RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1774115 - glibc: dlopen failure (e.g. of executable) should not corrupt TLS modid
Summary: glibc: dlopen failure (e.g. of executable) should not corrupt TLS modid
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: glibc
Version: 8.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: 8.3
Assignee: Florian Weimer
QA Contact: Sergey Kolosov
Zuzana Zoubkova
URL:
Whiteboard:
Depends On:
Blocks: 1819986
TreeView+ depends on / blocked
 
Reported: 2019-11-19 16:02 UTC by Florian Weimer
Modified: 2023-07-18 14:30 UTC (History)
9 users (show)

Fixed In Version: glibc-2.28-121.el8
Doc Type: Bug Fix
Doc Text:
.Assertion failures no longer occur during `pthread_create` Previously, the `glibc` dynamic loader did not roll back changes to the internal Thread Local Storage (TLS) module ID counter. As a consequence, an assertion failure in the `pthread_create` function could occur after the `dlopen` function had failed in certain ways. With this fix, the `glibc` dynamic loader updates the TLS module ID counter at a later point in time, after certain failures can no longer happen. As a result, the assertion failures no longer occur.
Clone Of:
Environment:
Last Closed: 2020-11-04 01:32:42 UTC
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1764223 0 unspecified CLOSED glibc: elf: Refuse to dlopen PIE objects [BZ #24323] 2023-07-18 14:30:35 UTC
Red Hat Product Errata RHSA-2020:4444 0 None None None 2020-11-04 01:33:13 UTC
Sourceware 16634 0 P2 RESOLVED Application calling dlopen("./a.out",...) may run into _dl_allocate_tls_init: Assertion `listp != ((void *)0)' failed! 2020-11-27 10:07:38 UTC
Sourceware 24930 0 P2 RESOLVED dlopen of PIE executable can result in _dl_allocate_tls_init assertion failure 2020-11-27 10:07:38 UTC

Description Florian Weimer 2019-11-19 16:02:05 UTC 
We should backport the final upstream fix for bug 1740039:

commit 77523d5e43cb5721c23855eb6045b0607a3b30a0
Author: Florian Weimer <fweimer>
Date:   Fri Oct 4 21:23:51 2019 +0200

    elf: Assign TLS modid later during dlopen [BZ #24930]
    
    Commit a42faf59d6d9f82e5293a9ebcc26d9c9e562b12b ("Fix BZ #16634.")
    attempted to fix a TLS modid consistency issue by adding additional
    checks to the open_verify function.  However, this is fragile
    because open_verify cannot reliably predict whether
    _dl_map_object_from_fd will later fail in the more complex cases
    (such as memory allocation failures).  Therefore, this commit
    assigns the TLS modid as late as possible.  At that point, the link
    map pointer will eventually be passed to _dl_close, which will undo
    the TLS modid assignment.
    
    Reviewed-by: Gabriel F. T. Gomes <gabrielftg.com>

And:

commit 7d3db434f910c23591f748a6d0ac3548af1048bb
Author: Florian Weimer <fweimer>
Date:   Thu Oct 17 08:51:21 2019 +0200

    Rename and split elf/tst-dlopen-aout collection of tests
    
    From the beginning, elf/tst-dlopen-aout has exercised two different
    bugs: (a) failure to report errors for a dlopen of the executable
    itself in some cases (bug 24900) and (b) incorrect rollback of the
    TLS modid allocation in case of a dlopen failure (bug 16634).
    
    This commit replaces the test with elf/tst-dlopen-self for (a) and
    elf/tst-dlopen-tlsmodid for (b).  The latter tests use the
    elf/tst-dlopen-self binaries (or iconv) with dlopen, so they are
    no longer self-dlopen tests.
    
    Tested on x86_64-linux-gnu and i686-linux-gnu, with a toolchain that
    does not default to PIE.

The test has a bit of a checkered history; we need to disentangle this and perhaps backport more changes.
Comment 5 Sergey Kolosov 2020-09-24 12:49:26 UTC 
Verified with the reproducer from https://bugzilla.redhat.com/show_bug.cgi?id=1740039#c0
Comment 8 errata-xmlrpc 2020-11-04 01:32:42 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: glibc security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4444
Note You need to log in before you can comment on or make changes to this bug.