This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug linuxthreads/4338] New: pthread_create / pthread_exit -- use of partially uninitialized buffer
- From: "poletto at jeuxvideo dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 10 Apr 2007 15:43:28 -0000
- Subject: [Bug linuxthreads/4338] New: pthread_create / pthread_exit -- use of partially uninitialized buffer
- Reply-to: sourceware-bugzilla at sourceware dot org
Hi,
Valgrind ( http://valgrind.org/ ) detects use of unitialized values when
pthread_create / pthread_exit are writing on thread's communication pipes.
We're using a quite old glibc (2.1), so maybe the problem is fixed now. (tell me)
Here is a sample thread-test-program :
#include <stdlib.h>
#include <stdio.h>
#include <pthread.h>
#include <unistd.h>
static void * thread_func (void * param)
{
param = NULL;
printf ("Thread created\n");
usleep(200000);
printf ("Thread working\n");
usleep(1200000);
printf ("Thread ended\n");
pthread_exit(NULL);
}
int main(void)
{
pthread_t thread_id;
if (pthread_create(&thread_id, NULL, thread_func, NULL) == 0)
{
printf ("Printing on main thread\n");
usleep(500000);
printf ("Main thread working...\n");
usleep(500000);
printf ("Main thread waiting for created thread\n");
pthread_join(thread_id, NULL);
}
printf ("Program end\n");
return 0;
}
Compiled with :
$ gcc -Wall -W testpthread.c -lrt
Here is the normal output :
$ ./a.out
Printing on main thread
Thread created
Thread working
Main thread working...
Main thread waiting for created thread
Thread ended
Program end
Here is valgrind's dump :
> valgrind ./a.out
==30172== Memcheck, a memory error detector.
==30172== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==30172== Using LibVEX rev 1732, a library for dynamic binary translation.
==30172== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==30172== Using valgrind-3.2.3, a dynamic binary instrumentation framework.
==30172== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==30172== For more details, rerun with: -v
==30172==
==30172== Syscall param write(buf) points to uninitialised byte(s)
==30172== at 0x403A7FB: write (in /lib/i686/libpthread-0.10.so)
==30172== by 0x4036BEB: pthread_create@@GLIBC_2.1 (in
/lib/i686/libpthread-0.10.so)
==30172== by 0x804850C: main (in ***/a.out)
==30172== Address 0xBEFFE800 is on thread 1's stack
==30172==
==30172== Syscall param write(buf) points to uninitialised byte(s)
==30172== at 0x403A7FB: write (in /lib/i686/libpthread-0.10.so)
==30172== by 0x804850C: main (in ***/a.out)
==30172== Address 0xBEFFE8FC is on thread 1's stack
Thread created
Printing on main thread
Thread working
Main thread working...
Main thread waiting for created thread
Thread ended
==30172==
==30172== Syscall param write(buf) points to uninitialised byte(s)
==30172== at 0x403A7FB: write (in /lib/i686/libpthread-0.10.so)
==30172== by 0x8048570: main (in ***/a.out)
==30172== Address 0xBEFFE8DC is on thread 1's stack
Program end
==30172==
==30172== Syscall param write(buf) points to uninitialised byte(s)
==30172== at 0x403A7FB: write (in /lib/i686/libpthread-0.10.so)
==30172== by 0x40A99EF: exit (in /lib/i686/libc-2.3.2.so)
==30172== by 0x4094A6E: (below main) (in /lib/i686/libc-2.3.2.so)
==30172== Address 0xBEFFE8EC is on thread 1's stack
==30172==
==30172== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 16 from 4)
==30172== malloc/free: in use at exit: 11,392 bytes in 6 blocks.
==30172== malloc/free: 8 allocs, 2 frees, 12,748 bytes allocated.
==30172== For counts of detected errors, rerun with: -v
==30172== searching for pointers to 6 not-freed blocks.
==30172== checked 328,352 bytes.
==30172==
==30172== LEAK SUMMARY:
==30172== definitely lost: 8,160 bytes in 1 blocks.
==30172== possibly lost: 2,712 bytes in 4 blocks.
==30172== still reachable: 520 bytes in 1 blocks.
==30172== suppressed: 0 bytes in 0 blocks.
==30172== Rerun with --leak-check=full to see details of leaked memory.
Thanks
--
Summary: pthread_create / pthread_exit -- use of partially
uninitialized buffer
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: linuxthreads
AssignedTo: drow at false dot org
ReportedBy: poletto at jeuxvideo dot com
CC: glibc-bugs at sources dot redhat dot com
GCC host triplet: linux-pc i386 glibc 2.1
http://sourceware.org/bugzilla/show_bug.cgi?id=4338
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.