User Thread / Kernel Thread

As per the book Abraham Silberschatz, Greg Gagne, and Peter Baer Galvin, "Operating System Concepts, Ninth Edition ", Chapter 4 :

4.3.2 One-To-One Model

The one-to-one model creates a separate kernel thread to handle each user thread.
One-to-one model overcomes the problems listed above involving blocking system calls and the splitting of processes across multiple CPUs.
However the overhead of managing the one-to-one model is more significant, involving more overhead and slowing down the system.
Most implementations of this model place a limit on how many threads can be created.
Linux and Windows from 95 to XP implement the one-to-one model for threads.

I would like to know

1. Whether windows really creates a kernel thread for each user mode thread? Or it has a limitation on how many threads can be created in Kernel mode?

2. Only kernel mode threads are scheduled by the os scheduler or all threads irrespective of whether they are user or kernel are scheduled by the os scheduler?

3. Does context switching among kernel threads takes longer than context switching among user mode threads. If yes , why?

There is no such thing as “user-only thread” under Windows NT since its inception…

This concept existed under Solaris and early Linux . Under this model, kernel is kept bliss fully unaware of
threads in the user space - from its perspective the only scheduleable units of execution are processes, and all thread scheduling is done in the userland. Under Windows (as well as under modern Linux and Solaris)
every thread that has its userland representation also has its kernel-level structure and is scheduled by the kernel. Although this approach, indeed, consumes memory and may have its overhead when it comes to thread creation (and, depending on the efficiency of the kernel dispatcher that does not be that high under Windows NT, possibly scheduling and synchronization), its benefits far outweigh all the possible drawbacks…

What Windows does have is the concept of a Win32 fiber,which is the equivalent of userland-only thread. To be honest, I have never encountered them in practice - they don’t seem to be that popular among the programmers…

Anton Bassov

Thanks Anton for your quick explanation.

As per the Galvin book “Win32 also provides the fiber library, which supports the many-to-many model.”

So apart from providing userland-only thread, the mapping with kernel level thread (by creating the kernel-level structure )is not 1:1 in the case of fibers. Is my understanding correct?

Correct. Fibers are N:1 real thread. Fibers was an interesting idea (as with the user mode scheduler) whose real world effectiveness and utility were near zero and are not really worth the complexity or time it takes to get them correct .

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@gmail.com
Sent: Thursday, October 03, 2013 11:41 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] User Thread / Kernel Thread

Thanks Anton for your quick explanation.

As per the Galvin book “Win32 also provides the fiber library, which supports the many-to-many model.”

So apart from providing userland-only thread, the mapping with kernel level thread (by creating the kernel-level structure )is not 1:1 in the case of fibers. Is my understanding correct?

NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

As far as the kernel is concerned, fibers do not exist. They are
implemented entirely by a user-level run-time library; I have
single-stepped through it many times to understand how fibers were
implemented. Many fibers can run within a single thread. It is a
low-overhead non-preemptive means of partitioning computations, and is
noted for the fact that fibers do not require inter-fiber synchronization
if they all run in the same thread. Fivers have two main strengths (a)
code written in a non-preemptive thread model can be easily ported to
Windows, and (b) they provide a lightweight way to partition code.
Related to (a) is the fact that since a fiber cannot execut in parallel
with another fiber within the same thread that synchronization between two
such fibers is not required, which can simplify some programming and
reduce the kernel overhead required for a mutex, or even for a
CRITICAL_SECTION. Note that fibers which run within different threads
still require inter-thread synchronization.
joe

Thanks Anton for your quick explanation.

As per the Galvin book “Win32 also provides the fiber library, which
supports the many-to-many model.”

So apart from providing userland-only thread, the mapping with kernel
level thread (by creating the kernel-level structure )is not 1:1 in the
case of fibers. Is my understanding correct?

---

NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

So with all the above explanations, I have drawn some conclusions and some more doubts/queries have come up in my mind :

1. Whether windows really creates a kernel thread for each user mode thread?
   -> Yes , windows creates a kernel thread for each user thread.

