[Bug nptl/12310] New: pthread_exit() in main thread segfaults when statically-linked

[Bug nptl/12310] New: pthread_exit() in main thread segfaults when statically-linked

[mrs@mythic-beasts.com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

           Summary: pthread_exit() in main thread segfaults when
                    statically-linked
           Product: glibc
           Version: 2.11
            Status: NEW
          Severity: minor
          Priority: P2
         Component: nptl
        AssignedTo: drepper.fsp@gmail.com
        ReportedBy: mrs@mythic-beasts.com


Calling pthread_exit() in the main thread segfaults in a
statically-linked executable.

$ cat pthread-exit-main.c 
#include <pthread.h>
int main() {
  pthread_exit(NULL);
  return 1;
}

$ gcc -Wall pthread-exit-main.c -o pthread-exit-main
$ ./pthread-exit-main 
$ echo $?
0
$ gcc -Wall pthread-exit-main.c -o pthread-exit-main -static -lpthread
$ ./pthread-exit-main 
Segmentation fault

$ gdb ./pthread-exit-main 
(gdb) run
Starting program: /home/mseaborn/test/pthread-exit-main 

Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()

This was with glibc 2.11.1 on Ubuntu Lucid.  I have also seen this
with glibc 2.9.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[siddhesh at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

Siddhesh Poyarekar <siddhesh at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |siddhesh at redhat dot com

--- Comment #1 from Siddhesh Poyarekar <siddhesh at redhat dot com> 2012-05-08 17:31:47 UTC ---
I am not able to reproduce this on trunk.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[schwab@linux-m68k.org]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

Andreas Schwab <schwab@linux-m68k.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         AssignedTo|drepper.fsp at gmail dot    |unassigned at sourceware
                   |com                         |dot org

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[wintersonnenwende at yandex dot ru]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

Vladimir Nikulichev <wintersonnenwende at yandex dot ru> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |wintersonnenwende at yandex
                   |                            |dot ru

--- Comment #2 from Vladimir Nikulichev <wintersonnenwende at yandex dot ru> 2013-05-17 14:14:23 UTC ---
I reproduced it with glibc 2.12.2, gcc 4.4.6, binutils 2.20.1.
It is a linking issue. Look at a file csu/libc-start.c:

//=======================================================

  extern unsigned int __nptl_nthreads __attribute ((weak));
  unsigned int *const ptr = &__nptl_nthreads;

    if (! atomic_decrement_and_test (ptr))
  /* Not much left to do but to exit the thread, not the process.  */
  __exit_thread (0);

//=======================================================

This atomic_decrement_and_test finally looks like this:
0x0000000000400629 <+489>:    lock decl -0x400630(%rip)        # 0x0
0x0000000000400630 <+496>:    sete   %dl

So it seems that address of __nptl_nthreads became NULL after linking. The
variable is stored in file nptl/pthread_create.c. The program above will work
fine if you add dummy call to pthread_create():

$ cat exit.c 
#include <pthread.h>

void foo() {
  pthread_create(NULL, NULL, NULL, NULL);
}

int main() {
  pthread_exit(NULL);
  return 1;
}
$ gcc exit.c -static -lpthread
$ ./a.out
$ echo $?
0
$ objdump -d ./a.out
# .................
409e09:       f0 ff 0d 40 62 29 00    lock decl 0x296240(%rip)        # 6a0050
<__nptl_nthreads>
409e10:       0f 94 c2                sete   %dl
# .................

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[wintersonnenwende at yandex dot ru]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

--- Comment #3 from Vladimir Nikulichev <wintersonnenwende at yandex dot ru> 2013-05-17 14:29:13 UTC ---
I guess nobody expected static program working with threads but not invoking
pthread_create() anywhere. So in real cases weak reference doesn't make
problems
Obvious solution could be adding reference to __nptl_nthreads in pthread_exit.c

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[carlos at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

Carlos O'Donell <carlos at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |WAITING
                 CC|                            |carlos at redhat dot com

--- Comment #4 from Carlos O'Donell <carlos at redhat dot com> 2013-05-23 14:02:19 UTC ---
(In reply to comment #3)
> I guess nobody expected static program working with threads but not invoking
> pthread_create() anywhere. So in real cases weak reference doesn't make
> problems
> Obvious solution could be adding reference to __nptl_nthreads in pthread_exit.c

The fact that this doesn't crash in master is sheer luck.

