[Bug 1982326] Re: race between exit() and pthread_exit() with static linking

Francesco Lavra 1982326 at bugs.launchpad.net
Wed Jul 27 08:27:06 UTC 2022 

I searched the glibc bug list in Sourceware Bugzilla, but couldn't find
any bug report on this.

I tried with glibc 2.35 from 22.04, and yes, the issue is present there too, although it happens less frequently (but this is most likely due to differences in the kernel scheduler, because the test binary built with glibc 2.35 on 22.04 fails when run on 18.04 just like the binary built on 18.04).
I found a way to trigger the issue reliably also when running the test program on 22.04: just uncomment the commented code in the source, rebuild, and then run with `while true; do ../thread_test || break; done`. From the output I can see that _Unwind_Find_FDE() sometimes returns NULL, and eventually II get the usual `Aborted (core dumped)` message.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/1982326

Title:
  race between exit() and pthread_exit() with static linking

Status in glibc package in Ubuntu:
  New

Bug description:
  When statically linking a C multi-threaded application, there is a race between pthread_exit() and exit() which may cause pthread_exit() to abort the program.
  It appears the issue is due to the forced unwind executed by pthread_exit() failing because _Unwind_Find_FDE() returns NULL. Apparently, _Unwind_Find_FDE() returns NULL after __deregister_frame_info_bases() is called as part of the exit handlers invoked by exit().
  The issue is easily reproducible (in my machine it occurs approximately in 1 out of 3 runs) when running the attached sample program under strace.
  Steps to reproduce:
  - build the attached source with `gcc thread_test.c -lpthread -static -o thread_test`
  - run with `strace -f ./thread_test`

  Example output:
  ```
  <snip>
  [pid 28302] +++ killed by SIGABRT (core dumped) +++
  +++ killed by SIGABRT (core dumped) +++
  Aborted (core dumped)
  ```

  If the commented code in the sample source is uncommented, we can
  confirm that _Unwind_Find_FDE() sometimes returns NULL.

  Ubuntu 18.04.6 LTS
  Package: libc6 2.27-3ubuntu1.6
  Source package: https://launchpad.net/ubuntu/+source/glibc/2.27-3ubuntu1.6

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1982326/+subscriptions

More information about the foundations-bugs mailing list