2. Is there any limitation on the number of threads that can exist in Kernel mode?
   ->

3. Only kernel mode threads are scheduled by the os scheduler or all threads
   irrespective of whether they are user or kernel are scheduled by the os
   scheduler?
   -> Since there is 1:1 mapping , we can say all threads are scheduled by the OS

4. Does context switching among kernel threads takes longer than context
   switching among user mode threads. If yes , why?
   ->

Some more queries:
5. If each user thread has its own mapped kernel thread, then why some driver routines can run in arbitrary thread context?The corresponding dispatch routines of CreateFile, ReadFile, WriteFile , IOCTLs should always run in non-arbitrary thread context? Any completion routine of any IRP can be called in arbitrary thread context? But when the driver has a kernel mode thread for itself , which is associated/mapped to its user mode thread , why arbitrary thread comes into picture?

I am confused …
->

6. each user thread has its own mapped kernel thread but the reverse might not be true, i.e. Each kernel thread may not have a mapped user mode thread?

7. What are kernel-only threads? Does that mean that they don’t have any user mode representation.
   So does that mean threads can exist without any process associated to it?

> As per the book Abraham Silberschatz, Greg Gagne, and Peter Baer Galvin,
"Operating System Concepts, Ninth Edition ", Chapter 4 :

4.3.2 One-To-One Model

The one-to-one model creates a separate kernel thread to handle each
user
thread.
One-to-one model overcomes the problems listed above involving blocking
system calls and the splitting of processes across multiple CPUs.
However the overhead of managing the one-to-one model is more
significant,
involving more overhead and slowing down the system.
Most implementations of this model place a limit on how many threads can
be created.
Linux and Windows from 95 to XP implement the one-to-one model for threads.

I would like to know

1. Whether windows really creates a kernel thread for each user mode
   thread? Or it has a limitation on how many threads can be created in
   Kernel mode?

Back in the old MFC group, someone ranted on about how he could not even
remotely consider Windows because of its 64-thread restriction. Fifteen
minutes later, I had an app that created 10,000 threads. I posted the
code to demonstrate beyond any shadow of a double that the OP in this
thread was a complete idiot.

There may be a limit on the number of threads possible. In user space,
the CreateThread call takes a parameter which is the stack depth of the
thread’s stack. Since the default stack depth is a megabyte, this limits
the number of threads a process can create if it just uses the default.
If, however, you give a reasonable size to the stacks, and don’t do silly
things like declaring massive C arrays as local variables (std::vector and
MFC’s CArray don’t count, because the arrays themselves are created on the
heap), you can decrease the size to something much smaller-for example,
64K-which allows you to create many more threads. So the limit for a
given process is based upon two factors (a) the per-process handle limit
and (b) the amount of address space required to hold the stacks. On
Win64, the chance of running out of stack space begins to approach 0 for
any sized stack, which means it is limited by the handle limit. I have
not tried the experiment of creating a thread and immediately closing its
handle to see if I can create more threads than the handle limit.

In the kernel, stacks for threads are very small–I think around 8K or
so–so in general you can ignore this limit as part of thread creation
(but don’t write functions with massive local variable consumption or
highly-recursive functions unless you are willing to create your own
thread with a much larger stack). Address space will be likely to be the
limiting factor.

As already pointed out, there has never been, in the entire history of
Windows, even the MS-DOS versions such as Win95, a concept of 1:1 for
“user threads” and “kernel threads” and the author of that sentence
probably never once actually RTFM for Windows, but based it on some urban
myth.

2. Only kernel mode threads are scheduled by the os scheduler or all
   threads irrespective of whether they are user or kernel are scheduled by
   the os scheduler?

Since there is only one kind of thread, used everywhere, the scheduler
schedules threads. They may be “user” threads, that is, threads created
by CreateProcess or subsequent CreateThread calls, or “kernel” threads,
created by PsCreateThread by kernel components such as drivers, but
ultimately there is exactly one kind of thread from the viewpoint of the
scheduler. It is an equal-opportunity scheduler; tt schedules them
without regard to race, ethnicity, religion, gender identification or
kernel/user beliefs. (To be fair, it does consider thread priority). To
the scheduler, all threads are the same.

3. Does context switching among kernel threads takes longer than context
   switching among user mode threads. If yes , why?

Since there is only one kind of thread, there is no distinquished issue of
cost. Note the answers you received about fibers, which are a
non-preemptive thread-like illusion implemented by a user-level library.
Inter-fiber “scheduling” is entirely a user-level concept and involves a
very tiny amount of context, specifically, the non-volatile registers (as
defined by the general languge interface standards implemented by the C
compiler).

