Bug 1410154

Summary: glibc: Incomplete rollback of dynamic linker state on dlopen failure (NODELETE bug)
Product: Red Hat Enterprise Linux 8 Reporter: Paulo Andrade <pandrade>
Component: glibcAssignee: Florian Weimer <fweimer>
Status: CLOSED ERRATA QA Contact: qe-baseos-tools-bugs
Severity: medium Docs Contact: Sagar Dubewar <sdubewar>
Priority: medium    
Version: ---CC: ashankar, codonell, cww, dj, dkochuka, fweimer, kwalker, lkuprova, lmanasko, mnewsome, pfrankli, rmetrich, sdubewar, skolosov, woodard
Target Milestone: pre-dev-freezeKeywords: Bugfix
Target Release: 8.1   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: glibc-2.28-101.el8 Doc Type: Bug Fix
Doc Text:
.Unrelocated and uninitialized shared objects no longer result in failures if `dlopen` fails Previously, if the `dlopen` call failed, the `glibc` dynamic linker did not remove shared objects with the `NODELETE` mark before reporting the error. Consequently, the unrelocated and uninitialized shared objects remained in the process image, eventually resulting in assertion failures or crashes. With this update, the dynamic loader uses a pending `NODELETE` state to remove shared objects upon `dlopen` failure, before marking them as `NODELETE` permanently. As a result, the process does not leave any unrelocated objects behind. Also, lazy binding failures while ELF constructors and destructors run now terminate the process.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-04-28 16:50:14 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1393909, 1395758    
Bug Blocks: 1599298, 1679810    
Attachments:
Description Flags
Proposed patch none

Description Paulo Andrade 2017-01-04 15:34:40 UTC 
Unsure if it is a samba bug, but it should not crash.

  Steps to reproduce:

* Base 7.3 install
* yum install samba-winbind
* edit /etc/nsswitch.conf to show the following host line:

    hosts:      files wins dns myhostname

* systemctl start winbind
* ping redhat.com

  "Quick fix" could be to have /usr/lib64/samba/ in
LD_LIBRARY_PATH.

  The proper fix would likely to fix libnss_wins.so.2
link. Please let me know if the bug should be reassigned
to samba.

$ ldd /lib64/libnss_wins.so.2
	linux-vdso.so.1 =>  (0x00007ffefcf2d000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f683cd2a000)
	libwbclient.so.0 => /lib64/libwbclient.so.0 (0x00007f683cb1b000)
	libreplace-samba4.so => not found
	libc.so.6 => /lib64/libc.so.6 (0x00007f683c759000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f683d15e000)
	libwinbind-client-samba4.so => /usr/lib64/samba/libwinbind-client-samba4.so (0x00007f683c555000)
	libreplace-samba4.so => /usr/lib64/samba/libreplace-samba4.so (0x00007f683c351000)
Comment 1 Florian Weimer 2017-01-04 15:57:14 UTC 
This is both a Samba bug (wrong search path/DSO location) and glibc bug (we should report and error and not crash).

This is fixed upstream.  The fix involves some ld.so cleanup, but should be backportable.
Comment 6 Florian Weimer 2018-11-20 09:35:02 UTC 
The first upstream bug (16628) will be fixed in Red Hat Enterprise Linux 8.  The second bug still needs to be fixed upstream.
Comment 7 Carlos O'Donell 2019-10-01 13:10:23 UTC 
*** Bug 1500128 has been marked as a duplicate of this bug. ***
Comment 10 Florian Weimer 2019-12-09 13:21:02 UTC 
Created attachment 1643297 [details]
Proposed patch

The last three patches still await upstream review.
Comment 18 Florian Weimer 2020-01-16 13:44:20 UTC 
Upstream testing revealed that the fix is incomplete. We need to backport the fix for this bug as well: https://sourceware.org/bugzilla/show_bug.cgi?id=25396
Comment 22 Florian Weimer 2020-01-17 02:44:06 UTC 
(In reply to Florian Weimer from comment #18)
> Upstream testing revealed that the fix is incomplete. We need to backport
> the fix for this bug as well:
> https://sourceware.org/bugzilla/show_bug.cgi?id=25396

These fixes are included in glibc-2.28-101.el8.
Comment 27 Sagar Dubewar 2020-01-20 05:59:34 UTC 
ok. updating the doc_text_flag to +.
Comment 32 Sergey Kolosov 2020-03-16 19:28:23 UTC 
Verified with elf/tst-dlopen-nodelete-reloc, elf/tst-initfinilazyfail, 
elf/tst-dlopenfail, elf/tst-dlopenfail-2
Comment 34 errata-xmlrpc 2020-04-28 16:50:14 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:1828