6254 – pthread_exit crashes with SIGSEGV when a binary is compiled statically

Bug 6254 - pthread_exit crashes with SIGSEGV when a binary is compiled statically

Summary: pthread_exit crashes with SIGSEGV when a binary is compiled statically

Status:	NEW

Alias:	None

Product:	uClibc
Classification:	Unclassified
Component:	Threads (show other bugs)
Version:	0.9.33
Hardware:	PC Linux

Importance:	P5 critical
Target Milestone:	---
Assignee:	unassigned

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-05-20 07:07 UTC by A.V.
Modified:	2015-04-16 09:20 UTC (History)
CC List:	2 users (show)

See Also:
Host:
Target:
Build:

Attachments
Sample code (693 bytes, text/plain) 2013-05-20 07:07 UTC, A.V.	Details
buildroot config file (27.32 KB, text/plain) 2013-05-20 07:08 UTC, A.V.	Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description A.V. 2013-05-20 07:07:38 UTC

Created attachment 4898 [details]
Sample code

When compiling one of my applications with -static and uclibc, every detached thread crashes on exit as long as I use pthread_exit. 

It's reproducible with a minimal sample that I am attaching, and it only happens in static builds. There is no crash with the sample when using glibc with static linking. 

When running the sample with a dynamic compilation ( "i586-linux-gcc -pthread -o test detached.c" ), this is the result:

# ./test 
Main: creating thread
Thread starting...
Thread done.
Main: program completed. Exiting.
# 


When compiling a static binary using "i586-linux-gcc -static -pthread -o test detached.c", this is the result:

# ./test 
Main: creating thread
Thread starting...
Thread done.
Segmentation fault
# 


Using gdb to backtrace the crash gives this result:

Program received signal SIGSEGV, Segmentation fault.
[Switching to LWP 12596]
0x00000000 in ?? ()
(gdb) bt
#0  0x00000000 in ?? ()
#1  0x0804baf1 in siglongjmp ()
#2  0x0804ab19 in ?? ()
#3  0x08055cd1 in _Unwind_ForcedUnwind_Phase2 (exc=exc@entry=0xf778fdf0, context=context@entry=0xf778fa14)
    at /mnt/External/toolchains/buildroot-2013.02/output/toolchain/gcc-4.7.2/libgcc/unwind.inc:163
#4  0x080560fc in _Unwind_ForcedUnwind (exc=0xf778fdf0, stop=0x804aa40, stop_argument=0xf778fb34)
    at /mnt/External/toolchains/buildroot-2013.02/output/toolchain/gcc-4.7.2/libgcc/unwind.inc:207
#5  0x0804aba9 in __pthread_unwind ()
#6  0x0804a1ae in pthread_exit ()
#7  0x080489d2 in doWork ()


The siglongjmp seems to be trying to jump to NULL, so my limited knowledge makes me think there's some function not being added to the final binary in the static linking and ending up being NULL in the table.

Dynamic builds work as expected. Removing pthread_exit(NULL) from the thread function makes the thread end gracefully as far as I can tell. According to the manpage for pthread_exit, "Performing a return from the start function of any thread other than the main thread results in an implicit call to pthread_exit()", so I'm not sure if there isn't another bug hidden there.

This should be easily reproduced on linux using buildroot-2013.02 with the attached .config file. Also tested selecting gcc 4.6 in buildroot, with the same result.

Comment 1 A.V. 2013-05-20 07:08:29 UTC

Created attachment 4904 [details]
buildroot config file

Comment 2 A.V. 2013-05-21 00:49:54 UTC

I forgot to say: as the .config file shows, this happens with NPTL enabled. Haven't tried linuxthreads.