Generally, you have to take the opinions of anyone who heard about
Windows, but never used it, with a grain of salt. In this case, however,
I would recommend buying your salt in 50-lb (22.6-kg) containers. The
author is so far off-base with this silly characterization that you can
probably safely ignore anything else the book says about Windows. It is
just as likely to be equivalently inaccurate.

There is absolutely zero reason for you to be concerned with the “1:1”
model since, in Windows, the concept does not exist. Note that fibers do
not exist as far as the scheduler is concerned.

As also pointed out, the use of fibers is rare. We had only one case: we
had to simulate the behavior of a non-preemptive embedded operating system
on a remote device in terms of how we communicated to the remote device
from our app. In over 20 years of Windows programming, that’s the only
time I’ve really needed them. Your Mileage May Vary. So it is
nonsensical to even think about a “1:1” model in terms of a user-library
fiction.

I have an example of programming fibers which I can send you; send me
private email. It is a conceptual demo which I gave out as part of my
Advanced Systems Programming course.

Note that when a user-level thread calls the kernel, the “user-level”
thread becomes, just by changing a few registers, a “kernel-level” thread,
with access to the kernel address space and the ability to execute certain
instructions (such as I/O and memory-map-management instructions, to name
a few). The scheduler still sees the same thread, and if you spend too
much time in it, or were called very close to the time-slice-end, then the
scheduler deschedules the thread without regard to its ethinicity, race,
etc. Generally, as driver writers, we are concerned about only two
states of a thread: is the thread executing in the context of the original
caller (hence having direct access to the user-level address space) or is
it executing in an unknown context (hence being unable to access
user-level address space)?
joe

---

NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

> So with all the above explanations, I have drawn some conclusions and some

more doubts/queries have come up in my mind :

1. Whether windows really creates a kernel thread for each user mode
   thread?
   -> Yes , windows creates a kernel thread for each user thread.

Nonsense. All replies said exactly the opposite. There is exactly, and
precisely, one kind of thread, and it may be in a “user-level” mode or a
“kernel-level” mode if it is created in a user process, but the idea that
Windows creates a “kernel thread” for every “user thread”" is nonsensical.
There are threads, period. A thread has a kernel data structure that
describes it, and when an app calls CreateThread, a new thread is created,
and this corresponding data structure is created in the kernel. But there
is precisely ONE thread that exists. In the model you are proposing,
every user-level thread has a (separate) kernel-level thread. Not true,
never was true.

2. Is there any limitation on the number of threads that can exist in
   Kernel mode?
   ->

The number of resources available to hold the stacks is the limiting value.

3. Only kernel mode threads are scheduled by the os scheduler or all
   threads
   irrespective of whether they are user or kernel are scheduled by the os
   scheduler?
   -> Since there is 1:1 mapping , we can say all threads are scheduled by
   the OS

There is not a 1:1 mapping. All threads are scheduled by the OS, because
that’s what it does: schedule threads. There is exactly ONE thread
created by the user-level CreateThread call. To think of this thread as a
“user thread” with a matching “kernel thread” is nonsensical. There is a
thread. Period. Sometimes, this thread is executing in kernel space.
Sometimes it is executing in user space. When we speak of “kernel
threads”, we are referring to threads created by code executing at kernel
level, creating threads which are not associated with any process. They,
too, are simply “threads”, but they execute entirely in the context of the
kernel. It is a distinction based solely on use.

4. Does context switching among kernel threads takes longer than context
   switching among user mode threads. If yes , why?
   ->

Context switch is context switch. For all practical purposes, it is
identical for every thread. In fact, if you are looking for distinctions,
a context swap from a thread executing at user level to another thread in
the /same/ process is slightly cheaper than a context swap from a thread
executing at user level to another thread in a /different/ process. The
process-context change imposes a higher cost, not specifically at the
context swap time, but as a consequence of changing the address map.
Switching processes has to invalidate the Translation Lookaside Buffer
(TLB) which means the first few accesses require a pagetable lookup. This
is a classic cache-invalidation problem, and has nothing to do with the
scheduler.

