[parent not found: <CAOUYtQAWqEY_Ys3crsyXDmVVqJVjfzwTA0NsDxfpgU5cP_t2nA@mail.gmail.com>]
* Re: Why are stdin/stdout/stderr `FILE *const` in musl?
[not found] ` <CAOUYtQAWqEY_Ys3crsyXDmVVqJVjfzwTA0NsDxfpgU5cP_t2nA@mail.gmail.com>
@ 2018-02-02 15:53 ` Jon Chesterfield
0 siblings, 0 replies; 10+ messages in thread
From: Jon Chesterfield @ 2018-02-02 15:53 UTC (permalink / raw)
To: musl
[-- Attachment #1: Type: text/plain, Size: 3202 bytes --]
I think compiler engineers are among those most likely to ignore parts of
the standard they don't agree with. We're not a good choice for an appeal
to authority in this instance.
On 2 Feb 2018 16:30, "CodingMarkus" <CodingMarkus@hanauska.name> wrote:
> On 2018-02-02, at 16:01, Markus Wichmann <nullplan@gmx.net> wrote:
>
> Why would you ever need a pointer to stdout or stderr?
"Why would you ever need" is no valid argument. It’s no argument for
anything and especially never an argument against anything.
If I buy a toolset to paint my wall and I cannot use it to paint it green,
then “why would you ever want to have a green wall” is simply no argument
because it doesn’t matter why the person who bought the toolset wants a
green wall or whether it’s a good idea to paint walls in green. This is a
meta discusion that misses the actual point which is that the toolset won’t
allow me to paint my wall green.
Here is a real life code sample that breaks exactly because the reason I
was pointing out, so apparently clang developers like green walls:
https://git.alpinelinux.org/cgit/aports/tree/main/llvm5/
dynamiclibrary-fix-build-musl.patch?id=HEAD
And that the people who themselves makes the currently second most
successful open source compiler on the market act outside the C standard
doesn’t sound very convincing to me. If in doubt, these people know the C
standard better than I probably ever will.
And, of course, this affects other projects based on LLVM infrastructure,
e.g. this one, which simply cannot be built on Alpine and that’s because of
musl:
https://github.com/avast-tl/retdec
Even with that patch it cannot be built but that has other reasons and this
time the problem is not a question related to any specs or standards but to
the fact that LLVM expects functions like fseeko64 to either not be present
(they don’t have to, they are non-standard) or to be present as real
functions. In musl they are present but they are defines (tfeeko64 is a
define to fseek and so on) and this is unexpected but I see no reason why
it would not be allowed so here I can blame LLVM. There is also a fix for
that BTW and the latest LLVM versions contain that fix already (but retdec
bases on an older one).
I’m only worried with how interchangeable musl is as a standard libc
because the idea of a standard is that it guarantees compatibility. If
there are ten libc libraries and they all conform to the same standard,
then they should always be interchangeable and all code building with one
of them should also build with the other nine. Every time this is not the
case, there is a problem that needs to be fixed IMHO. In that case either
nine of them are doing it right and one of them is doing it wrong or nine
of them are doing it wrong and one of them is doing it right, well, guess
what is more likely.
So in the end, the question is whether LLVM is using incorrect code here
that simply doesn’t need to compile because it is broken (regardless if
it’s syntactically correct) or whether musl should define stdX the same way
all the other libraries are doing it.
Regards,
Markus
[-- Attachment #2: Type: text/html, Size: 3976 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Why are stdin/stdout/stderr `FILE *const` in musl?
2018-02-02 15:30 ` CodingMarkus
[not found] ` <CAOUYtQAWqEY_Ys3crsyXDmVVqJVjfzwTA0NsDxfpgU5cP_t2nA@mail.gmail.com>
@ 2018-02-02 16:01 ` Jens Gustedt
2018-02-02 16:12 ` Jeff Hammond
2018-02-02 17:16 ` William Pitcock
3 siblings, 0 replies; 10+ messages in thread
From: Jens Gustedt @ 2018-02-02 16:01 UTC (permalink / raw)
To: CodingMarkus; +Cc: musl
[-- Attachment #1: Type: text/plain, Size: 2508 bytes --]
Hello,
On Fri, 2 Feb 2018 16:30:03 +0100 CodingMarkus
<CodingMarkus@hanauska.name> wrote:
> > On 2018-02-02, at 16:01, Markus Wichmann <nullplan@gmx.net> wrote:
> >
> > Why would you ever need a pointer to stdout or stderr?
>
>
> "Why would you ever need" is no valid argument. It’s no argument for
> anything and especially never an argument against anything.
