If you unload the latest libclang.dll from https://github.com/llvm/llvm-project/releases/download/llvmorg-21.1.0-rc3/LLVM-21.1.0-rc3-win64.exe (also happens for 20.x) the process crashes on exit. Minimal reproduction:

#include <Windows.h> int main() { auto libclang = LoadLibraryW(L"libclang.dll"); FreeLibrary(libclang); } 

Here is a screenshot of a crash on Windows Sandbox (Windows 10 Pro 22H2 19045.6216), nothing installed (notably no MSVC runtime at all):

The crash is a DEP violation trying to execute a nonexistent region. This happens because the atexit function passed to FlsAlloc ceases to exist when you unload the DLL. Cross referencing this function on module load shows the following code:

You are expected to call FlsFree for all the slots during DllMain with the DLL_PROCESS_DETACH reason. Searching the LLVM codebase for FlsAlloc shows two occurrences:

• llvm-project/libcxx/src/support/win32/thread_win32.cpp

  Line 199 in d0dc379

  DWORD index = FlsAlloc(__at_exit);

• llvm-project/llvm/lib/Support/rpmalloc/rpmalloc.c

  Line 3244 in d0dc379

  fls_key = FlsAlloc(&_rpmalloc_thread_destructor);

Looking at the disassembly around the FlsAlloc I see OpenProcessToken, which matches rpmalloc. There is an FlsFree in there, but it does not appear to be called correctly on DLL_PROCESS_DETACH.