Skip to content

Fix mimalloc init crash when Windows TLS is exhausted #1202

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jinpzhanAMD wants to merge 1 commit into
base: dev3
Choose a base branch
from
Open

Fix mimalloc init crash when Windows TLS is exhausted #1202

jinpzhanAMD wants to merge 1 commit into from

Conversation

@jinpzhanAMD
Copy link

@jinpzhanAMD jinpzhanAMD commented Jan 19, 2026
edited
Loading

Summary
This PR fixes a startup crash in the bundled mimalloc on Windows observed in TLS-slot-heavy processes. The crash occurred during mimalloc initialization when allocating “fast TLS user slots”.

Problem
mimalloc’s Windows fast-path TLS model relies on directly accessing the TEB TlsSlots[64] array. Current implementation assumed TlsAlloc() would return a TLS index that fits into the first 63 entries.
In environments where many DLLs/layers already consume TLS indices, TlsAlloc() returns an index >= 63, which cannot be addressed via the TEB's fixed 64-slot array, resulted in _mi_error_message(EFAULT, ...), causing a crash during mimalloc initialization.

Solution

  • If the allocated TLS indices are >= 63, fall back to the Win32 TLS APIs (TlsGetValue/TlsSetValue) for correctness.
  • If TlsAlloc() fails with TLS_OUT_OF_INDEXES, fall back to compiler TLS (__declspec(thread)) to store the default/cached theap pointers, avoiding reliance on OS TLS indices.
  • Update the inline accessors in so reads and writes consistently follow the selected fallback mode.

Behavioral impact
Prevents mimalloc initialization from aborting in TLS-index-constrained processes.
Preserves the fast path when possible; uses progressively safer fallbacks only when required.
Expected minor performance impact only in the fallback modes.

@jinpzhanAMD jinpzhanAMD mentioned this pull request Jan 21, 2026
Closed
daanx added a commit that referenced this pull request Jan 31, 2026
@daanx
use Tls expansion slots on windows if direct slots are exhausted (see…
de0cb7e 
… also PR #1202)
@daanx
Copy link
Collaborator

daanx commented Jan 31, 2026

Hi @jinpzhanAMD -- thanks again for putting in the work on this PR! The original code was indeed counting on not more than 64 TlsAlloc's and that is clearly too low a limit. I looked at the PR but we need to write this code quite carefully as it is all meant to improve the fast path over regular thread_local variables. I pushed a commit that now uses the Tls expansion slots when needed and this should work up to 1088 TlsAlloc's (which is the maximum anyway).

I think this will also address your other PR with the recursive initialization: that was an artifact of the initial limit as the initial slot was now containing an abritrary value instead of NULL. Let me know how it goes!

@daanx daanx mentioned this pull request Jan 31, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jinpzhanAMD @daanx