locked
One thread hanging in FwpmTransactionCommit0, others hanging in FwpmTransactionBegin0 RRS feed

  • Question

  • Hello, would you help this problem, please?

    When I do the dump postmortem,

    In a thread, it has called FwpmEngineOpen0FwpmTransactionBegin0, and twice FwpmFilterAdd0, however, been hanging in following FwpmTransactionCommit0.

    --------------------------------------------------------------------------------------------------------------------------------------------------

            THREAD 85150348  Cid 0fac.0e08  Teb: 7ff67000 Win32Thread: 00000000 WAIT: (WrLpcReply) UserMode Non-Alertable

                8515057c  Semaphore Limit 0x1

            Waiting for reply to ALPC Message 95d49e78 : queued at port 85f35b60 : owned by process 85f23d40

            Not impersonating

            DeviceMap                 87a08a08

            Owning Process            8603a030       Image:         coreServiceShell.exe

            Attached Process          N/A            Image:         N/A

            Wait Start TickCount      261627         Ticks: 16454 (0:00:04:17.093)

            Context Switch Count      91             

            UserTime                  00:00:00.000

            KernelTime                00:00:00.000

            Win32 Start Address MSVCR80!_endthreadex (0x721e29e1)

            Stack Init a3b91fd0 Current a3b91ad0 Base a3b92000 Limit a3b8f000 Call 0

            Priority 9 BasePriority 8 UnusualBoost 0 ForegroundBoost 0 IoPriority 2 PagePriority 5

            Kernel stack not resident.

            ChildEBP RetAddr  Args to Child              

            a3b91ae8 8288ab15 85150348 82948f08 82945d20 nt!KiSwapContext+0x26 (FPO: [Uses EBP] [0,0,4])

            a3b91b20 82889403 85150408 85150348 8515057c nt!KiSwapThread+0x266

            a3b91b48 828832cf 85150348 85150408 00000000 nt!KiCommitThreadWait+0x1df

            a3b91bc4 828d2b66 8515057c 00000011 9ea42301 nt!KeWaitForSingleObject+0x393

            a3b91bec 82a91bee 8515057c 9ea42301 00000000 nt!AlpcpSignalAndWait+0x7b

            a3b91c10 82a87c6f 9ea42301 a3b91c7c e0000000 nt!AlpcpReceiveSynchronousReply+0x27

            a3b91ca0 82a91173 85f42bd0 00020000 09552240 nt!AlpcpProcessSynchronousRequest+0x276

            a3b91d0c 8285f42a 00000dd8 00020000 09552240 nt!NtAlpcSendWaitReceivePort+0xd0

            a3b91d0c 77c064f4 00000dd8 00020000 09552240 nt!KiFastCallEntry+0x12a (FPO: [0,3] TrapFrame @ a3b91d34)

            0b6cf8e4 77c0486c 7738bedd 00000dd8 00020000 ntdll!KiFastSystemCallRet (FPO: [0,0,0])

            0b6cf8e8 7738bedd 00000dd8 00020000 09552240 ntdll!ZwAlpcSendWaitReceivePort+0xc (FPO: [8,0,0])

            0b6cf91c 7738c3a6 00020000 0020c974 09552240 RPCRT4!LRPC_CASSOCIATION::AlpcSendWaitReceivePort+0x50

            0b6cf968 7738c2a4 0b6cf9dc 0b6cfa08 0b6cfdfc RPCRT4!LRPC_BASE_CCALL::DoSendReceive+0xab

            0b6cf98c 7738c1fc 0b6cf9dc 0b6cfa08 0b6cfa08 RPCRT4!LRPC_BASE_CCALL::SendReceive+0x36

            0b6cf9a0 7738c6cf 0b6cf9dc 74112fd8 00000001 RPCRT4!I_RpcSendReceive+0x29

            0b6cf9b4 7738c69d 0b6cfa08 095522ac 0b6cfa08 RPCRT4!NdrSendReceive+0x31

            0b6cf9c4 773e5744 256ee455 0b1923f8 0b1923f8 RPCRT4!NdrpSendReceive+0xc (FPO: [0,1,0])

