exit via a
variable (whose value the threads will be iteratively checking).

Signalling termination (K)events happens to be the last but one
statement in each threads function and the last statement is
PsTerminateSystemThread which is sometimes not getting executed before
the module is paged out

Did a work-around by KeDelayExecutionThread in the IRP_MN_REMOVE_DEVICE
thread. Is there an elegant solution…what abt waiting on the thread
handle to disappear? How do we implement that?

cheers,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 5:28 PM
Subject: [ntdev] Re: System crash after driver unloads

I would be curios to see the mechanism that you use to verify your
threads have terminated before unloading. I ran into a very similar
problem early on. The book I used said wait on an event semaphore set
at the end of the thread (only works for Win9x), but in 2K xp you cannot
do that… you must wait on an object to the thread handle. Is that
any help? I can elaborate if this has any bearing on your troubles…

-Justin

At 08:31 PM 3/8/2003, you wrote:

yes justin. I start 4 threads from my driver in IRP_MN_START_DEVICE and
exit them in IRP_MN_REMOVE_DEVICE.

Regards,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 1:08 AM
Subject: [ntdev] Re: System crash after driver unloads

Do you have any separate threads you started in your driver?

-J

At 12:30 AM 3/8/2003, you wrote:
When i disable my device from the device manager, my driver unload
routine is getting called after all the pnp irp’s. When the unload
routine returns, the OS tries to unload my driver module and the system
hangs here.
The stack shows: MmGrowKernelStack on top with
MmTrimAllsystemPageableMemory.
Can someone tell me where the problem can be?
Giri.

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@guillemot.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Definitely. I’ve done it.

Aaron Stavens
Senior Software Engineer
NetMotion Wireless, Inc.

-----Original Message-----
From: Mathieu Routhier [mailto:xxxxx@guillemot.com]
Sent: Monday, March 10, 2003 10:34 AM
To: NT Developers Interest List
Subject: [ntdev] Re: System crash after driver unloads

Out of curiosity, do you know if it’s possible to WaitForSingleObject() for
a thread’s completion in user-mode too?

Mat

-----Original Message-----
From: Peter Wieland [mailto:xxxxx@windows.microsoft.com]
Sent: Monday, March 10, 2003 1:31 PM
To: NT Developers Interest List
Subject: [ntdev] Re: System crash after driver unloads

threads are waitable objects. Just call
KeWaitFor[Single|Multiple]Object on the thread object(s) from your
remove routine. The kernel will signal the thread object after the
thread terminates. You would then release the reference you took on the
thread object at creation in your remove routine and continue with the
unload process.

-p

From: Seshagiri Babu K V [mailto:xxxxx@sasken.com]
Sent: Monday, March 10, 2003 7:21 AM
To: NT Developers Interest List

Hi Justin,
I have a termination event object (KEVENT) associated with each thread.
When i get IRP_MN_REMOVE device i instruct the threads to exit via a
variable (whose value the threads will be iteratively checking).

Signalling termination (K)events happens to be the last but one
statement in each threads function and the last statement is
PsTerminateSystemThread which is sometimes not getting executed before
the module is paged out

Did a work-around by KeDelayExecutionThread in the IRP_MN_REMOVE_DEVICE
thread. Is there an elegant solution…what abt waiting on the thread
handle to disappear? How do we implement that?

cheers,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 5:28 PM
Subject: [ntdev] Re: System crash after driver unloads

I would be curios to see the mechanism that you use to verify your
threads have terminated before unloading. I ran into a very similar
problem early on. The book I used said wait on an event semaphore set
at the end of the thread (only works for Win9x), but in 2K xp you cannot
do that… you must wait on an object to the thread handle. Is that
any help? I can elaborate if this has any bearing on your troubles…

-Justin

At 08:31 PM 3/8/2003, you wrote:

yes justin. I start 4 threads from my driver in IRP_MN_START_DEVICE and
exit them in IRP_MN_REMOVE_DEVICE.

Regards,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 1:08 AM
Subject: [ntdev] Re: System crash after driver unloads

Do you have any separate threads you started in your driver?

