musl 1.2.x support #2088
musl 1.2.x support #2088
Conversation
|
r? @Amanieu (rust-highfive has picked a reviewer for you, use r? to override) |
|
Note that rust-lang/rust's CI also uses 1.1.24 currently (https://github.com/rust-lang/rust/blob/7e9a36fa8a4ec06daec581e23f390389e05f25e4/src/ci/docker/scripts/musl.sh#L28) and I think we should keep in sync with it. |
musl 1.1 maintenance has for all practical purposes ended. Accordingly, there is no point in supporting both 1.1 and 1.2 in the libc crate, so follow the time_t type transition to 64-bit.
- add padding members for musl 1.2 - ensure the padding members have an appropriate type (always c_int)
|
@JohnTitor it is a chicken + egg issue. we have to update both. i intend to update both. |
|
Yeah I just left a comment in case you haven't known that. |
|
Switching to musl 1.2.x only works despite of #1848 because musl doesn't support symbol versioning, so the linker allows linking against the time32 compat symbols without issue. I have no idea how to properly solve this. The switch to 1.2.x will also make The ancient glibc used for builds is also unsupported (I think?), but it's used because it allows all sorts of systems to use the "universal" binaries without issue. Because of that, I'm not sure it's already a good time to update the libc used for builds (which, if all goes well in rust-lang/rust#82556, should be different from the runtime libc). EDIT: that said, I think moving to enable y2038 support is probably more valuable, so I guess we should use this as motivation to do our own update. |
|
Hmm, I believe this also needs to change the function names... The redirects to time64 functions in musl are implemented via headers, but linking to |
|
If Rust code is going to pass the modern time-related data structures with 64-bit fields, it needs to honor (ideally derive somehow rather than hard-coding, but they're not going to change so you could just ship the table) the symbol name redirects from the libc headers. But if it's still passing 32-bit versions, it's fine, and will continue to be fine, to reference the legacy symbol names. As such I don't think anything is broken with regard to targeting musl 1.2.x right now. But there may be problems mixing Rust code with third-party C libraries that have already been built using the new types. |
Yes, the redirection is not yet implemented. That allows for musl 1.1 to still be supported. But Void really should upgrade to 1.2 already. |
So changing
I don't disagree :) |
|
Could we keep |
I don't see how this would help the situation any. Pushing the choice of using time64 symbols on programmers will make them almost entirely useless, and people will have to find some way of deciding which symbols to use, at which point it'd just be better if This is somewhat related to #2061... Could the Ideally |
|
Given that this seems to be a necessarily backwards-incompatible change, would it potentially make sense to coordinate this with a potential switch of the |
|
It isn't necessarily backwards incompatible; I believe the BSDs have already requested some mechanism to support ABI incompatible versions of their own platforms. If such a thing was implemented, it'd be possible to carry the two versions "just fine". Given that the rust ecosystem seems to dislike feature tests (which would be the usual way of implementing such a mechanism), it will probably end up being backwards-incompatible. Anyway, I think both of these incompatible changes are very different in what they touch (default linkage vs minimum supported version), so I don't see much of a reason to coordinate them. Could be convinced differently. |
|
Then, rather than risking runtime incompatibility and difficult-to-debug brokenness (e.g. a -sys crate that's building Rust bindings to a C library that uses |
|
Requiring musl 1.2 would make sense for (old - the eventual official riscv32 target should be legacy free in this sense) 32bit targets, but not for 64bit ones. That said, how would you detect the version? Or would it be simply a contract? |
That's a good point; the ABI hasn't changed for 64-bit targets, so the baseline wouldn't need to change.