            0b6cfddc 7411bcc6 74112fd8 7411638c 0b6cfdfc RPCRT4!NdrClientCall2+0x1a6

            0b6cfdf4 7411bc9b 095304c0 00261238 00255928 fwpuclnt!FwppProxyTransactionCommit+0x19 (FPO: [2,1,0])

            0b6cfe0c 581d6a8d 0b1923f8 00000000 7760918d fwpuclnt!FwpmTransactionCommit0+0x42 (FPO: [1,0,0])

     

    0: kd> !alpc /m 95d49e78 

    Message @ 95d49e78

      MessageID             : 0x03AC (940)

      CallbackID            : 0x47C644 (4703812)

      SequenceNumber        : 0x0000005D (93)

      Type                  : LPC_REQUEST

      DataLength            : 0x0054 (84)

      TotalLength           : 0x006C (108)

      Canceled              : No

      Release               : No

      ReplyWaitReply        : No

      Continuation          : Yes

      OwnerPort             : 85f42bd0 [ALPC_CLIENT_COMMUNICATION_PORT]

      WaitingThread         : 85150348

      QueueType             : ALPC_MSGQUEUE_PENDING

      QueuePort             : 85f35b60 [ALPC_CONNECTION_PORT]

      QueuePortOwnerProcess : 85f23d40 (svchost.exe)

      ServerThread          : 00000000

      QuotaCharged          : No

      CancelQueuePort       : 00000000

      CancelSequencePort    : 00000000

      CancelSequenceNumber  : 0x00000000 (0)

      ClientContext         : 0020c8c0

      ServerContext         : 00000000

      PortContext           : 01109f00

      CancelPortContext     : 00000000

      SecurityData          : 9e916230

      View                  : 00000000

    -------------------------------------------------------------------------------------------------------------------------------------------------------

     

    Meanwhile, some other threads hang in FwpmTransactionBegin0. (including calls from user mode and kernel mode)

    -----------------------------------------------------------------------------------------------------------------------------------

            THREAD 844c7d48  Cid 0fac.0bc4  Teb: 7ff68000 Win32Thread: 00000000 WAIT: (WrLpcReply) UserMode Non-Alertable

                844c7f7c  Semaphore Limit 0x1

            Waiting for reply to ALPC Message 9fd8f610 : queued at port 85f35b60 : owned by process 85f23d40

            Not impersonating

            DeviceMap                 87a08a08

            Owning Process            8603a030       Image:         coreServiceShell.exe

            Attached Process          N/A            Image:         N/A

            Wait Start TickCount      261627         Ticks: 16454 (0:00:04:17.093)

            Context Switch Count      196             

            UserTime                  00:00:00.000

            KernelTime                00:00:00.015

            Win32 Start Address MSVCR80!_endthreadex (0x721e29e1)

            Stack Init a3b8dfd0 Current a3b8dad0 Base a3b8e000 Limit a3b8b000 Call 0

            Priority 9 BasePriority 8 UnusualBoost 0 ForegroundBoost 0 IoPriority 2 PagePriority 5

            Kernel stack not resident.

            ChildEBP RetAddr  Args to Child              

            a3b8dae8 8288ab15 844c7d48 807cd308 807ca120 nt!KiSwapContext+0x26 (FPO: [Uses EBP] [0,0,4])

            a3b8db20 82889403 844c7e08 844c7d48 844c7f7c nt!KiSwapThread+0x266

            a3b8db48 828832cf 844c7d48 844c7e08 00000000 nt!KiCommitThreadWait+0x1df

            a3b8dbc4 828d2b66 844c7f7c 00000011 00000001 nt!KeWaitForSingleObject+0x393

            a3b8dbec 82a91bee 844c7f7c 00000001 00000000 nt!AlpcpSignalAndWait+0x7b

            a3b8dc10 82a87c6f 00000001 a3b8dc7c e0000000 nt!AlpcpReceiveSynchronousReply+0x27

            a3b8dca0 82a91173 85f42bd0 00020000 0020b290 nt!AlpcpProcessSynchronousRequest+0x276

            a3b8dd0c 8285f42a 00000dd8 00020000 0020b290 nt!NtAlpcSendWaitReceivePort+0xd0

            a3b8dd0c 77c064f4 00000dd8 00020000 0020b290 nt!KiFastCallEntry+0x12a (FPO: [0,3] TrapFrame @ a3b8dd34)