Besides, why do you think it matters in the slightest?
joe

Some more queries:
5. If each user thread has its own mapped kernel thread, then why some
driver routines can run in arbitrary thread context?The corresponding
dispatch routines of CreateFile, ReadFile, WriteFile , IOCTLs should
always run in non-arbitrary thread context? Any completion routine of any
IRP can be called in arbitrary thread context? But when the driver has a
kernel mode thread for itself , which is associated/mapped to its user
mode thread , why arbitrary thread comes into picture?

I am confused …
->

6. each user thread has its own mapped kernel thread but the reverse might
   not be true, i.e. Each kernel thread may not have a mapped user mode
   thread?

7. What are kernel-only threads? Does that mean that they don’t have any
   user mode representation.
   So does that mean threads can exist without any process associated to it?

---

NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Thanks Joe for your detailed explanation.

When you say "They may be “user” threads, that is, threads created by CreateProcess or subsequent CreateThread calls, or “kernel” threads, created by PsCreateThread "

Will CreateThread internally call PsCreateThread?

-> can you suggest some books on Operating systems in general which are more practical. Because if try to corelate windows internals with Galvin , it becomes very confusing.

> As already pointed out, there has never been, in the entire history of Windows, even the MS-DOS

versions such as Win95, a concept of 1:1 for “user threads” and “kernel threads” and the author
of that sentence probably never once actually RTFM for Windows, but based it on some urban myth.

Do you actually understand what you are saying, or you are just saying things for the sole purpose of simply saying them??? Of course there is " a concept of 1:1 for “user threads” and “kernel threads” ", under Windows, once every thread in existence has its KTHREAD structure…

The author is so far off-base with this silly characterization that you can probably safely ignore
anything else the book says about Windows. It is just as likely to be equivalently inaccurate.

What you seem to be ignoring entirely is a simple fact that thread creation exhausts non-paged pool in terms of both ETHREAD structure that is just enormous in size and thread’s kernel stack which is, IIRC, is 4 pages under Windows.This is, apparently, what the book authors speak about when they mention “restrictions on the number of threads”.

Taking into consideration the fact that non-paged pool is a scarce resource under Windows, they seem to have a good point…

Anton Bassov

Thanks Joe for being patient with me …My email id is xxxxx@gmail.com

I think the distinction between user mode and kernel mode thread is very clear to me now…

One more doubt is regarding arbitrary thread context and non-arbitrary thread context.

> if try to corelate windows internals with Galvin , it becomes very confusing.

The problem is that some people jump to criticizing serious books without even actually understanding what these books are saying…

Anton Bassov

I missed the additional questions; answers below

So with all the above explanations, I have drawn some conclusions and some
more doubts/queries have come up in my mind :

1. Whether windows really creates a kernel thread for each user mode
   thread?
   -> Yes , windows creates a kernel thread for each user thread.

2. Is there any limitation on the number of threads that can exist in
   Kernel mode?
   ->

3. Only kernel mode threads are scheduled by the os scheduler or all
   threads
   irrespective of whether they are user or kernel are scheduled by the os
   scheduler?
   -> Since there is 1:1 mapping , we can say all threads are scheduled by
   the OS

4. Does context switching among kernel threads takes longer than context
   switching among user mode threads. If yes , why?
   ->

Some more queries:
5. If each user thread has its own mapped kernel thread, then why some
driver routines can run in arbitrary thread context?The corresponding
dispatch routines of CreateFile, ReadFile, WriteFile , IOCTLs should
always run in non-arbitrary thread context? Any completion routine of any
IRP can be called in arbitrary thread context? But when the driver has a
kernel mode thread for itself , which is associated/mapped to its user
mode thread , why arbitrary thread comes into picture?

Every thread in the system has a kernel data structure that represents it.
This does not mean there is a 1:1 mapping from “user thread” to “kenel
thread”, it means that every thread, independent of who created it, has a
kernel thread data structure, which is what the scheduler uses for
scheduling.

