pthread_key_create() gives zero as its first key

pthread_key_create() takes an address to a pthread_key_t and sets the key to what I presume is an index into an array. However, since keys tend to be global variables, they are automatically initialized to zero. Therefore, accessing thread-local storage with a key that was never passed to pthread_key_create() has the potential of clobbering data. A trivial fix would make the first key to be returned = 1, instead of 0. The zero'th element of the array should point to uninitialized memory so that trying to access a TLS entry based on an non-created key will cause a segfault.

Implementing the fix will make it easier for programmers to debug their code, and will limit the number of libraries that get shipped that inadvertently clobber user data. This bug was uncovered when a customer tried to use Cilk and jemalloc together. jemalloc wrote TLS data based on a key it had never created and ended up clobbering data in libcilkrts (eventually leading to a segfault). The jemalloc bug has been reported to their developers.

This is a bug in the glibc implementation, upstream, no doubt. But the GNU team encourages users to report bugs to their distributions, first.

ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: libc6 2.13-0ubuntu13
ProcVersionSignature: Ubuntu 2.6.38-11.50-generic 2.6.38.8
Uname: Linux 2.6.38-11-generic x86_64
NonfreeKernelModules: sep3_4 pax nvidia
Architecture: amd64
Date: Wed Oct 19 11:12:55 2011
ProcEnviron:
 LANGUAGE=en_US:en
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: eglibc
UpgradeStatus: Upgraded to natty on 2011-05-03 (168 days ago)