No, but the exact definition that I gave you from the standard, is
certainly an argument. Did you see this? I didn't see a reply from you
to this.
I checked the provision that this is an expression is there at least
since C99.
> https://git.alpinelinux.org/cgit/aports/tree/main/llvm5/dynamiclibrary-fix-build-musl.patch?id=HEAD
What this shows is that they are clearly wrong in doing
EXPLICIT_SYMBOL(stderr);
stderr is *not* an explicit symbol and should not be.
> And that the people who themselves makes the currently second most
> successful open source compiler on the market act outside the C
> standard doesn’t sound very convincing to me. If in doubt, these
> people know the C standard better than I probably ever will.
Some of them certainly do.
I hope that you are not suggesting that the people that replied to you
here on that list don't know the C standard at least as good.
> I’m only worried with how interchangeable musl is as a standard libc
> because the idea of a standard is that it guarantees compatibility.
exactly, so what they are doing is to be frowned upon
(In particular, because this is a compiler framework that is making
assumptions about the library framework that is not justified.)
> If there are ten libc libraries and they all conform to the same
> standard,
As said in my other mail, this is undefined behavior LaLaLand. So
implementors can do what they want, they don't even have to document
it. But it is just not portable.
Now, if you are claiming that this would be an important feature, one
could certainly at least discuss it. But what I heard so far from you
was only reference to authority (llvm must know what they are doing).
You were not arguing why they are doing this and why this would be
important.
Jens
--
:: INRIA Nancy Grand Est ::: Camus ::::::: ICube/ICPS :::
:: ::::::::::::::: office Strasbourg : +33 368854536 ::
:: :::::::::::::::::::::: gsm France : +33 651400183 ::
:: ::::::::::::::: gsm international : +49 15737185122 ::
:: http://icube-icps.unistra.fr/index.php/Jens_Gustedt ::
[-- Attachment #2: Digitale Signatur von OpenPGP --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Why are stdin/stdout/stderr `FILE *const` in musl?
2018-02-02 15:30 ` CodingMarkus
[not found] ` <CAOUYtQAWqEY_Ys3crsyXDmVVqJVjfzwTA0NsDxfpgU5cP_t2nA@mail.gmail.com>
2018-02-02 16:01 ` Jens Gustedt
@ 2018-02-02 16:12 ` Jeff Hammond
2018-02-02 17:16 ` William Pitcock
3 siblings, 0 replies; 10+ messages in thread
From: Jeff Hammond @ 2018-02-02 16:12 UTC (permalink / raw)
To: musl
[-- Attachment #1: Type: text/plain, Size: 3293 bytes --]
On Fri, Feb 2, 2018 at 7:30 AM, CodingMarkus <CodingMarkus@hanauska.name>
wrote:
> Here is a real life code sample that breaks exactly because the reason I
> was pointing out, so apparently clang developers like green walls:
>
> https://git.alpinelinux.org/cgit/aports/tree/main/llvm5/dyna
> miclibrary-fix-build-musl.patch?id=HEAD
>
> And that the people who themselves makes the currently second most
> successful open source compiler on the market act outside the C standard
> doesn’t sound very convincing to me. If in doubt, these people know the C
> standard better than I probably ever will.
>
I seriously doubt that they would describe themselves as infallible. In
this specific case, the patch was submitted by a JuliaLang developer who is
an expert in LLVM but probably not ISO C.
The appropriate action here is not to assume they know everything but to
file a bug report.
> And, of course, this affects other projects based on LLVM infrastructure,
> e.g. this one, which simply cannot be built on Alpine and that’s because of
> musl:
>
> https://github.com/avast-tl/retdec
>
> Even with that patch it cannot be built but that has other reasons and
> this time the problem is not a question related to any specs or standards
> but to the fact that LLVM expects functions like fseeko64 to either not be
> present (they don’t have to, they are non-standard) or to be present as
> real functions. In musl they are present but they are defines (tfeeko64 is
> a define to fseek and so on) and this is unexpected but I see no reason why
> it would not be allowed so here I can blame LLVM. There is also a fix for
> that BTW and the latest LLVM versions contain that fix already (but retdec
> bases on an older one).
>
> I’m only worried with how interchangeable musl is as a standard libc
> because the idea of a standard is that it guarantees compatibility. If
> there are ten libc libraries and they all conform to the same standard,
> then they should always be interchangeable and all code building with one
> of them should also build with the other nine. Every time this is not the
> case, there is a problem that needs to be fixed IMHO. In that case either
> nine of them are doing it right and one of them is doing it wrong or nine
> of them are doing it wrong and one of them is doing it right, well, guess
> what is more likely.