-J

At 12:30 AM 3/8/2003, you wrote:
When i disable my device from the device manager, my driver unload
routine is getting called after all the pnp irp’s. When the unload
routine returns, the OS tries to unload my driver module and the system
hangs here.
The stack shows: MmGrowKernelStack on top with
MmTrimAllsystemPageableMemory.
Can someone tell me where the problem can be?
Giri.

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@guillemot.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@nmwco.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

yes

-----Original Message-----
From: Mathieu Routhier [mailto:xxxxx@guillemot.com]
Sent: Monday, March 10, 2003 10:34 AM
To: NT Developers Interest List

Out of curiosity, do you know if it’s possible to
WaitForSingleObject() for a thread’s completion in user-mode too?

Mat

-----Original Message-----
From: Peter Wieland [mailto:xxxxx@windows.microsoft.com]
Sent: Monday, March 10, 2003 1:31 PM
To: NT Developers Interest List
Subject: [ntdev] Re: System crash after driver unloads

threads are waitable objects. Just call
KeWaitFor[Single|Multiple]Object on the thread object(s) from
your remove routine. The kernel will signal the thread
object after the thread terminates. You would then release
the reference you took on the thread object at creation in
your remove routine and continue with the unload process.

-p

From: Seshagiri Babu K V [mailto:xxxxx@sasken.com]
Sent: Monday, March 10, 2003 7:21 AM
To: NT Developers Interest List

Hi Justin,
I have a termination event object (KEVENT) associated with
each thread.
When i get IRP_MN_REMOVE device i instruct the threads to exit via a
variable (whose value the threads will be iteratively checking).

Signalling termination (K)events happens to be the last but one
statement in each threads function and the last statement is
PsTerminateSystemThread which is sometimes not getting executed before
the module is paged out

Did a work-around by KeDelayExecutionThread in the
IRP_MN_REMOVE_DEVICE
thread. Is there an elegant solution…what abt waiting on the thread
handle to disappear? How do we implement that?

cheers,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 5:28 PM
Subject: [ntdev] Re: System crash after driver unloads

I would be curios to see the mechanism that you use to verify your
threads have terminated before unloading. I ran into a very similar
problem early on. The book I used said wait on an event semaphore set
at the end of the thread (only works for Win9x), but in 2K xp
you cannot
do that… you must wait on an object to the thread handle. Is that
any help? I can elaborate if this has any bearing on your
troubles…

-Justin

At 08:31 PM 3/8/2003, you wrote:

yes justin. I start 4 threads from my driver in
IRP_MN_START_DEVICE and
exit them in IRP_MN_REMOVE_DEVICE.

Regards,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 1:08 AM
Subject: [ntdev] Re: System crash after driver unloads

Do you have any separate threads you started in your driver?

-J

At 12:30 AM 3/8/2003, you wrote:
When i disable my device from the device manager, my driver unload
routine is getting called after all the pnp irp’s. When the unload
routine returns, the OS tries to unload my driver module and
the system
hangs here.
The stack shows: MmGrowKernelStack on top with
MmTrimAllsystemPageableMemory.
Can someone tell me where the problem can be?
Giri.

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

---

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

---

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

---

You are currently subscribed to ntdev as: xxxxx@guillemot.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

---

You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Peter Wieland wrote:

threads are waitable objects. Just call
KeWaitFor[Single|Multiple]Object on the thread object(s) from your
remove routine. The kernel will signal the thread object after the
thread terminates. You would then release the reference you took on the
thread object at creation in your remove routine and continue with the
unload process.

I don’t know if it matters to the original poster here, but kernel
threads are *not* waitable in 98/Me. The POLLING sample in my WDM books
shows how to wait for the thread to terminate in both environments.

–
Walter Oney, Consulting and Training
Basic and Advanced Driver Programming Seminars
Now teaming with John Hyde for USB Device Engineering Seminars
Check out our schedule at http://www.oneysoft.com

Try something like this (error checking omitted):

Start thread:
InitializeObjectAttributes( &objAttrib, NULL, OBJ_KERNEL_HANDLE, NULL, NULL );
PsCreateSystemThread(&ThreadHandle,THREAD_ALL_ACCESS,&objAttrib,NULL,NULL,ThreadFunc,NULL);

ObReferenceObjectByHandle(ThreadHandle, THREAD_ALL_ACCESS, NULL,
KernelMode, &ThreadObjPtr, NULL);

Wait for termination:
KeWaitForSingleObject( ThreadObjPtr, Executive, KernelMode, FALSE, NULL);
ObDereferenceObject(ThreadObjPtr);

-Justin

At 05:21 AM 3/10/2003, you wrote:

Hi Justin,
I have a termination event object (KEVENT) associated with each thread.
When i get IRP_MN_REMOVE device i instruct the threads to exit via a
variable (whose value the threads will be iteratively checking).

