Bug 1812756

Summary: glibc: dlopen()ing a DT_FILTER library crashes if filtee has constructor
Product: Red Hat Enterprise Linux 8 Reporter: Divya <dbasant>
Component: glibcAssignee: Carlos O'Donell <codonell>
Status: CLOSED ERRATA QA Contact: qe-baseos-tools-bugs
Severity: high Docs Contact: Zuzana Zoubkova <zzoubkov>
Priority: high    
Version: 8.1CC: ashankar, codonell, cpippin, dj, fweimer, lmanasko, mnewsome, pfrankli, sipoyare, skolosov, vmukhame
Target Milestone: rcKeywords: Patch, Triaged
Target Release: 8.0   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: glibc-2.28-108.el8 Doc Type: Bug Fix
Doc Text:
.The `glibc` dynamic loader no longer fails while loading a shared library that uses `DT_FILTER` and has a constructor Prior to this update, a defect in the dynamic loader implementation of shared objects as filters caused the dynamic loader to fail while loading a shared library that uses a filter and has a constructor. With this release, the dynamic loader implementation of filters (`DT_FILTER`) has been fixed to correctly handle such shared libraries. As a result, the dynamic loader now works as expected in the mentioned scenario.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 01:33:21 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1819440, 1825061    

Description Divya 2020-03-12 05:34:18 UTC 
Description of problem:
Linking DSOs with  g++ --Wl,--filter=someDSO.so, and DSO produced can't be dlopened or feeded to ldd

$  ldd someDSO.so
Inconsistency detected by ld.so: dl-deps.c: 553: _dl_map_object_deps: Assertion `map->l_searchlist.r_list[0] == map' failed!


Version-Release number of selected component (if applicable):
glibc-2.28

How reproducible:
Always

Steps to Reproduce:
1. Set  DT_FILTER to a shared library as below: 

$ g++ --Wl,--filter=someDSO.so

2. Load the library using dlopen or just do ldd on it: 

$  ldd someDSO.so
Inconsistency detected by ld.so: dl-deps.c: 553: _dl_map_object_deps: Assertion `map->l_searchlist.r_list[0] == map' failed!



Actual results:
Crashes with Assertion message as below: 
Inconsistency detected by ld.so: dl-deps.c: 553: _dl_map_object_deps: Assertion `map->l_searchlist.r_list[0] == map' failed!

Expected results:
Library should load without any error/problem with DT_FILTER set to it.

Additional info:
Issue is reported in upstream at https://sourceware.org/bugzilla/show_bug.cgi?id=16272. 

I had provided a test package to the customer including fix from the upstream bugzilla and customer has confirmed that it fixes the issue.
Comment 1 Carlos O'Donell 2020-03-12 21:13:08 UTC 
*** Bug 1812757 has been marked as a duplicate of this bug. ***
Comment 3 Carlos O'Donell 2020-04-06 13:33:55 UTC 
We are planning to fix this in the upcoming RHEL 8.3.0 release.

I want to point out that the present DT_FILTER implementation may have issues with respect to function filtering that are considered out of scope for this bug.

We can continue to refine the implementation upstream. The exact semantics of DT_FILTER, DT_AUXFILTER are not the subject of this bug report and can be further examined upstream.
Comment 8 Sergey Kolosov 2020-07-26 10:04:43 UTC 
Verified with glibc testsuite and https://sourceware.org/bugzilla/show_bug.cgi?id=16272#c0 reproducer.
Comment 11 errata-xmlrpc 2020-11-04 01:33:21 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: glibc security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4444