PREEMPTIVE_OS_CRYPTACQUIRECONTEXT

(Republishing, or using this info in a commercial product/website, is prohibited without permission. All other uses are permitted. If in doubt, please ask.)

(Back to main page…)

Description:

This wait type is when a thread is calling the Windows CryptAcquireContext function.

(Books Online description: N/A)

Questions/comments on this wait type? Click here to send Paul an email, especially if you have any information to add to this topic.

Added in SQL Server version:

2008

Removed in SQL Server version:

N/A

Extended Events wait_type value:

The map_key value in sys.dm_xe_map_values is 421 in 2008 and 2008 R2, 469 in 2012, and 485 in 2014 RTM. After 2014 RTM, you must check the DMV to get the latest value as some map_key values have changed in later builds.

Other information:

If you see long waits for this wait type, have your infrastructure team investigate performance issues with servers that provide cryptographic services to the domain (for instance, the server for an Enterprise Key Management system).

Note that when a thread calls out to Windows, the thread changes from non-preemptive (SQL Server controls the thread) to preemptive (Windows controls the thread) mode. The thread’s state will be listed as RUNNING, as SQL Server doesn’t know what Windows is doing with the thread.

Known occurrences in SQL Server (list number matches call stack list):

  1. Retrieving certificate information (in this case, while checking the database certificates during instance startup)
  2. Retrieving asymmetric key information (in this case, while decrypting a column)
  3. Retrieving security information (in this case, while changing row level security as part of an ALTER TABLE column)

And other similar stacks.

Abbreviated call stacks (list number matches known occurrences list):

  1. SOS_Task::PopWait+b1
    SOS_ExternalAutoWait::~SOS_ExternalAutoWait+7c
    SOS_Task::AutoSwitchPreemptive::~AutoSwitchPreemptive+5d
    CSECCryptoContext::Init+330
    CSECSessionCryptoContext::GetCryptoContext+c0
    GetCertDerivedAttributesFromBytes+85
    CMEDCatObfusKey::GetCMEDCertificate+7e9
    CMEDCacheEntryFactory::FindOrCreateCacheEntry+196
    CMEDCacheEntryFactory::GetProxiedCacheEntryById+f6
    CMEDProxyDatabase::GetCertificateById+6c
    SynchronizeSystemCertificates+be
    StartUp::StartResourceDB+6df
    StartUp::StartModelAndTempdb+3ae
    SOS_Task::Param::Execute+21e
    SOS_Scheduler::RunTask+ab
  2. SOS_Task::PopWait+b1
    SOS_ExternalAutoWait::~SOS_ExternalAutoWait+7c
    SOS_Task::AutoSwitchPreemptive::~AutoSwitchPreemptive+5d
    CSECCryptoContext::Init+330
    CSECSessionCryptoContext::GetCryptoContext+c0
    GetAsymKeyProperty+a3
    SsvarAsymKeyPropI4Wstr+235
    CEsExec::GeneralEval4+e7
    CQScanFilterNew::GetRowHelper+55
    CQScanNLJoinNew::GetRowHelper+4f
    CQScanNLJoinNew::GetRowHelper+4f
    CQScanNLJoinNew::GetRowHelper+f4
    CQScanNLJoinNew::GetRowHelper+4f
    CQScanNLJoinNew::GetRowHelper+4f
    CQueryScan::GetRow+81
    CXStmtQuery::ErsqExecuteQuery+36d
    CXStmtSelect::XretExecute+2e7
    CMsqlExecContext::ExecuteStmts<1,1>+427
    CMsqlExecContext::FExecute+a43
    CSQLSource::Execute+86c
    process_request+a57
    process_commands+4a3
  3. SOS_Task::PopWait+b1
    SOS_ExternalAutoWait::~SOS_ExternalAutoWait+7c
    SOS_Task::AutoSwitchPreemptive::~AutoSwitchPreemptive+5d
    CSECCryptoContext::Init+330
    CSECSessionCryptoContext::GetCryptoContext+c0
    ISECCryptoServices::Get+87
    CStmtAlterTable::XretExecute+2712
    CMsqlExecContext::ExecuteStmts<1,1>+427
    CMsqlExecContext::FExecute+a43
    CSQLSource::Execute+86c
    process_request+a57
    process_commands+4a3
    SOS_Task::Param::Execute+21e
    SOS_Scheduler::RunTask+ab