#1357 memory access violation upon exit

obsolete: 8.3.1
closed-fixed
nobody
7
2001-04-03
2000-10-26
Anonymous
No

OriginalBugID: 6163 Bug
Version: 8.3.1
SubmitDate: '2000-08-23'
LastModified: '2000-10-25'
Severity: SER
Status: UnAssn
Submitter: techsupp
OS: Windows NT
OSVersion: NT 4
Machine: Dell Pentium II
FixedDate: '2000-10-25'
ClosedDate: '2000-10-25'

Name:

Jiang Wu

CVS:

tclEvent.c,v 1.8 tclCkalloc.c,v 1.7

Extensions:

none

CustomShell:

none

Comments:

On Windows, if you type in "exit" on the shell, Tcl_Finalize() is

called. Then the dll is unloaded. The dll exit handler also calls

Tcl_Finalize().

The patch for tclEvent.c moves the thread local storage access inside

the "if (subsystemInitialized != 0) {", this way, a 2nd call to

Tcl_Finalize() during exit will not try to access Tcl subsystem such as

the debug memory allocation subsystem.

The patch for tclCkalloc.c resets the static global "curTagPtr" to NULL

after finalizing the memory subsystem. This allows the memory subsystem

to work again after finalization.

Without the patches, a 2nd call to Tcl_Finalize() triggers an access to

the thread local, which in turn triggers memory allocation in the Tcl

memory subsystem after the 1st Tcl_Finalize(). Because the curTagPtr

was not NULL'ed, Tcl memory allocation tries to use the already free'ed

pointer "curTagPtr". That caused the memory access violation on

Windows.

ReproducibleScript:

1. Compile Tcl with DEBUGDEFINES = -DTCL_MEM_DEBUG -DTCL_COMPILE_DEBUG -DTCL_COMPILE_STATS on Windows NT.

2. Run "tclsh8.3d.exe" and type in the following:

memory tag foo

exit

ObservedBehavior:

Upon exit, the tclsh83d.exe produces an memory violation dialog:

The instruction at "0x1001dd9f" referenced memory at "0x0031c550". The memory could not be "read".

Click on OK to terminate the application

DesiredBehavior:

Program exits cleanly.

Patch:

*** tclEvent.c Wed Aug 23 14:12:40 2000

--- tclEvent.c.fixed Wed Aug 23 14:08:50 2000

***************

*** 744,752 ****

ThreadSpecificData *tsdPtr;

TclpInitLock();

- tsdPtr = TCL_TSD_INIT(&dataKey);

if (subsystemsInitialized != 0) {

subsystemsInitialized = 0;

/*

* Invoke exit handlers first.

--- 744,753 ----

ThreadSpecificData *tsdPtr;

TclpInitLock();

if (subsystemsInitialized != 0) {

subsystemsInitialized = 0;

+

+ tsdPtr = TCL_TSD_INIT(&dataKey);

/*

* Invoke exit handlers first.

*** tclCkalloc.c Wed Aug 23 14:12:56 2000

--- tclCkalloc.c.fixed Wed Aug 23 14:09:00 2000

***************

*** 983,988 ****

--- 983,989 ----

}

if (curTagPtr != NULL) {

TclpFree((char *) curTagPtr);

+ curTagPtr = NULL;

}

allocHead = NULL;

Tcl_MutexUnlock(ckallocMutexPtr);

PatchFiles:

tclEvent.c

tclCkalloc.c

Discussion

    • priority: 5 --> 7
     
    • labels: 104246 --> 105646
     
  • (This fix really falls across a couple of functional areas, some of which are really not named very usefully. What this is is an interaction between the memory allocator, finalization subsystem, and the Win32 platform support...)

     
  • Don Porter
    Don Porter
    2001-01-31

    Registered patch as #103532

     
  • Jeffrey Hobbs
    Jeffrey Hobbs
    2001-03-31

    Logged In: YES
    user_id=72656

    fixed in 8.4a2cvs. This also fixed the problem in 8.4a2
    where dynamically loading Tk in tclsh on Windows would
    cause a memory error upon exiting.

     
  • Jeffrey Hobbs
    Jeffrey Hobbs
    2001-03-31

    • milestone: 102436 --> obsolete: 8.3.1
    • labels: 105646 --> 02. Event Loops
    • status: open --> open
     
  • Jeffrey Hobbs
    Jeffrey Hobbs
    2001-04-03

    Logged In: YES
    user_id=72656

    forgot to mark this closed...

     
  • Jeffrey Hobbs
    Jeffrey Hobbs
    2001-04-03

    • status: open --> closed-fixed