Signalling termination (K)events happens to be the last but one
statement in each threads function and the last statement is
PsTerminateSystemThread which is sometimes not getting executed before
the module is paged out

Did a work-around by KeDelayExecutionThread in the IRP_MN_REMOVE_DEVICE
thread. Is there an elegant solution…what abt waiting on the thread
handle to disappear? How do we implement that?

cheers,
Giri.
----- Original Message -----
From: mailto:zeppelinJustin Frodsham
>To: mailto:xxxxxNT Developers Interest List
>Sent: Sunday, March 09, 2003 5:28 PM
>Subject: [ntdev] Re: System crash after driver unloads
>
>I would be curios to see the mechanism that you use to verify your threads
>have terminated before unloading. I ran into a very similar problem early
>on. The book I used said wait on an event semaphore set at the end of the
>thread (only works for Win9x), but in 2K xp you cannot do that… you
>must wait on an object to the thread handle. Is that any help? I can
>elaborate if this has any bearing on your troubles…
>
>-Justin
>
>
>
>At 08:31 PM 3/8/2003, you wrote:
>>yes justin. I start 4 threads from my driver in IRP_MN_START_DEVICE and
>>exit them in IRP_MN_REMOVE_DEVICE.
>>
>>Regards,
>>Giri.
>>----- Original Message -----
>>From: mailto:zeppelinJustin Frodsham
>>To: mailto:xxxxxNT Developers Interest List
>>Sent: Sunday, March 09, 2003 1:08 AM
>>Subject: [ntdev] Re: System crash after driver unloads
>>
>>Do you have any separate threads you started in your driver?
>>
>>-J
>>
>>At 12:30 AM 3/8/2003, you wrote:
>>>When i disable my device from the device manager, my driver unload
>>>routine is getting called after all the pnp irp’s. When the unload
>>>routine returns, the OS tries to unload my driver module and the system
>>>hangs here.
>>>The stack shows: MmGrowKernelStack on top with
>>>MmTrimAllsystemPageableMemory.
>>>Can someone tell me where the problem can be?
>>>Giri.
>>>—
>>>You are currently subscribed to ntdev as: zeppelin@io.com
>>>To unsubscribe send a blank email to xxxxx@lists.osr.com
>>—
>>You are currently subscribed to ntdev as: xxxxx@sasken.com
>>To unsubscribe send a blank email to xxxxx@lists.osr.com
>>—
>>You are currently subscribed to ntdev as: zeppelin@io.com
>>To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>—
>You are currently subscribed to ntdev as: xxxxx@sasken.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>—
>You are currently subscribed to ntdev as: zeppelin@io.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com</mailto:xxxxx></mailto:zeppelin></mailto:xxxxx></mailto:zeppelin>

you’ve omitted the close of ThreadHandle. This could be done any time
after referencing the object by handle.

-p

From: Justin Frodsham [mailto:zeppelin@io.com]
Sent: Monday, March 10, 2003 12:41 PM
To: NT Developers Interest List

Try something like this (error checking omitted):

Start thread:
InitializeObjectAttributes( &objAttrib, NULL, OBJ_KERNEL_HANDLE, NULL,
NULL );
PsCreateSystemThread(&ThreadHandle,THREAD_ALL_ACCESS,&objAttrib,NULL,NUL
L,ThreadFunc,NULL);
ObReferenceObjectByHandle(ThreadHandle, THREAD_ALL_ACCESS, NULL,
KernelMode, &ThreadObjPtr, NULL);

Wait for termination:
KeWaitForSingleObject( ThreadObjPtr, Executive, KernelMode, FALSE,
NULL);
ObDereferenceObject(ThreadObjPtr);

-Justin

At 05:21 AM 3/10/2003, you wrote:

Hi Justin,
I have a termination event object (KEVENT) associated with each thread.
When i get IRP_MN_REMOVE device i instruct the threads to exit via a
variable (whose value the threads will be iteratively checking).

