Boost C++ Libraries: Ticket #4885: Access violation in set_tss_data at process exit due to invalid assumption about TlsAlloc https://svn.boost.org/trac10/ticket/4885 <p> We've recently upgraded to Boost 1.44 and have started seeing Access Violations from set_tss_data during process exit under various conditions. We are building with Visual Studio 2008 and are seeing the problems on both 32- and 64-bit architectures. </p> <p> Here's an example stack trace from a crash: </p> <pre class="wiki"> boost_thread-vc90-mt-1_44.dll!boost::detail::heap_new_impl&lt;boost::detail::tss_data_node,void const * __ptr64 &amp; __ptr64,boost::shared_ptr&lt;boost::detail::tss_cleanup_function&gt; &amp; __ptr64,void * __ptr64 &amp; __ptr64,boost::detail::tss_data_node * __ptr64 &amp; __ptr64&gt;(const void * &amp; a1=, boost::shared_ptr&lt;boost::detail::tss_cleanup_function&gt; &amp; a2={...}, void * &amp; a3=0x00000000003a6c40, boost::detail::tss_data_node * &amp; a4=0x9b0d8d481675c085) Line 208 + 0x20 bytes C++ boost_thread-vc90-mt-1_44.dll!boost::detail::set_tss_data(const void * key=0x000000005d009600, boost::shared_ptr&lt;boost::detail::tss_cleanup_function&gt; * func=0x00000000001efc28, void * tss_data=0x0000000000000000, bool cleanup_existing=true) Line 590 C++ libut.dll!`anonymous namespace'::`dynamic atexit destructor for 'ticTocPrevTotalsVector''() + 0x38 bytes C++ &gt; libut.dll!_CRT_INIT(void * hDllHandle=0x0000000000000001, unsigned long dwReason=0, void * lpreserved=0x0000000000000000) Line 449 C libut.dll!__DllMainCRTStartup(void * hDllHandle=0x000000000038f180, unsigned long dwReason=3757760, void * lpreserved=0x000000005cfa6b48) Line 560 + 0xd bytes C ntdll.dll!0000000077b33801() [Frames below may be incorrect and/or missing, no symbols loaded for ntdll.dll] ntdll.dll!0000000077b33610() msvcr90.dll!00000000660a1b8b() test_manager.dll!runTests(int argc=1, char * * argv=0x00000000006a6890) Line 768 + 0x8 bytes C++ pkgtest.exe!main(int argc=0, char * * argv=0x0000024d06b13a83) Line 14 + 0x59 bytes C++ pkgtest.exe!__tmainCRTStartup() Line 586 + 0x19 bytes C kernel32.dll!0000000077a0f56d() ntdll.dll!0000000077b43281() </pre><p> After some digging, it appears that there is an invalid assumption about <a class="missing wiki">TlsAlloc</a> in thread/src/win32/thread.cpp: namely that it cannot return zero. The tss implementation uses zero as a sentinel value for initialization. As far as I can tell, however, the only "illegal" return value for <a class="missing wiki">TlsAlloc</a> is the constant TLS_OUT_OF_INDEXES, which is defined as -1. </p> <p> It appears that <a class="missing wiki">TlsAlloc</a> happily returns zero as a valid index when called during process shutdown. </p> <p> I looked at the solution for <a class="closed ticket" href="https://svn.boost.org/trac10/ticket/4736" title="#4736: Bugs: MinGW: tss crashes (SIGSEGV) in ~thread_specific_ptr (closed: fixed)">#4736</a> which is on the trunk, but it appears to make the same assumption that <a class="missing wiki">TlsAlloc</a> cannot return zero. </p> en-us Boost C++ Libraries /htdocs/site/boost.png https://svn.boost.org/trac10/ticket/4885 Trac 1.4.3 Chris Newbold Tue, 23 Nov 2010 19:41:52 GMT component changed; owner set https://svn.boost.org/trac10/ticket/4885#comment:1 https://svn.boost.org/trac10/ticket/4885#comment:1 <ul> <li><strong>owner</strong> set to <span class="trac-author">Anthony Williams</span> </li> <li><strong>component</strong> <span class="trac-field-old">None</span> → <span class="trac-field-new">thread</span> </li> </ul> Ticket martin.ankerl@… Wed, 30 Mar 2011 09:01:34 GMT <link>https://svn.boost.org/trac10/ticket/4885#comment:2 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4885#comment:2</guid> <description> <p> I have got the same problem with boost 1.43 in combination with boost log. Is there any workaround possible for this? </p> </description> <category>Ticket</category> </item> <item> <dc:creator>viboes</dc:creator> <pubDate>Sun, 11 Dec 2011 16:42:06 GMT</pubDate> <title>keywords set https://svn.boost.org/trac10/ticket/4885#comment:3 https://svn.boost.org/trac10/ticket/4885#comment:3 <ul> <li><strong>keywords</strong> tss added </li> </ul> Ticket viboes Thu, 19 Jan 2012 07:28:16 GMT owner, status, milestone changed https://svn.boost.org/trac10/ticket/4885#comment:4 https://svn.boost.org/trac10/ticket/4885#comment:4 <ul> <li><strong>owner</strong> changed from <span class="trac-author">Anthony Williams</span> to <span class="trac-author">viboes</span> </li> <li><strong>status</strong> <span class="trac-field-old">new</span> → <span class="trac-field-new">assigned</span> </li> <li><strong>milestone</strong> <span class="trac-field-old">To Be Determined</span> → <span class="trac-field-new">Boost 1.49.0</span> </li> </ul> <p> After reading the <a class="missing wiki">TlsAlloc</a> doc