Opened 16 months ago
Last modified 16 months ago
#18182 new bug
Crash on thread exit if image with TLS object with destructor is unloaded
| Reported by: | X512 | Owned by: | nobody |
|---|---|---|---|
| Priority: | normal | Milestone: | Unscheduled |
| Component: | System/runtime_loader | Version: | R1/Development |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: | ||
| Platform: | All |
Description
This is hrev56630.
Steps to reproduce:
- Dynamically load image that creates TLS object with destructor.
- Unload image.
- Exit thread. TLS object destructor from unloaded image will be called and cause crash.
Reproduce code attached.
Attachments (1)
Change History (6)
by , 16 months ago
| Attachment: | LoaderBug2.zip added |
|---|
comment:1 by , 16 months ago
comment:2 by , 16 months ago
We already have thread hooks that call TLS destructors: https://xref.landonf.org/source/xref/haiku/src/system/libroot/os/thread.c#170
So the real problem is that things are not called in the right order.
comment:3 by , 16 months ago
No, real problem is that TLS destructors should be called at image unload, not thread exit if image containing TLS variable is unloaded.
comment:4 by , 16 months ago
Hmm, so does that mean that https://cgit.haiku-os.org/haiku/tree/src/system/runtime_loader/elf.cpp#n773 isn't doing the right thing here, and we should be destroying the TLS block immediately?
Note:
See TracTickets
for help on using tickets.
I wonder if adding an implementation of
__cxa_thread_exitthat can call intoruntime_loaderdirectly, would be the right way to do this. Will require updating buildtools once an implementation has been added.