Signalling termination (K)events happens to be the last but one
statement in each threads function and the last statement is
PsTerminateSystemThread which is sometimes not getting executed before
the module is paged out

Did a work-around by KeDelayExecutionThread in the IRP_MN_REMOVE_DEVICE
thread. Is there an elegant solution…what abt waiting on the thread
handle to disappear? How do we implement that?

cheers,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 5:28 PM
Subject: [ntdev] Re: System crash after driver unloads

I would be curios to see the mechanism that you use to verify your
threads have terminated before unloading. I ran into a very similar
problem early on. The book I used said wait on an event semaphore set
at the end of the thread (only works for Win9x), but in 2K xp you cannot
do that… you must wait on an object to the thread handle. Is that
any help? I can elaborate if this has any bearing on your troubles…

-Justin

At 08:31 PM 3/8/2003, you wrote:
yes justin. I start 4 threads from my driver in IRP_MN_START_DEVICE and
exit them in IRP_MN_REMOVE_DEVICE.
Regards,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 1:08 AM
Subject: [ntdev] Re: System crash after driver unloads

Do you have any separate threads you started in your driver?

-J

At 12:30 AM 3/8/2003, you wrote:
When i disable my device from the device manager, my driver unload
routine is getting called after all the pnp irp’s. When the unload
routine returns, the OS tries to unload my driver module and the system
hangs here.
The stack shows: MmGrowKernelStack on top with
MmTrimAllsystemPageableMemory.
Can someone tell me where the problem can be?
Giri.

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Quite correct… thanks for pointing that out.

-Justin

At 12:41 PM 3/10/2003, you wrote:

you’ve omitted the close of ThreadHandle. This could be done any time
after referencing the object by handle.

-p

From: Justin Frodsham [mailto:zeppelin@io.com]
Sent: Monday, March 10, 2003 12:41 PM
To: NT Developers Interest List

Try something like this (error checking omitted):

Start thread:
InitializeObjectAttributes( &objAttrib, NULL, OBJ_KERNEL_HANDLE, NULL,
NULL );
PsCreateSystemThread(&ThreadHandle,THREAD_ALL_ACCESS,&objAttrib,NULL,NUL
L,ThreadFunc,NULL);
ObReferenceObjectByHandle(ThreadHandle, THREAD_ALL_ACCESS, NULL,
KernelMode, &ThreadObjPtr, NULL);

Wait for termination:
KeWaitForSingleObject( ThreadObjPtr, Executive, KernelMode, FALSE,
NULL);
ObDereferenceObject(ThreadObjPtr);

-Justin

At 05:21 AM 3/10/2003, you wrote:

Hi Justin,
I have a termination event object (KEVENT) associated with each thread.
When i get IRP_MN_REMOVE device i instruct the threads to exit via a
variable (whose value the threads will be iteratively checking).

Signalling termination (K)events happens to be the last but one
statement in each threads function and the last statement is
PsTerminateSystemThread which is sometimes not getting executed before
the module is paged out

Did a work-around by KeDelayExecutionThread in the IRP_MN_REMOVE_DEVICE
thread. Is there an elegant solution…what abt waiting on the thread
handle to disappear? How do we implement that?

cheers,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 5:28 PM
Subject: [ntdev] Re: System crash after driver unloads

I would be curios to see the mechanism that you use to verify your
threads have terminated before unloading. I ran into a very similar
problem early on. The book I used said wait on an event semaphore set
at the end of the thread (only works for Win9x), but in 2K xp you cannot
do that… you must wait on an object to the thread handle. Is that
any help? I can elaborate if this has any bearing on your troubles…

-Justin

At 08:31 PM 3/8/2003, you wrote:
yes justin. I start 4 threads from my driver in IRP_MN_START_DEVICE and
exit them in IRP_MN_REMOVE_DEVICE.
Regards,
Giri.
----- Original Message -----
From: Justin Frodsham
To: NT Developers Interest List
Sent: Sunday, March 09, 2003 1:08 AM
Subject: [ntdev] Re: System crash after driver unloads

Do you have any separate threads you started in your driver?

