GitLab

Ben Gamari pushed to branch wip/T25943 at Glasgow Haskell Compiler / GHC

Commits:

6d92d6b6

by Ben Gamari at 2025-05-02T11:14:35-04:00

rts/linker: Don't fail due to RTLD_NOW

In !12264 we started using the NativeObj machinery introduced some time
ago for loading of shared objects. One of the side-effects of this
change is shared objects are now loaded eagerly (i.e. with `RTLD_NOW`).
This is needed by NativeObj to ensure full visibility of the mappings of
the loaded object, which is in turn needed for safe shared object
unloading.

Unfortunately, this change subtly regressed, causing compilation
failures in some programs. Specifically, shared objects which refer to
undefined symbols (e.g. which may be usually provided by either the
executable image or libraries loaded via `dlopen`) will fail to load
with eager binding. This is problematic as GHC loads all package
dependencies while, e.g., evaluating TemplateHaskell splices. This
results in compilation failures in programs depending upon (but not
using at compile-time) packages with undefined symbol references.

To mitigate this NativeObj now first attempts to load an object via
eager binding, reverting to lazy binding (and disabling unloading) on
failure.

See Note [Don't fail due to RTLD_NOW].

Fixes #25943.

1 changed file:

rts/linker/LoadNativeObjPosix.c

Changes:

rts/linker/LoadNativeObjPosix.c

@@ -88,6 +88,26 @@ void freeNativeCode_POSIX (ObjectCode *nc) {
+   }
+ }
 +/*
 + * Note [Don't fail due to RTLD_NOW]
 + * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 + * If possible we want to load dynamic objects immediately (e.g. using RTLD_NOW)
 + * so that we can query their mappings and therefore be able to safely unload
 + * them. However, there are some cases where an object cannot be
 + * successfully eagerly loaded yet execution can nevertheless
 + * succeed with lazy binding. One such instance was found in #25943, where
 + * a library referenced undefined symbols. While this pattern is quite dodgy
 + * (really, these symbol references should be weakly bound in the library),
 + * previous GHC versions accepted such programs. Moreover, it is important that
 + * we are able to load such libraries since GHC insists on loading all package
 + * dependencies when, e.g., evaluating TemplateHaskell splices.
 + *
 + * To ensure that we don't fail to load such programs, we first attempt
 + * loading with RTLD_NOW and, if this fails, attempt to load again
 + * with lazy binding (taking care to mark the object as not unloadable in
 + * this case).
 + */
++
  void * loadNativeObj_POSIX (pathchar *path, char **errmsg)
+ {
     ObjectCode* nc;
@@ -99,7 +119,6 @@ void * loadNativeObj_POSIX (pathchar *path, char **errmsg)
     retval = NULL;
+-
     /* If we load the same object multiple times, just return the
      * already-loaded handle. Note that this is broken if unloadNativeObj
      * is used, as we don’t do any reference counting; see #24345.
@@ -116,6 +135,23 @@ void * loadNativeObj_POSIX (pathchar *path, char **errmsg)
     nc = mkOc(DYNAMIC_OBJECT, path, NULL, 0, false, NULL, 0);
 +   // If we HAVE_DLINFO, we use RTLD_NOW rather than RTLD_LAZY because we want
 +   // to learn eagerly about all external functions. Otherwise, there is no
 +   // additional advantage to being eager, so it is better to be lazy and only
 +   // bind functions when needed for better performance.
 +   //
 +   // Moreover, it is possible that loading will fail (e.g. if the library
 +   // being loaded depends upon symbols from a library which is not available);
 +   // in this case we will retry loading with load_now=false. See
 +   // Note [Don't fail due to RTLD_NOW]..
 +   bool load_now;
 +#if defined(HAVE_DLINFO)
 +   load_now = true;
 +#else
 +   load_now = false;
 +#endif
++
 +try_again:
     foreignExportsLoadingObject(nc);
     // When dlopen() loads a profiled dynamic library, it calls the ctors which
@@ -129,17 +165,7 @@ void * loadNativeObj_POSIX (pathchar *path, char **errmsg)
     ACQUIRE_LOCK(&ccs_mutex);
  #endif
 -   // If we HAVE_DLINFO, we use RTLD_NOW rather than RTLD_LAZY because we want
 -   // to learn eagerly about all external functions. Otherwise, there is no
 -   // additional advantage to being eager, so it is better to be lazy and only bind
 -   // functions when needed for better performance.
 -   int dlopen_mode;
 -#if defined(HAVE_DLINFO)
 -   dlopen_mode = RTLD_NOW;
 -#else
 -   dlopen_mode = RTLD_LAZY;
 -#endif
+-
 +   const int dlopen_mode = load_now ? RTLD_NOW : RTLD_LAZY;
     hdl = dlopen(path, dlopen_mode|RTLD_LOCAL); /* see Note [RTLD_LOCAL] */
     nc->dlopen_handle = hdl;
     nc->status = OBJECT_READY;
@@ -151,31 +177,42 @@ void * loadNativeObj_POSIX (pathchar *path, char **errmsg)
     foreignExportsFinishedLoadingObject();
     if (hdl == NULL) {
 -     /* dlopen failed; save the message in errmsg */
 -     copyErrmsg(errmsg, dlerror());
 -     goto dlopen_fail;
 +     if (load_now) {
 +       // See Note [Don't fail due to RTLD_NOW]
 +       load_now = false;
 +       goto try_again;
 +     } else {
 +       /* dlopen failed; save the message in errmsg */
 +       copyErrmsg(errmsg, dlerror());
 +       goto dlopen_fail;
 +     }
+    }
  #if defined(HAVE_DLINFO)
 -   struct link_map *map;
 -   if (dlinfo(hdl, RTLD_DI_LINKMAP, &map) == -1) {
 -     /* dlinfo failed; save the message in errmsg */
 -     copyErrmsg(errmsg, dlerror());
 -     goto dlinfo_fail;
 -   }
 +   if (load_now) {
 +     struct link_map *map;
 +     if (dlinfo(hdl, RTLD_DI_LINKMAP, &map) == -1) {
 +       /* dlinfo failed; save the message in errmsg */
 +       copyErrmsg(errmsg, dlerror());
 +       goto dlinfo_fail;
 +     }
 -   hdl = NULL; // pass handle ownership to nc
 +     hdl = NULL; // pass handle ownership to nc
 -   struct piterate_cb_info piterate_info = {
 -     .nc = nc,
 -     .l_addr = (void *) map->l_addr
 -   };
 -   dl_iterate_phdr(loadNativeObjCb_, &piterate_info);
 -   if (!nc->nc_ranges) {
 -     copyErrmsg(errmsg, "dl_iterate_phdr failed to find obj");
 -     goto dl_iterate_phdr_fail;
 +     struct piterate_cb_info piterate_info = {
 +       .nc = nc,
 +       .l_addr = (void *) map->l_addr
 +     };
 +     dl_iterate_phdr(loadNativeObjCb_, &piterate_info);
 +     if (!nc->nc_ranges) {
 +       copyErrmsg(errmsg, "dl_iterate_phdr failed to find obj");
 +       goto dl_iterate_phdr_fail;
 +     }
 +     nc->unloadable = true;
 +   } else {
 +     nc->nc_ranges = NULL;
 +     nc->unloadable = false;
+    }
 -   nc->unloadable = true;
  #else
     nc->nc_ranges = NULL;
     nc->unloadable = false;