Under what circumstances does PsTerminateSystemThread() wait serveral minutes?

Discussion in 'Windows Vista Drivers' started by phren yohng, Oct 10, 2004.

  1. phren yohng

    phren yohng Guest


    I have one working thread which I signal to end. And the thread calls
    PsTerminateSystemThread() to end itself. Another thread waits for the
    working thread to be terminated.
    But sometimes it takes a long time (under driver verifier with low
    resources option) and KeWaitForSingleObject() returns with
    STATUS_TIMEOUT, even when I set the timeout to 2 minutes.

    The stack looks like this:
    THREAD fd7834b0 Cid 8.2a8 Teb: 00000000 Win32Thread: 00000000 WAIT:
    (DelayExecution) KernelMode Non-Alertable
    fd783598 NotificationTimer
    IRP List:
    fa080f68: (0006,0094) Flags: 40000000 Mdl: fd6bb6c8
    Not impersonating
    Owning Process fd90eaf0
    Wait Start TickCount 74393 Elapsed Ticks: 4
    Context Switch Count 394
    UserTime 0:00:00.0000
    KernelTime 0:00:00.0040
    Start Address kernelcrypt!NTKernelSendingThread (0xf87c97d0)
    Stack Init f8ce6000 Current f8ce5c20 Base f8ce6000 Limit f8ce3000 Call 0
    Priority 16 BasePriority 8 PriorityDecrement 0 DecrementCount 0

    ChildEBP RetAddr Args to Child
    f8ce5c38 8042d87a 800695e0 fd7836bc 800695b0 nt!KiSwapThread+0xc5
    f8ce5c60 804bc486 00000000 00000000 f8ce5c80 nt!KeDelayExecutionThread+
    f8ce5c90 804aa120 fd7834b0 fd6bd000 fd6e6a80 nt!IoCancelThreadIo+0x6f
    f8ce5d44 80455b7f 00000000 f8ce5da8 f87c9b17 nt!PspExitThread+0x3a6
    f8ce5d50 f87c9b17 00000000 00000000 00000000 nt!PsTerminateSystemThread+
    f8ce5da8 80455a16 fd697008 00000000 00000000 kernelcrypt!
    f8ce5ddc 80469bb2 f87c97d0 fd697008 00000000 nt!PspSystemThreadStartup+
    00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16

    PsTerminateSystemThread() waits for a "NotificationTimer".
    Is this part of the driver verifier? Or for what reason does
    PsTerminateSystemThread() wait?

    Thank you for your efforts!
    phren yohng, Oct 10, 2004
    1. Advertisements

  2. phren yohng

    Mark Roddy Guest

    Your thread has uncancelled IO requests and the OS is patiently waiting for
    them to be completed as part of its IO cancellation processing. Eventually it
    gives up and puts the remnants of those IO requests into limbo. You should
    study IO cancellation processing in the DDK and on these newsgroups and then
    review your software for correctness.


    Mark Roddy DDK MVP
    Windows 2003/XP/2000 Consulting
    Hollis Technology Solutions 603-321-1032
    Mark Roddy, Oct 10, 2004
    1. Advertisements

  3. phren yohng

    phren yohng Guest


    Is it wrong when I try to find the uncanceled irp with the WinDBG
    command !irpfind? Because I can't find any.
    Are there any other circumstances that PsTerminateSystemThread() wait
    before it finished?

    Thanks for your efforts!
    phren yohng, Oct 22, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.