-J

At 12:30 AM 3/8/2003, you wrote:
When i disable my device from the device manager, my driver unload
routine is getting called after all the pnp irp’s. When the unload
routine returns, the OS tries to unload my driver module and the system
hangs here.
The stack shows: MmGrowKernelStack on top with
MmTrimAllsystemPageableMemory.
Can someone tell me where the problem can be?
Giri.

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

---

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

---

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

---

You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

---

You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

As Peter Wieland pointed out I left out the close of the handle, it is
correct below:

Start thread:
InitializeObjectAttributes( &objAttrib, NULL, OBJ_KERNEL_HANDLE, NULL, NULL );
PsCreateSystemThread(&ThreadHandle,THREAD_ALL_ACCESS,&objAttrib,NULL,NULL,ThreadFunc,NULL);

ObReferenceObjectByHandle(ThreadHandle, THREAD_ALL_ACCESS, NULL,
KernelMode, &ThreadObjPtr, NULL);
ZwClose(ThreadHandle);

Wait for termination:
KeWaitForSingleObject( ThreadObjPtr, Executive, KernelMode, FALSE, NULL);
ObDereferenceObject(ThreadObjPtr);

-Justin

At 05:21 AM 3/10/2003, you wrote:

Hi Justin,
I have a termination event object (KEVENT) associated with each thread.
When i get IRP_MN_REMOVE device i instruct the threads to exit via a
variable (whose value the threads will be iteratively checking).

Signalling termination (K)events happens to be the last but one
statement in each threads function and the last statement is
PsTerminateSystemThread which is sometimes not getting executed before
the module is paged out

Did a work-around by KeDelayExecutionThread in the IRP_MN_REMOVE_DEVICE
thread. Is there an elegant solution…what abt waiting on the thread
handle to disappear? How do we implement that?

cheers,
Giri.
----- Original Message -----
From: mailto:zeppelinJustin Frodsham
>To: mailto:xxxxxNT Developers Interest List
>Sent: Sunday, March 09, 2003 5:28 PM
>Subject: [ntdev] Re: System crash after driver unloads
>
>I would be curios to see the mechanism that you use to verify your threads
>have terminated before unloading. I ran into a very similar problem early
>on. The book I used said wait on an event semaphore set at the end of the
>thread (only works for Win9x), but in 2K xp you cannot do that… you
>must wait on an object to the thread handle. Is that any help? I can
>elaborate if this has any bearing on your troubles…
>
>-Justin
>
>
>
>
>
>At 08:31 PM 3/8/2003, you wrote:
>>yes justin. I start 4 threads from my driver in IRP_MN_START_DEVICE and
>>exit them in IRP_MN_REMOVE_DEVICE.
>>
>>Regards,
>>Giri.
>>----- Original Message -----
>>From: mailto:zeppelinJustin Frodsham
>>To: mailto:xxxxxNT Developers Interest List
>>Sent: Sunday, March 09, 2003 1:08 AM
>>Subject: [ntdev] Re: System crash after driver unloads
>>
>>Do you have any separate threads you started in your driver?
>>
>>-J
>>
>>At 12:30 AM 3/8/2003, you wrote:
>>>When i disable my device from the device manager, my driver unload
>>>routine is getting called after all the pnp irp’s. When the unload
>>>routine returns, the OS tries to unload my driver module and the system
>>>hangs here.
>>>The stack shows: MmGrowKernelStack on top with
>>>MmTrimAllsystemPageableMemory.
>>>Can someone tell me where the problem can be?
>>>Giri.
>>>—
>>>You are currently subscribed to ntdev as: zeppelin@io.com
>>>To unsubscribe send a blank email to xxxxx@lists.osr.com
>>—
>>You are currently subscribed to ntdev as: xxxxx@sasken.com
>>To unsubscribe send a blank email to xxxxx@lists.osr.com
>>
>>—
>>You are currently subscribed to ntdev as: zeppelin@io.com
>>To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>—
>You are currently subscribed to ntdev as: xxxxx@sasken.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>—
>You are currently subscribed to ntdev as: zeppelin@io.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com</mailto:xxxxx></mailto:zeppelin></mailto:xxxxx></mailto:zeppelin>