From Bugzilla Helper: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.0.3705; .NET CLR 1.1.4322) Description of problem: Calling pthread_join with an invalid/old pthread_t handle seg faults. Expect ESRCH to be returned. Version-Release number of selected component (if applicable): glibc-2.3.2-27.9 How reproducible: Always Steps to Reproduce: 1.Create a simple program: #include <pthread.h> main() { int rc = pthread_join( 0, NULL ); } 2.compile it with -lpthread 3.run it Actual Results: it will seg fault on the pthread_join call Expected Results: rc will be set to ESRCH Additional info: works fine in Red Hat 8 and 7.3
See http://www.opengroup.org/austin/aardvark/finaltext/xshbug.txt
I don't see anything in the text that states that the pthread_join( invalid_value, NULL ) should be allowed to fault. The specification says: The pthread_join() function shall fail if: [EINVAL] The implementation has detected that the value specified by thread does not refer to a joinable thread. [ESRCH] No thread could be found corresponding to that specified by the given thread I have 1000's of business customers that will be impacted by this bug when they move up to Red Hat 9. My only solution will be to move off of Red Hat to another distro like SuSE that does not have this problem. I also don't understand why this was changed from previous versions of Red Hat and why this only seems to affect Red Hat's version of pThreads. confused and looking for a break....Mark.
Technical Corrigendum 2 changed that to: The pthread_join() function may fail if: [EINVAL] The implementation has detected that the value specified by thread does not refer to a joinable thread. Passing invalid handle to pthread_join is like passing invalid pointer to a system call. The implementation may detect it and signal it in errno, but it may crash as well. There are 2 different POSIX threads implementations on Red Hat Linux - linuxthreads, where pthread_t handle is a small integer (and the number of threads is substantially limited) - NPTL (the default, pthread_t is internally a pointer so that there are no arbitrary thread limits) You can request the old-fashioned threading library with LD_ASSUME_KERNEL=2.4.19 in the environment. For NPTL where pthread_t is a pointer, pthread_join detects some invalid handles where it can be done cheaply. But detecting all possible invalid handles would be very costly (the implementation would basically have to take a global lock and iterate over all currently running threads, comparing the handle with each of them. With say 100000 running threads you can see how costly it is). This testcase works on SuSE since SuSE only ships the old-fashioned non-scalable linuxthreads implementation.
Ok, I understand the implementation rational. However, I would think that a simple 0/NULL check would be a common/fast/standard check done on ALL input pointers before any dereference. Can I at least get that much fixed?