            0b5be094 77c0486c 7738bedd 00000dd8 00020000 ntdll!KiFastSystemCallRet (FPO: [0,0,0])

            0b5be098 7738bedd 00000dd8 00020000 0020b290 ntdll!ZwAlpcSendWaitReceivePort+0xc (FPO: [8,0,0])

            0b5be0cc 7738c3a6 00020000 09503af4 0020b290 RPCRT4!LRPC_CASSOCIATION::AlpcSendWaitReceivePort+0x50

            0b5be118 7738c2a4 0b5be190 0b5be1bc 0b5be5b0 RPCRT4!LRPC_BASE_CCALL::DoSendReceive+0xab

            0b5be13c 7738c1fc 0b5be190 0b5be1bc 0b5be1bc RPCRT4!LRPC_BASE_CCALL::SendReceive+0x36

            0b5be154 7738c6cf 0b5be190 74112fd8 00000001 RPCRT4!I_RpcSendReceive+0x29

            0b5be168 7738c69d 0b5be1bc 0020b300 0b5be1bc RPCRT4!NdrSendReceive+0x31

            0b5be178 773e5744 2559fc19 00000000 00000000 RPCRT4!NdrpSendReceive+0xc (FPO: [0,1,0])

            0b5be590 7411b145 74112fd8 7411635e 0b5be5b0 RPCRT4!NdrClientCall2+0x1a6

            0b5be5a8 7411b114 00219068 00261418 00000000 fwpuclnt!FwppProxyTransactionBegin+0x19 (FPO: [3,1,0])

            0b5be5c0 581c7e78 0b192440 00000000 00000000 fwpuclnt!FwpmTransactionBegin0+0x3c (FPO: [2,0,4])

     

    0: kd> !alpc /m 9fd8f610 

    Message @ 9fd8f610

      MessageID             : 0x0068 (104)

      CallbackID            : 0x47C643 (4703811)

      SequenceNumber        : 0x0000005C (92)

      Type                  : LPC_REQUEST

      DataLength            : 0x0058 (88)

      TotalLength           : 0x0070 (112)

      Canceled              : No

      Release               : No

      ReplyWaitReply        : No

      Continuation          : Yes

      OwnerPort             : 85f42bd0 [ALPC_CLIENT_COMMUNICATION_PORT]

      WaitingThread         : 844c7d48

      QueueType             : ALPC_MSGQUEUE_PENDING

      QueuePort             : 85f35b60 [ALPC_CONNECTION_PORT]

      QueuePortOwnerProcess : 85f23d40 (svchost.exe)

      ServerThread          : 00000000

      QuotaCharged          : No

      CancelQueuePort       : 00000000

      CancelSequencePort    : 00000000

      CancelSequenceNumber  : 0x00000000 (0)

      ClientContext         : 09503a40

      ServerContext         : 00000000

      PortContext           : 01109f00

      CancelPortContext     : 00000000

      SecurityData          : 95df6b20

      View                  : 00000000

    ----------------------------------------------------------------------------------------------------------------------------------------------------------

     

    My understanding is that there should be a global lock in BFE of svchost.exe.

    When someone calls FwpmTransactionBegin0, the lock will let others who'd like call FwpmTransactionBegin0 wait.

    However, in this case, I found a thread who had called FwpmTransactionBegin0 successfully, but hang in FwpmTransactionCommit0.

     

    Are there any possible reasons to cause this kind of problem?

    Thanks a lot for the help!

     

    Thursday, October 7, 2010 7:02 AM