Forwarding from https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1940296:

The timer_delete(2) man page states:

RETURN VALUE
       On success, timer_delete() returns 0. On failure, -1 is returned,
       and errno is set to indicate the error.

ERRORS
       EINVAL timerid is not a valid timer ID.

The following shows that this is not strictly true:

$ cat t.c

#include <time.h>
#include <stdlib.h>

int main(void)
{
        timer_t t = (timer_t)0xe236f38802c65008ULL;

        return timer_delete(t);
}

$ gcc t.c -lrt -g
./a.out
Segmentation fault (core dumped)

$ valgrind ./a.out
==30195== Memcheck, a memory error detector
==30195== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==30195== Using Valgrind-3.17.0 and LibVEX; rerun with -h for copyright info
==30195== Command: ./a.out
==30195==
==30195== Invalid read of size 4
==30195== at 0x487FBF7: timerid_to_kernel_timer (kernel-posix-timers.h:94)
==30195== by 0x487FBF7: timer_delete@@GLIBC_2.3.3 (timer_delete.c:35)
==30195== by 0x10916E: main (t.c:8)
==30195== Address 0xc46de710058ca010 is not stack'd, malloc'd or (recently) free'd
==30195==
==30195==
==30195== Process terminating with default action of signal 11 (SIGSEGV)
==30195== General Protection Fault
==30195== at 0x487FBF7: timerid_to_kernel_timer (kernel-posix-timers.h:94)
==30195== by 0x487FBF7: timer_delete@@GLIBC_2.3.3 (timer_delete.c:35)
==30195== by 0x10916E: main (t.c:8)
==30195==
==30195== HEAP SUMMARY:
==30195== in use at exit: 0 bytes in 0 blocks
==30195== total heap usage: 0 allocs, 0 frees, 0 bytes allocated
==30195==
==30195== All heap blocks were freed -- no leaks are possible
==30195==
==30195== For lists of detected and suppressed errors, rerun with: -s
==30195== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Segmentation fault (core dumped)

Similar things happen with timer_gettime and timer_settime.