In the non-static case the forwarder calls exit() when you ask for
pthread_exit() and everything works correctly. In the static case you actually
call pthread_exit() and it breaks because nothing included __nptl_nthreads from
pthread_create.os and that means it has a zero value.

Static linking should work for all reasonable cases.

This case is reasonable because the main thread is a real thread and you should
be able to exit from it using pthread_exit.

We need a reference to __nptl_nthreads as you suggest. Doing so will pull in
all of pthread_exit.os into the application image, so it might grow a little in
size. I don't see that as a problem.

Please post a patch to libc-alpha@sourceware.org to fix this.

I suggest building glibc master, and testing the patch with that, and making
sure `make -k check' doesn't show any regressions.

See:
http://sourceware.org/glibc/wiki/Testing/Builds
and
http://sourceware.org/glibc/wiki/Contribution%20checklist

Your change is sufficiently minimal that it probably falls below the legally
significant barrier and doesn't require a copyright assignment. However, if you
plan to contribute more changes then we strongly recommend signing a copyright
assignment for glibc to the FSF (or whatever you want to do e.g. individual
disclaimer).

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[wintersonnenwende at yandex dot ru]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

--- Comment #5 from Vladimir Nikulichev <wintersonnenwende at yandex dot ru> ---
There are two another solutions:

1) Move __nptl_nthreads to separate object file and don't mark the reference as
weak. I think it is better semantically.
2) Check if &__nptl_nthreads == NULL in libc-start.

What do you think about it?

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[carlos at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

--- Comment #6 from Carlos O'Donell <carlos at redhat dot com> ---
(In reply to Vladimir Nikulichev from comment #5)
> There are two another solutions:
> 
> 1) Move __nptl_nthreads to separate object file and don't mark the reference
> as weak. I think it is better semantically.

Please investigate having pthread_exit reference __nptl_nthreads. We don't want
to unconditionally include __nptl_nthreads if we can avoid it.

> 2) Check if &__nptl_nthreads == NULL in libc-start.

This isn't needed if pthread_exit correctly references all of the data that it
needs. Keeping the code simpler is better for maintenance.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[v.nikulichev at gmail dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

Vladimir Nikulichev <v.nikulichev at gmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |v.nikulichev at gmail dot com

--- Comment #7 from Vladimir Nikulichev <v.nikulichev at gmail dot com> ---
I sent a patch to libc-alpha@sourceware.org

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[v.nikulichev at gmail dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

--- Comment #8 from Vladimir Nikulichev <v.nikulichev at gmail dot com> ---
Obviously better fix (sent another patch):

http://sourceware.org/ml/libc-alpha/2013-06/msg00862.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[carlos at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

Carlos O'Donell <carlos at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|WAITING                     |NEW

--- Comment #9 from Carlos O'Donell <carlos at redhat dot com> ---
~~~ Vladimir Nikulichev 2013-06-23 14:56:33 UTC ~~~
Obviously better fix (sent another patch):

http://sourceware.org/ml/libc-alpha/2013-06/msg00862.html.
~~~

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[carlos at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

Carlos O'Donell <carlos at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|v.nikulichev at gmail dot com      |

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[carlos at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

Carlos O'Donell <carlos at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|wintersonnenwende at yandex dot ru |

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[carlos at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

Carlos O'Donell <carlos at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |v.nikulichev at gmail dot com

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[carlos at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12310

Carlos O'Donell <carlos at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #10 from Carlos O'Donell <carlos at redhat dot com> ---
Fixed.

commit 963509c045d192b5a27891617b907fb857042f36
Author: Vladimir Nikulichev <v.nikulichev@gmail.com>
Date:   Mon Jun 24 17:08:07 2013 -0400

    BZ #12310: pthread_exit in static app. segfaults

    Static applications that call pthread_exit on the main
    thread segfault. This is because after a thread terminates
    __libc_start_main decrements __nptl_nthreads which is only
    defined in pthread_create. Therefore the right solution is
    to add a requirement to pthread_create from pthread_exit.

    ~~~
    nptl/

    2013-06-24  Vladimir Nikulichev  <v.nikulichev@gmail.com>

        [BZ #12310]
        * pthread_exit.c: Add reference to pthread_create.

---

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug nptl/12310] pthread_exit() in main thread segfaults when statically-linked

[fweimer at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=12310

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|                            |security-

-- 
You are receiving this mail because:
You are on the CC list for the bug.