DLL 里面使用TLS (Local Thread Storage) 的常见做法是:在DLLMain的DLL_PROCESS_ATTACH/DLL_THREAD_ATTACH 被调用的时候为每个线程(Thread)分配内存,而在DLL_THREAD_DETACH/DLL_PROCESS_DETACH 被调用的时候释放内存。 MSDN文章《Using Thread Local Storage in a Dynamic-Link Library》 上有这样的示例代码。
BOOL WINAPI DllMain(HINSTANCE hinstDLL, // DLL module handle
DWORD fdwReason, // reason called
LPVOID lpvReserved) // reserved
{
LPVOID lpvData;
BOOL fIgnore;
switch (fdwReason)
{
case DLL_PROCESS_ATTACH:
// Allocate a TLS index.
if ((dwTlsIndex = TlsAlloc()) == TLS_OUT_OF_INDEXES) return FALSE;
case DLL_THREAD_ATTACH:
lpvData = (LPVOID) LocalAlloc(LPTR, 256); //为每个Thread分配内存
if (lpvData != NULL)
fIgnore = TlsSetValue(dwTlsIndex, lpvData);
break;
case DLL_THREAD_DETACH:
lpvData = TlsGetValue(dwTlsIndex);
if (lpvData != NULL)
LocalFree((HLOCAL) lpvData); //释放内存
break;
case DLL_PROCESS_DETACH:
lpvData = TlsGetValue(dwTlsIndex);
if (lpvData != NULL)
LocalFree((HLOCAL) lpvData); //释放内存
TlsFree(dwTlsIndex);
break;
default:
break;
}
return TRUE;
}
这段代码认为DLL_THREAD_DETACH 总是会被调用, 但实际情况并非如此。在某些情况下DLL_THREAD_DETACH并不会被调用, 结果造成内存泄漏。 接下来做2个简单实验说明这个问题。
实验代码:
typedef void (__stdcall *FNSLEEP)();
void CallTestDLL()
{
FNSLEEP pfnSleep = (FNSLEEP)::GetProcAddress(g_hDLLModule, "DoSleep");
ATLASSERT(pfnSleep);
(*pfnSleep)();
}
DWORD WINAPI ThreadProc( LPVOID lpParam)
{
CallTestDLL();
return 0;
}
g_hDLLModule = ::LoadLibrary(_T("TestDLL.dll"));
ATLTRACE("[Thread %d] LoadLibrary=0x%.8x/n", ::GetCurrentThreadId());
CallTestDLL();
const int MAX_THREAD = 2;
HANDLE hThread[MAX_THREAD];
for (int i=0; i < MAX_THREAD; i++)
{
hThread[i] = ::CreateThread(NULL, 0, ThreadProc, 0, 0, NULL);
}
Sleep(MAX_THREAD * 1000);
::FreeLibrary(g_hDLLModule);
输出结果1:
[Thread 4976] DLL_PROCESS_ATTACH //主线程
[Thread 4976] LoadLibrary=0x0ecbf9d4
[Thread 4976] DoSleep() in DLL
[Thread 7860] DLL_THREAD_ATTACH //CreateThread 产生的线程
[Thread 736] DLL_THREAD_ATTACH //CreateThread 产生的线程
[Thread 736] DoSleep() in DLL
[Thread 7860] DoSleep() in DLL
[Thread 736] DLL_THREAD_DETACH
[Thread 7860] DLL_THREAD_DETACH
[Thread 4976] DLL_PROCESS_DETACH //主线程
以上输入结果我们看到每个Thread 调用DLL函数DoSleep 立即结束,这时候DLL_THREAD_DETACH 被正常调用。 这时只要候稍微改一下代码,会看到完全不同的结果。
DWORD WINAPI ThreadProc( LPVOID lpParam)
{
CallTestDLL();
DoSomethingElse(); // 延迟线程结束
return 0;
}
输出结果2:
[Thread 7448] DLL_PROCESS_ATTACH //主线程
[Thread 7448] LoadLibrary=0x0b1cf9d4
[Thread 7448] DoSleep() in DLL
[Thread 6872] DLL_THREAD_ATTACH
[Thread 6556] DLL_THREAD_ATTACH
[Thread 6556] DoSleep() in DLL
[Thread 6872] DoSleep() in DLL
[Thread 7448] DLL_PROCESS_DETACH //主线程
我们发现,CreateThread 产生的线程并没有调用DLL_THREAD_DETACH 。
结论:
如果是线程在DLL被卸载(调用FreeLibrary) 之前结束,则DLL_THREAD_DETACH 会被调用。 如果线程在DLL卸载之后结束,则DLL_THREAD_DETACH 不会被调用。