>
Programming standards and the associated expectation of compatibility are
aspirational.
Your argument that 9/10 must be right is a variant of "tyranny of the
majority". This is not how standards compliance works. A compliant
implementation is compliant, even if there are a million non-compliant
implementations.
So in the end, the question is whether LLVM is using incorrect code here
> that simply doesn’t need to compile because it is broken (regardless if
> it’s syntactically correct) or whether musl should define stdX the same way
> all the other libraries are doing it.
>
LLVM is using incorrect code that is broken and needs to be fixed if the
LLVM developers want their implementation to be portable to faithful
implementations of the C/POSIX library standard.
Jeff
--
Jeff Hammond
jeff.science@gmail.com
http://jeffhammond.github.io/
[-- Attachment #2: Type: text/html, Size: 4411 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Why are stdin/stdout/stderr `FILE *const` in musl?
2018-02-02 15:30 ` CodingMarkus
` (2 preceding siblings ...)
2018-02-02 16:12 ` Jeff Hammond
@ 2018-02-02 17:16 ` William Pitcock
3 siblings, 0 replies; 10+ messages in thread
From: William Pitcock @ 2018-02-02 17:16 UTC (permalink / raw)
To: musl
Hi,
On Fri, Feb 2, 2018 at 9:30 AM, CodingMarkus <CodingMarkus@hanauska.name> wrote:
>> On 2018-02-02, at 16:01, Markus Wichmann <nullplan@gmx.net> wrote:
>>
>> Why would you ever need a pointer to stdout or stderr?
What he wants is a pointer to the pointer itself.
> "Why would you ever need" is no valid argument. It’s no argument for anything and especially never an argument against anything.
>
> If I buy a toolset to paint my wall and I cannot use it to paint it green, then “why would you ever want to have a green wall” is simply no argument because it doesn’t matter why the person who bought the toolset wants a green wall or whether it’s a good idea to paint walls in green. This is a meta discusion that misses the actual point which is that the toolset won’t allow me to paint my wall green.
>
> Here is a real life code sample that breaks exactly because the reason I was pointing out, so apparently clang developers like green walls:
>
> https://git.alpinelinux.org/cgit/aports/tree/main/llvm5/dynamiclibrary-fix-build-musl.patch?id=HEAD
>
> And that the people who themselves makes the currently second most successful open source compiler on the market act outside the C standard doesn’t sound very convincing to me. If in doubt, these people know the C standard better than I probably ever will.
Actually, that patch should not be necessary soon, thankfully.
Also stdin/stdout/stderr and many other objects provided by the libc
should never ever be considered explicit symbols. Only ISO C
functions should be considered explicit symbols. But overall, the
EXPLICIT_SYMBOL() stuff in LLVM is a massive hackjob and needs to just
be completely removed.
> And, of course, this affects other projects based on LLVM infrastructure, e.g. this one, which simply cannot be built on Alpine and that’s because of musl:
>
> https://github.com/avast-tl/retdec
>
> Even with that patch it cannot be built but that has other reasons and this time the problem is not a question related to any specs or standards but to the fact that LLVM expects functions like fseeko64 to either not be present (they don’t have to, they are non-standard) or to be present as real functions. In musl they are present but they are defines (tfeeko64 is a define to fseek and so on) and this is unexpected but I see no reason why it would not be allowed so here I can blame LLVM. There is also a fix for that BTW and the latest LLVM versions contain that fix already (but retdec bases on an older one).
>
> I’m only worried with how interchangeable musl is as a standard libc because the idea of a standard is that it guarantees compatibility. If there are ten libc libraries and they all conform to the same standard, then they should always be interchangeable and all code building with one of them should also build with the other nine. Every time this is not the case, there is a problem that needs to be fixed IMHO. In that case either nine of them are doing it right and one of them is doing it wrong or nine of them are doing it wrong and one of them is doing it right, well, guess what is more likely.
A lot of libcs are derived in part from the historical BSD libc
(including the GNU one etc). Thusly, it is possible that these libc
have a design that is informed by the state of the 1980s instead of
modern practice. It does not mean that any of the implementations are
doing it wrong.
> So in the end, the question is whether LLVM is using incorrect code here that simply doesn’t need to compile because it is broken (regardless if it’s syntactically correct) or whether musl should define stdX the same way all the other libraries are doing it.
It shouldn't, there are advantages to the current way it is done.
Anything that catches technically incorrect code is a major win from
security and overall robustness points of view.
William
^ permalink raw reply [flat|nested] 10+ messages in thread