Boost C++ Libraries: Ticket #2442: Application statically linked with Boost.Thread crashes when Google Desktop is installed (Windows XP) https://svn.boost.org/trac10/ticket/2442 <p> Application statically linked with Boost.Thread crashes when Google Desktop is installed (Windows XP, VC9). </p> <p> Google Desktop installs a hook and injects its DLL to application address space on application startup. This DLL creates its own thread, does something, and then calls Windows API's <code>FreeLibraryAndExitThread()</code> function. This function eventually calls <code>boost::detail::create_once_mutex()</code>, which crashes with VC "buffer security check" (see /GS option, which is default). I suppose this is because of CRT was not initialized yet (application crashes on the very start) and particularly because <code>__security_init_cookie()</code> function was not called. It seems there are two possible workarounds: </p> <ol><li>Recompile Boost.Thread with /GS- option </li></ol><ol start="2"><li>Add an explicit call of <code>__security_init_cookie()</code> function, e.g. in run_thread_exit_callbacks() function. </li></ol><p> The crash can be reliably reproduced on Windows XP with the latest Google Desktop (5.8.0809.23506-en-pb) installed. To reproduce: </p> <ol><li>Download and unzip test application archive from <a class="ext-link" href="http://engineering.meta-comm.com/resources/boost_thread_with_google_desktop_crash_test.zip"><span class="icon">​</span>http://engineering.meta-comm.com/resources/boost_thread_with_google_desktop_crash_test.zip</a> </li></ol><ol start="2"><li>Open the folder with the test application in Windows Explorer, and launch several (&gt;= 3) instances of "run.bat" at once. </li></ol><p> I was not able to reproduce it on Windows Vista. </p> en-us Boost C++ Libraries /htdocs/site/boost.png https://svn.boost.org/trac10/ticket/2442 Trac 1.4.3 anonymous Wed, 11 Apr 2012 06:17:04 GMT <link>https://svn.boost.org/trac10/ticket/2442#comment:1 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/2442#comment:1</guid> <description> <p> The bug is more profound and brings out flaws in the design itself. I recently started using boost threads in one of my project (has dlls and exes) and stumbled on this problem quite early in the test cycle. After I analyzed the crash dump, I was lead to look at the dumpbin output for my exe and dll for static TLS entires. I found new entries in the place where there used to be none before I had started using boost threads. As my dll(s) are explicitly loaded I did not use static TLS in my code before, but now the boost thread library has put in static TLS without taking into account which module it is linking into and assumptions of it. I presume(hope) boost thread library is using static TLS to only attach it's own TLS callbacks. Though I wish this method was avoided. </p> <p> Given that TLS callbacks would be called before dll initialization code - implementation should have put tighter control on what the callback function calls (directly and indirectly) - definitely not call or read or write c/c++ runtime code/date. But this implementation has led to allow calls to its own functions that are compiled (with the same flags like /GS) along with the code of the user of the library. </p> <p> If the implementation had not used automatic char buffer like in the case of "create_once_mutex" the problem would not have occurred, as buffer overflow check is only applied to functions that have buffers. Or may be naked functions which deliberately avoids buffer overflow checks could have been used. </p> <p> As I am not very sure about how static TLS is used I suspect there could be more problems lurking around. </p> </description> <category>Ticket</category> </item> <item> <dc:creator>nanda</dc:creator> <pubDate>Wed, 11 Apr 2012 06:27:03 GMT</pubDate> <title/> <link>https://svn.boost.org/trac10/ticket/2442#comment:2 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/2442#comment:2</guid> <description> <p> Replying to <a class="ticket" href="https://svn.boost.org/trac10/ticket/2442#comment:1" title="Comment 1">anonymous</a>: Forgot to mention my name - nanda. </p> <blockquote class="citation"> <p> The bug is more profound and brings out flaws in the design itself. I recently started using boost threads in one of my project (has dlls and exes) and stumbled on this problem quite early in the test cycle. After I analyzed the crash dump, I was lead to look at the dumpbin output for my exe and dll for static TLS entires. I found new entries in the place where there used to be none before I had started using boost threads. As my dll(s) are explicitly loaded I did not use static TLS in my code before, but now the boost thread library has put in static TLS without taking into account which module it is linking into and assumptions of it. I presume(hope) boost thread library is using static TLS to only attach it's own TLS callbacks. Though I wish this method was avoided. </p> <p> Given that TLS callbacks would be called before dll initialization code - implementation should have put tighter control on what the callback function calls (directly and indirectly) - definitely not call or read or write c/c++ runtime code/date. But this implementation has led to allow calls to its own functions that are compiled (with the same flags like /GS) along with the code of the user of the library. </p> <p> If the implementation had not used automatic char buffer like in the case of "create_once_mutex" the problem would not have occurred, as buffer overflow check is only applied to functions that have buffers. Or may be naked functions which deliberately avoids buffer overflow checks could have been used. </p> <p> As I am not very sure about how static TLS is used I suspect there could be more problems lurking around. </p> </blockquote> </description> <category>Ticket</category> </item> <item> <dc:creator>WhaleGerbbila</dc:creator> <pubDate>Thu, 06 Jun 2013 00:48:03 GMT</pubDate> <title>version, milestone changed https://svn.boost.org/trac10/ticket/2442#comment:3 https://svn.boost.org/trac10/ticket/2442#comment:3 <ul> <li><strong>version</strong> <span class="trac-field-old">Boost 1.35.0</span> → <span class="trac-field-new">Boost 1.38.0</span> </li> <li><strong>milestone</strong> <span class="trac-field-old">To Be Determined</span> → <span class="trac-field-new">Website 1.X</span> </li> </ul> Ticket viboes Sat, 08 Jun 2013 12:58:55 GMT milestone changed https://svn.boost.org/trac10/ticket/2442#comment:4 https://svn.boost.org/trac10/ticket/2442#comment:4 <ul> <li><strong>milestone</strong> <span class="trac-field-old">Website 1.X</span> → <span class="trac-field-new">To Be Determined</span> </li> </ul> Ticket viboes Wed, 07 Jan 2015 02:43:56 GMT status changed; resolution set https://svn.boost.org/trac10/ticket/2442#comment:5 https://svn.boost.org/trac10/ticket/2442#comment:5 <ul> <li><strong>status</strong> <span class="trac-field-old">new</span> → <span class="trac-field-new">closed</span> </li> <li><strong>resolution</strong> → <span class="trac-field-new">obsolete</span> </li> </ul> <p> Please reopen if this old ticket is of actuality yet. </p> Ticket