This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug linuxthreads/4338] pthread_create / pthread_exit -- use of partially uninitialized buffer

From: "poletto at jeuxvideo dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: 11 Apr 2007 07:19:18 -0000
Subject: [Bug linuxthreads/4338] pthread_create / pthread_exit -- use of partially uninitialized buffer
References: <20070410164327.4338.poletto@jeuxvideo.com>
Reply-to: sourceware-bugzilla at sourceware dot org

------- Additional Comments From poletto at jeuxvideo dot com  2007-04-11 08:19 -------
(In reply to comment #1)
> Subject: Re:  New: pthread_create / pthread_exit -- use of partially
uninitialized buffer
> 
> Hello,
> 
> You attempt to "nullize" a null pointer (param) in thread_func().
> What's happen if you remove param = NULL ?
> 
> > static void * thread_func (void * param)
> > {
> >        param = NULL;
> > 
> >        printf ("Thread created\n");
> >        usleep(200000);
> >        printf ("Thread working\n");
> >        usleep(1200000);
> >        printf ("Thread ended\n");
> >        pthread_exit(NULL);
> > }
> 
> Regards,
> Michael Vergoz
> 
> 

Hi,
It's the same if i remove this line. It was just to avoid the "unused parameter"
warning.
By the way, we can see some leaks and some file descriptors unclosed (pipe
communication for the thread, maybe), if i increase memory error detection.
(note that unclosed file descriptors 0, 1 and 2 are normal)