The only guarantee is that the /top-level/ dispatch routine for
CreateFile, ReadFile, etc. is executed in the context of the user-level
thread, meaning the user-level map (nominally, the lower 2GB for a Win32
process, but there are many variants on this up to and including 4GB,
depending on the hosting platform) is accessible. For all other cases, a
driver thread is running in an unknown and unknowable context. There are
some special considerations for the I/O Manager getting itself back into
the context of the calling thread so that things like kernel-to-user
buffer copies can be made, but you can ignore this as a driver programmer.
Your thread is in exactly one of two states: (a) in the context of the
caller and (b) in an unknown and unknowable context.

When a driver creates a thread, that thred has no user-level context, no
matter when or how it is created in the driver. It is a thread which only
has a valid kernel-mode address space map. It cannot access any addresses
in a calling process. A driver never, ever, creates a thread with a
mapping to user space. A driver may, in the course of its execution, be
executed in the context of many different threads, for example, at DIRQL
level when processing an interrupt; at DISPATCH_LEVEL for a DPC scheduled
by an ISR, timer, etc.; at PASSIVE_LEVEL in a kernel thread, whether from
the kernel thread pool or a thread it creates via PsCreateThread. The
meaning of the user-level memory map in alll these contexts is
“undefined”. Attempts to write to a user address from any of the
unknown-context threads will result in either a BSOD (if you are lucky) or
corruption of some innocent process (if you are not lucky). Or, since it
is undefined, it may cause your computer to teleport to an exoplanet.
“Undefined” means “undefined”.

I am confused …
->

6. each user thread has its own mapped kernel thread but the reverse might
   not be true, i.e. Each kernel thread may not have a mapped user mode
   thread?

A thread is a thread is a thread. A user thread does NOT have a “mapped
kernel thread”. A user thread is a thread. Period. All threads are
scheduled by the scheduler. Period. The scheduler does this by using a
data structure in the kernel that represents the thread. Period. Nothing
else.

A thread does not require a process to exist. Thus in PsCreateThread,
when you call it from a device driver to create a thread, the process
reference is always NULL. Therefore, when the thread is scheduled, the
behavior of the scheduler relative to memory map management is that it
ignores setting up any user-level memory map context. There might be one,
but if so, you have no idea what it is and no way to find out.

So, when we talk about “kernel threads” in the driver world, we really
mean threads that are created within the kernel for kernel purposes, and
have no mapping to user processes. This is a shorthand designation. It
does not mean that we are talking about the kernel thread which matches a
user thread. Every thread is unique, and some are associated with a
user-level address space context, and some aren’t. The only time you are
guaranteed that the user-level context is knowable is when you are called
at the top-level dispatch routine for a device driver. A filter driver,
for example, is usually not a top-level driver, and therefore the dispatch
routines are always assumed to be in an unknown-and-unknowable context.

Note that designations such as “kernel threads” have nothing to do with
the notion of “arbitrary thread context”. A thread can be executing in
the kernel and have a perfectly valid user address-space map. But you, as
a driver programmer, have no idea what process that map, if valid,
represents. Hence “arbitrary thread context”. An ISR may be processed in
the context of some random process, or in the context of a thread
executing in the kernel, with or without a valid process address space
reference, but you will never know. Unless, of course, you try to touch a
“user level” address, in which case, you get undefined behavior.

Note: if the undefined behavior involves teleportation to an exoplanet,
there are several consequences: (a) it ends up on a “hot jupiter” and your
computer melts down; (b) it ends up on a cold exoplanet, and freezes below
the operating temperature of the transistors, so it halts; (c) it
continues to execute undefined behavior and teleports to another exoplanet
(in which case, apply (a) (b) and (c) iteratively). If it is laptop and
carries its power supply with it, it keeps running; if it is a desktop and
requires external power, it obviously stops. If any of this happens,
please notify the IAU (Internaltional Astronomical Union) immediately. If
your computer teleports to Pluto, forget it, because it is neither exo-
nor -planet, and they don’t care.
joe

7. What are kernel-only threads? Does that mean that they don’t have any
   user mode representation.
   So does that mean threads can exist without any process associated to it?

---

NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

> One more doubt is regarding arbitrary thread context and non-arbitrary thread context.