it seems clear that there is a misunderstanding on the code. I will try to fix it soon. </p> Ticket viboes Sat, 21 Jan 2012 17:02:07 GMT attachment set https://svn.boost.org/trac10/ticket/4885 https://svn.boost.org/trac10/ticket/4885 <ul> <li><strong>attachment</strong> → <span class="trac-field-new">4885.patch</span> </li> </ul> <p> win32/pthread.cpp </p> Ticket viboes Sat, 21 Jan 2012 17:08:53 GMT <link>https://svn.boost.org/trac10/ticket/4885#comment:5 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4885#comment:5</guid> <description> <p> Please, could someone try this patch? Could you attach an example that shows the issue? </p> </description> <category>Ticket</category> </item> <item> <dc:creator>anonymous</dc:creator> <pubDate>Sat, 28 Jan 2012 16:02:45 GMT</pubDate> <title/> <link>https://svn.boost.org/trac10/ticket/4885#comment:6 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4885#comment:6</guid> <description> <p> Committed in trunk at revision: 76752 </p> </description> <category>Ticket</category> </item> <item> <author>Ulrich Eckhardt <ulrich.eckhardt@…></author> <pubDate>Thu, 09 Feb 2012 10:43:47 GMT</pubDate> <title/> <link>https://svn.boost.org/trac10/ticket/4885#comment:7 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4885#comment:7</guid> <description> <p> In <a class="changeset" href="https://svn.boost.org/trac10/changeset/76752" title="Thread: Try to fix 4885 - Access violation in set_tss_data at process ...">r76752</a>, tls_out_of_index was actually declared as a variable, even though that is actually a constant. Otherwise, the changes there are completely right. I'll attach a patch, hopefully making it clear what I mean and also with a better workaround for the according constant missing in some CE SDKs. </p> </description> <category>Ticket</category> </item> <item> <author>Ulrich Eckhardt <ulrich.eckhardt@…></author> <pubDate>Thu, 09 Feb 2012 10:46:58 GMT</pubDate> <title>attachment set https://svn.boost.org/trac10/ticket/4885 https://svn.boost.org/trac10/ticket/4885 <ul> <li><strong>attachment</strong> → <span class="trac-field-new">boost thread ticket4885.patch</span> </li> </ul> <p> patch </p> Ticket viboes Mon, 28 May 2012 16:33:24 GMT <link>https://svn.boost.org/trac10/ticket/4885#comment:8 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4885#comment:8</guid> <description> <p> Thanks for the patch. I will merge it soon. </p> </description> <category>Ticket</category> </item> <item> <dc:creator>viboes</dc:creator> <pubDate>Mon, 28 May 2012 16:34:16 GMT</pubDate> <title>milestone changed https://svn.boost.org/trac10/ticket/4885#comment:9 https://svn.boost.org/trac10/ticket/4885#comment:9 <ul> <li><strong>milestone</strong> <span class="trac-field-old">Boost 1.49.0</span> → <span class="trac-field-new">Boost 1.51.0</span> </li> </ul> Ticket viboes Mon, 28 May 2012 16:49:13 GMT milestone changed https://svn.boost.org/trac10/ticket/4885#comment:10 https://svn.boost.org/trac10/ticket/4885#comment:10 <ul> <li><strong>milestone</strong> <span class="trac-field-old">Boost 1.51.0</span> → <span class="trac-field-new">To Be Determined</span> </li> </ul> Ticket Jonathan Jones <jonathan.jones@…> Fri, 29 Jun 2012 21:13:59 GMT cc set https://svn.boost.org/trac10/ticket/4885#comment:11 https://svn.boost.org/trac10/ticket/4885#comment:11 <ul> <li><strong>cc</strong> <span class="trac-author">jonathan.jones@…</span> added </li> </ul> Ticket viboes Sat, 07 Jul 2012 09:22:50 GMT <link>https://svn.boost.org/trac10/ticket/4885#comment:12 </link> <guid isPermaLink="false">https://svn.boost.org/trac10/ticket/4885#comment:12</guid> <description> <p> Seems to be fixed with <a class="closed ticket" href="https://svn.boost.org/trac10/ticket/7066" title="#7066: Bugs: Thread: An attempt to fix current_thread_tls_key static initialization ... (closed: fixed)">#7066</a> </p> </description> <category>Ticket</category> </item> <item> <dc:creator>viboes</dc:creator> <pubDate>Sat, 07 Jul 2012 09:25:26 GMT</pubDate> <title>milestone changed https://svn.boost.org/trac10/ticket/4885#comment:13 https://svn.boost.org/trac10/ticket/4885#comment:13 <ul> <li><strong>milestone</strong> <span class="trac-field-old">To Be Determined</span> → <span class="trac-field-new">Boost 1.51.0</span> </li> </ul> Ticket viboes Mon, 09 Jul 2012 21:15:10 GMT status changed; resolution set https://svn.boost.org/trac10/ticket/4885#comment:14 https://svn.boost.org/trac10/ticket/4885#comment:14 <ul> <li><strong>status</strong> <span class="trac-field-old">assigned</span> → <span class="trac-field-new">closed</span> </li> <li><strong>resolution</strong> → <span class="trac-field-new">fixed</span> </li> </ul> <p> Committed revision <a class="changeset" href="https://svn.boost.org/trac10/changeset/79373" title="Thread: merge from trunk">[79373]</a>. </p> Ticket