Race in thread shutdown in imm32?
Rob Shearman
robertshearman at gmail.com
Fri Nov 14 13:57:28 CST 2008
2008/11/14 Dan Kegel <dank at kegel.com>:
> I'm seeing the following valgrind warning
> in three out of eight runs under heavy load:
>
> InvalidRead
> IMM_FreeThreadData:233
> DllMain:382
> __wine_spec_dll_entry:40
> MODULE_InitDLL:911
> LdrShutdownThread:2174
> call_thread_func:403
> start_thread:444
>
> It kind of feels like a race between thread shutdown and process shutdown.
> Does that ring a bell with anyone?
IMM_FreeThreadData can crash if TlsGetValue returns a NULL pointer. On
first glance, it doesn't appear possible as IMM_InitThreadData is
called for every thread and on process startup. However, as you
surmise, it is possible in Wine for a thread to exit after the main
process has shut down (i.e. TlsFree(tlsIndex) has been called) and the
TLS area has been cleared, causing TlsGetValue to return 0.
I believe that Windows terminates all threads on process exit, which
would solve this problem. However, the issue could trivially worked
around by introducing a NULL pointer check in IMM_FreeThreadData. It
would also be a good idea to set tlsIndex to TLS_OUT_OF_INDEXES after
TlsFree is called to avoid the possibility of using an un-allocated
TLS index.
--
Rob Shearman
More information about the wine-devel
mailing list