“Arbitrary thread context” means that a piece of code may be invoked in context of any thread. For example, when user app submits an IRP you can be 100% sure that driver’s corresponding DispatchXXX routine is invoked strictly in context of a user thread that actually submits the request. However, when this IRP gets completed, IO completion routine may get invoked in context of any thread, or even in atomic context -everything depends on how and when IRP gets completed. Therefore, you cannot make any assumptions here…

Anton Bassov

As far as I know, PsCreateThread is called from the kernel dispatch
routine for CreateThread and CreateProcess. But since I do not have any
source code access, I cannot state that is true. But if you look at the
parameters for PsCreateThread and the parameters for CreateThread, there
is a startling similarity, which is why I infer that it is called for
CreateThread.

A good book is Windows Internals, if you want to understand how Windows
works. There are also books on linux, Unix, and a variety of other
operating systems if you want specific details on their internals. No
book on general operating system principles is going to exactly reflect
any real operating system. That is not their purpose. Saying things like
“Windows has a kernel thread for every user thread” is a gross
misstatement of fact. Windows has only one kind of thread, period. While
it is true that the kernel has a data structure for every thread, it does
not care if this is a thread created by a process or created internally in
the kernel with no process associated with it. Even making the
distinction that there is a “kernel thread” for every “user thread” is
nonsense, because there is only one, precisely one, thread type in the
Windows universe.

Now, if the book said, “Every user thread in a Windows application has a
data structure in the kernel that represents it”, that would be a true
statement.
joe

Thanks Joe for your detailed explanation.

When you say "They may be “user” threads, that is, threads created by
CreateProcess or subsequent CreateThread calls, or “kernel” threads,
created by PsCreateThread "

Will CreateThread internally call PsCreateThread?

-> can you suggest some books on Operating systems in general which are
more practical. Because if try to corelate windows internals with Galvin ,
it becomes very confusing.

---

NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

>One more doubt is regarding arbitrary thread context and non-arbitrary

thread context.

Arbitrary thread context means that the CPU is servicing an interrupt which
runs in another unit type of execution. When a device interrupts, in most
cases a CPU will temporarily stop doing what is was doing and start
executing the interrupt service routine registered with that interrupt.
While the ISR is excecuting, there is still a context of whatever thread the
CPU was running when it got interrupted but that cannot be used or does not
make sense here. The same holds for DPCs which are software interrupts which
may get executed in the context of whatever thread was running.

//Daniel

Exactly.

and

Not necessarily. An interrupt is not required. Consider the fact that your EvtIoRead runs in an arbitrary thread context, but not as a result of an interrupt.

I find it useful to think about it this way: When we say a routine runs in an arbitrary thread context, we mean that one cannot know in advance the thread in which the routine will run.

The dictionary definition really does apply here:
arbitrary: based on random choice…, rather than any reason or system.

Peter
OSR

Not necessarily. An interrupt is not required. Consider the fact that
your EvtIoRead runs in an arbitrary thread context, but not >as a result of
an interrupt.

If EvtIoRead runs in an arbitrary contract, it means it’s running at
DISPATCH_LEVEL executed by a DPC routine which after all is a software
interrupt ? Or not ?

//Daniel

Kmdf pends everything , so in kmdf context is not guaranteed. The io pipeline does allow for in context execution (EvtIoInCallerContext), its purpose is to capture context specific pointers and then let the async pipeline continue

d

Bent by my phone

From: xxxxx@resplendence.commailto:xxxxx
Sent: ?10/?4/?2013 9:30 AM
To: Windows System Software Devs Interest Listmailto:xxxxx
Subject: Re:[ntdev] User Thread / Kernel Thread

>Not necessarily. An interrupt is not required. Consider the fact that
>your EvtIoRead runs in an arbitrary thread context, but not >as a result of
>an interrupt.

If EvtIoRead runs in an arbitrary contract, it means it’s running at
DISPATCH_LEVEL executed by a DPC routine which after all is a software
interrupt ? Or not ?

//Daniel

—
NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer</mailto:xxxxx></mailto:xxxxx>

> 1. Whether windows really creates a kernel thread for each user mode thread? Or it has a limitation

on how many threads can be created in Kernel mode?

No. Windows uses the same thread identity and does not change it on crossing the U/K boundary.

Kernel threads in Windows belong to System process and are created by drivers if they want so. They cannot execute any user mode code ever.

all threads irrespective

This is the case.

3. Does context switching among kernel threads takes longer than context switching among user
   mode threads.

Kernel threads switch is faster, since there is no need to invalidate the TLB.

–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com