$ valgrind -q --track-fds=yes --leak-check=full --leak-resolution=high
--show-reachable=yes ./a.out
==5053== Syscall param write(buf) points to uninitialised byte(s)
==5053==    at 0x403A7FB: write (in /lib/i686/libpthread-0.10.so)
==5053==    by 0x4036BEB: pthread_create@@GLIBC_2.1 (in
/lib/i686/libpthread-0.10.so)
==5053==    by 0x8048505: main (in ***/a.out)
==5053==  Address 0xBEFFD800 is on thread 1's stack
==5053==
==5053== Syscall param write(buf) points to uninitialised byte(s)
==5053==    at 0x403A7FB: write (in /lib/i686/libpthread-0.10.so)
==5053==    by 0x8048505: main (in ***/a.out)
==5053==  Address 0xBEFFD8FC is on thread 1's stack
Thread created
Printing on main thread
Thread working
Main thread working...
Main thread waiting for created thread
Thread ended
==5053==
==5053== Syscall param write(buf) points to uninitialised byte(s)
==5053==    at 0x403A7FB: write (in /lib/i686/libpthread-0.10.so)
==5053==    by 0x8048569: main (in ***/a.out)
==5053==  Address 0xBEFFD8DC is on thread 1's stack
Program end
==5053==
==5053== Syscall param write(buf) points to uninitialised byte(s)
==5053==    at 0x403A7FB: write (in /lib/i686/libpthread-0.10.so)
==5053==    by 0x40A99EF: exit (in /lib/i686/libc-2.3.2.so)
==5053==    by 0x4094A6E: (below main) (in /lib/i686/libc-2.3.2.so)
==5053==  Address 0xBEFFD8EC is on thread 1's stack
==5053== FILE DESCRIPTORS: 5 open at exit.
==5053== Open file descriptor 4:
==5053==    at 0x41541ED: pipe (in /lib/i686/libc-2.3.2.so)
==5053==    by 0x4036BEB: pthread_create@@GLIBC_2.1 (in
/lib/i686/libpthread-0.10.so)
==5053==    by 0x8048505: main (in ***/a.out)
==5053==
==5053== Open file descriptor 3:
==5053==    at 0x41541ED: pipe (in /lib/i686/libc-2.3.2.so)
==5053==    by 0x4036BEB: pthread_create@@GLIBC_2.1 (in
/lib/i686/libpthread-0.10.so)
==5053==    by 0x8048505: main (in ***/a.out)
==5053==
==5053== Open file descriptor 2: /dev/pts/2
==5053==    <inherited from parent>
==5053==
==5053== Open file descriptor 1: /dev/pts/2
==5053==    <inherited from parent>
==5053==
==5053== Open file descriptor 0: /dev/pts/2
==5053==    <inherited from parent>
==5053==
==5053==
==5053==
==5053==
==5053== 68 bytes in 1 blocks are possibly lost in loss record 1 of 6
==5053==    at 0x401BC54: calloc (vg_replace_malloc.c:279)
==5053==    by 0x400EBE8: _dl_allocate_tls_storage (in /lib/ld-2.3.2.so)
==5053==    by 0x400EDD8: _dl_allocate_tls (in /lib/ld-2.3.2.so)
==5053==    by 0x403683C: __pthread_initialize_manager (in
/lib/i686/libpthread-0.10.so)
==5053==    by 0x4036BEB: pthread_create@@GLIBC_2.1 (in
/lib/i686/libpthread-0.10.so)
==5053==    by 0x8048505: main (in ***/a.out)
==5053==
==5053==
==5053== 68 bytes in 1 blocks are possibly lost in loss record 2 of 6
==5053==    at 0x401BC54: calloc (vg_replace_malloc.c:279)
==5053==    by 0x400EBE8: _dl_allocate_tls_storage (in /lib/ld-2.3.2.so)
==5053==    by 0x400EDD8: _dl_allocate_tls (in /lib/ld-2.3.2.so)
==5053==    by 0x403656B: __pthread_initialize_minimal (in
/lib/i686/libpthread-0.10.so)
==5053==    by 0x4033205: (within /lib/i686/libpthread-0.10.so)
==5053==    by 0x4032C52: (within /lib/i686/libpthread-0.10.so)
==5053==    by 0x400CC51: _dl_init (in /lib/ld-2.3.2.so)
==5053==    by 0x4000C5C: (within /lib/ld-2.3.2.so)
==5053==
==5053==
==5053== 520 bytes in 1 blocks are still reachable in loss record 3 of 6
==5053==    at 0x401BC54: calloc (vg_replace_malloc.c:279)
==5053==    by 0x400EAF7: _dl_tls_setup (in /lib/ld-2.3.2.so)
==5053==    by 0x403655C: __pthread_initialize_minimal (in
/lib/i686/libpthread-0.10.so)
==5053==    by 0x4033205: (within /lib/i686/libpthread-0.10.so)
==5053==    by 0x4032C52: (within /lib/i686/libpthread-0.10.so)
==5053==    by 0x400CC51: _dl_init (in /lib/ld-2.3.2.so)
==5053==    by 0x4000C5C: (within /lib/ld-2.3.2.so)
==5053==
==5053==
==5053== 1,288 bytes in 1 blocks are possibly lost in loss record 4 of 6
==5053==    at 0x401BE0C: memalign (vg_replace_malloc.c:332)
==5053==    by 0x400EBA1: _dl_allocate_tls_storage (in /lib/ld-2.3.2.so)
==5053==    by 0x400EDD8: _dl_allocate_tls (in /lib/ld-2.3.2.so)
==5053==    by 0x403683C: __pthread_initialize_manager (in
/lib/i686/libpthread-0.10.so)
==5053==    by 0x4036BEB: pthread_create@@GLIBC_2.1 (in
/lib/i686/libpthread-0.10.so)
==5053==    by 0x8048505: main (in ***/a.out)
==5053==
==5053==
==5053== 1,288 bytes in 1 blocks are possibly lost in loss record 5 of 6
==5053==    at 0x401BE0C: memalign (vg_replace_malloc.c:332)
==5053==    by 0x400EBA1: _dl_allocate_tls_storage (in /lib/ld-2.3.2.so)
==5053==    by 0x400EDD8: _dl_allocate_tls (in /lib/ld-2.3.2.so)
==5053==    by 0x403656B: __pthread_initialize_minimal (in
/lib/i686/libpthread-0.10.so)
==5053==    by 0x4033205: (within /lib/i686/libpthread-0.10.so)
==5053==    by 0x4032C52: (within /lib/i686/libpthread-0.10.so)
==5053==    by 0x400CC51: _dl_init (in /lib/ld-2.3.2.so)
==5053==    by 0x4000C5C: (within /lib/ld-2.3.2.so)


-- 


http://sourceware.org/bugzilla/show_bug.cgi?id=4338

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

Follow-Ups:
- Re: [Bug linuxthreads/4338] pthread_create / pthread_exit -- use of partially uninitialized buffer
  - From: Michael Vergoz

References:
- [Bug linuxthreads/4338] New: pthread_create / pthread_exit -- use of partially uninitialized buffer
  - From: poletto at jeuxvideo dot com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]