Bug 172761 - Crash on pthread_exit() or pthread_self()
Crash on pthread_exit() or pthread_self()
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: glibc (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jakub Jelinek
Brian Brock
:
Depends On:
Blocks: 168429
  Show dependency treegraph
 
Reported: 2005-11-09 04:54 EST by Bastien Nocera
Modified: 2007-11-30 17:07 EST (History)
3 users (show)

See Also:
Fixed In Version: RHBA-2006-0124
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-03-07 13:25:53 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
pthread_exit_test.c (1.06 KB, text/plain)
2005-11-09 04:54 EST, Bastien Nocera
no flags Details
glibc-dtv-is_static.patch (16.29 KB, patch)
2005-11-22 15:55 EST, Jakub Jelinek
no flags Details | Diff

  None (edit)
Description Bastien Nocera 2005-11-09 04:54:45 EST
glibc-2.3.4-2.13

The attached testcase crashes (sometimes) on either pthread_exit(), or while
printing the pthread_self() inside the thread itself.

while ./pthread_exit_test ; do : ; done

#0  0x009d10cc in mempcpy () from /lib/tls/libc.so.6
#1  0x009c4e43 in _IO_new_file_xsputn (f=0xa8d5e0, data=0xb7fe6ddc, n=28)
    at fileops.c:1319
#2  0x009a0c49 in buffered_vfprintf (s=0xa8d5e0,
    format=0x8048730 "Thread %lu exiting..\n", args=Variable "args" is not
available.
) at vfprintf.c:2144
#3  0x009a0deb in _IO_vfprintf (s=0xa8d5e0,
    format=0x8048730 "Thread %lu exiting..\n", ap=0xb7fe9434
"\uffff\233\uffff\uffff\uffff\233\uffff\uffff")
    at vfprintf.c:1246
#4  0x009a9450 in printf (format=0x1c "") at printf.c:34
#5  0x080484ce in helper_routine (arg=0x0) at pthread_exit_test.c:12
#6  0x00bae341 in start_thread (arg=0xb7fe9bb0) at pthread_create.c:261
#7  0x00a2e6fe in clone () from /lib/tls/libc.so.6

#0  0x0094e7a2 in _dl_sysinfo_int80 () at rtld.c:576
#1  0x0098e7d5 in raise () at ../string/bits/string2.h:1000
#2  0x00990149 in abort () at ../string/bits/string2.h:1000
#3  0x009c240a in __libc_message (do_abort=2,
    fmt=0xa83c44 "*** glibc detected *** %s: 0x%s ***\n")
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:145
#4  0x009c8b3f in _int_free (av=0xa8e820, mem=0xb7fe9b88) at malloc.c:5525
#5  0x009c8eba in __libc_free (mem=0xb7fe9b88) at malloc.c:3404
#6  0x0095ca5d in ___tls_get_addr (ti=0xa8ce30)
    at ../sysdeps/generic/dl-tls.c:670
#7  0x00a64c6b in __libc_dl_error_tsd () at dl-tsd.c:53
#8  0x0095a045 in _dl_catch_error (objname=0xb7fe93c0, errstring=0xb7fe93c4,
    operate=0xa64760 <do_dlsym>, args=0xb7fe93c8) at dl-error.c:155
#9  0x00a648be in *__GI___libc_dlsym (map=0x90340f8,
    name=0xbb5cad "_Unwind_Resume") at dl-libc.c:42
#10 0x00bb52f0 in _Unwind_ForcedUnwind (exc=0x0, stop=0, stop_argument=0x0)
    at ../nptl/sysdeps/pthread/unwind-forcedunwind.c:44
#11 0x00bb2f81 in __pthread_unwind (buf=Variable "buf" is not available.
) at unwind.c:130
#12 0x00baef00 in __pthread_exit (value=0x0) at pthreadP.h:158
#13 0x080484db in helper_routine (arg=0x0) at pthread_exit_test.c:13
#14 0x00bae341 in start_thread (arg=0xb7fe9bb0) at pthread_create.c:261
#15 0x00a2e6fe in clone () from /lib/tls/libc.so.6
Comment 1 Bastien Nocera 2005-11-09 04:54:47 EST
Created attachment 120837 [details]
pthread_exit_test.c
Comment 4 Didier Drigues 2005-11-14 12:09:59 EST
Also reproductible on RHEL4u1 (glibc-2.3.4-2.9)
Comment 6 Jakub Jelinek 2005-11-22 15:55:34 EST
Created attachment 121371 [details]
glibc-dtv-is_static.patch

Patch that should cure the crashes in free called from __tls_get_addr.
Comment 22 Red Hat Bugzilla 2006-03-07 13:25:22 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2006-0124.html
Comment 23 Red Hat Bugzilla 2006-03-07 13:25:54 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2006-0124.html

Note You need to log in before you can comment on or make changes to this bug.