-
Notifications
You must be signed in to change notification settings - Fork 23.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
use dlmopen for modules to clearly separate symbol namespace #6125
base: 5.0
Are you sure you want to change the base?
Conversation
this way the dl library calls stop resolving to symbols in redis, completely isolating namespaces. Useful for instance when embedding own Lua without interfering with Redis.
Have you had a chance to test this with any modules? My main concern is this could potentially result in subtle bugs. |
I have tested it with two versions of my own module, one using the old API and one using the threaded and blocking one. Calls to |
I guess my main worry is if anything was using this behavior to do polyfills. For KeyDB at least I'll need to test it with a few other major modules. |
I don't understand what you mean. I will see if the PR can be improved with detection of GNU libc at build time. |
I was thinking more for crazier modules like modssl: https://github.com/JohnSully/modssl That use internal Redis functionality outside of the public API. If they run on a version without the necessary internal function they could fallback to an internal one. Its not something I particularly want to support (modssl is just a demo) but I am curious if any modules do call private APIs - and what the implications of this for those are. I'm going to do a test with some of the more popular ones fairly soon. |
Now I get it. Looking forward to your tests. I am not sure if this change means total isolation or just a change in namespace priority. It just gives me the behaviour I would expect intuitively: call my module's symbols first, rather than silently crawl through redis' internal symbols, which is also relatively hard to debug btw. |
this way does not break musl builds
Just improved a bit to avoid breakage on non-GNUlibc based builds (tested with musl). |
The flag I propose will lead to complete isolation, so, yes, any module using host's symbols will fail loading as the mode it is not "lazy". But please consider keeping the ambiguity seriously hinders the development of advanced modules.
|
Hi @jaromil, I'm trying to organize all module related open issues and bumped in this one. Problem is real indeed, but I don't like the use of the non-standard In the past we ended up using |
Hi! thanks for the heads up, I have tested the build flags you mention and they do not solve the case I'm describing, which in brief consists of a module shipping its own Lua interpreter. |
@jaromil Thanks for checking. Do you have a small sample you can share? While I don't like the |
|
A module using same symbols as redis will end up calling functions in redis before its own.
I believe this is a bug and that isolation of namespaces is necessary, allowing for instance to embed Lua inside a module without interfering with the interpreter already present in Redis (see Zenroom's module)
To fix I suggest to use
dlmopen(3)
on_GNU_SOURCE
capable systems for complete isolation of runtime symbol namespace resolution. Attached is a very small patch based on redis 5.0.5The problem addressed is also debated here and mainly affects Linux based systems (GNU libc)