We wouldn't need to detect the version. We would bind time-related symbols to the new 64-bit versions that don't exist in older versions of musl, and then we'd fail to link with older versions of musl. |
|
Exactly. That seems very reasonable to me, and it automatically does the right thing for 64-bit targets without encoding more than the minimal needed knowledge (the symbol redirections). BTW is Rust already encoding that sort of redirection for glibc targets, where it's needed to use most of the standard unix and stdio file functions (since the legacy symbols on 32-bit archs have 32-bit |
|
I've read through this thread and I'm trying to get a sense for what needs to be done to move forward the upgrade to musl 1.2.2. I believe this is the current state of this thread:
I'm sure I've missed something so please feel free to correct me. I'd like to help push this along if possible 🙂 |
In general, legacy binaries will continue to run as expected. From a source-compilation POV, musl only provides the 64-bit versions by default. So, you should just be able to upgrade and make time_t 64-bit. |
|
If we currently defaulted to dynamically linking musl, I would want to have more of a transition plan for requiring a newer version. But since currently people would have to go out of their way to dynamically link musl, it seems unlikely that bumping our requirement forward will cause much grief. |
|
That seems wrong: the size should be 16 bytes on all platforms. Looking at the C code, the padding is only added when |
I'm confused. The size of |
In C, creation of a struct literal
(Emphasis mine.) |
Rust only has one kind of initialization for structs, which is similar to C designated initializers. Except it requires all fields to be specified, whereas C will zero-initialized any omitted fields. The "proper" solution would be to zero-initialize the struct and then fill in its fields one-by-one as done here. The downside is that this is much more verbose and requires some unsafe code. |
|
Sorry, that's my bad. I was looking at x86_64 in godbolt and messed up the code while trying to get it to compile there. I see what you're saying now and that should work fine. I'll try that and see what the crater results look like. |
So that actually does not work fine. I thought @Amanieu I think that means we have to include the private padding field which will prevent use of the literal struct initialization syntax unless you have another idea how we can force |
|
EDIT: Actually that would still be wrong since the alignment of the struct in C is still 4. In that case I think we have no choice but to leave the padding in. |
|
Indeed, setting alignment to 8 does not work for archs without a full alignment requirement for 64-bit types, and of course doesn't solve the big endian case where the padding is before Maybe this is a sign that Rust should have [an extension to do?] default initialization like C does for unmentioned members. I think the core issue here is that the Rust feature is incompatible with structures that may have implementation-defined or internal/private fields that are not part of the API, and thus that application code is not allowed to mention by name. |
Yeah I gave that a try earlier today and the CI flagged the mismatched alignments right away. I don't think we want to do that.
I think usually what we'd do for that case is something like this: pub struct Padding<T> {
_: T // this field is not pub so it can't be used outside of the module
}
pub struct timespec {
pub tv_sec: time_t,
pub tv_nsec: ::c_long,
pub __pad0: Padding<u32>, // this field is pub to allow struct initialization syntax to work
}
pub fn zeroed() -> timespec {
timespec {
// 0 init all fields
}
}You would then do something like @Amanieu would there be interest in trying to explore some kind of solution like that (perhaps using The other option I see would be to pick some of the most used crates impacted by this and switch them to the A second crater run revealed that at least 97% of the 5749 regressions from the initial run are solely due to |
|
I don't mind making the padding fields public to allow struct initialization. For the In the short term I think it's best to do what you suggested:
Just a slight nit: I prefer |
Note that they'd still have to be public, and |
1886: Update use of libc::timespec to prepare for future libc version r=asomers a=wesleywiser In a future release of the `libc` crate, `libc::timespec` will contain private padding fields on `*-linux-musl` targets and so the struct will no longer be able to be created using the literal initialization syntax. Update places where `libc::timespec` is created to first zero initialize the value and then update the `tv_sec` and `tv_nsec` fields manually. Many of these places are in `const fn`s so a helper function `zero_init_timespec()` is introduced to help with this as `std::mem::MaybeUninit::zeroed()` is not a `const` function. Some matches on `libc::timespec` are also updated to include a trailing `..` pattern which works when `libc::timespec` has additional, private fields as well as when it does not (like for `x86_64-unknown-linux-gnu`). See also rust-lang/libc#2088 Co-authored-by: Wesley Wiser <wesleywiser@microsoft.com>
Musl has use a 64-bit time_t since 1.2.0, but rust still uses the old 32-bit time_t on 32-bit platforms. rust-lang/libc#2088 will eventually fix this, but until then use i64 for time_t on musl in our tree. This will break binary compatibility with rust crates built against musl outside our tree, but those shouldn't get mixed with our tree. Bug: 216192129 Test: m USE_HOST_MUSL=true host-native -k Change-Id: Iaafd06e180514157015607be50f625cb0661e1b8
|
@kaniini Could you pull the changes from my After that, I think we're ready to start an FCP! 🙂 |
|
Closing in favor of #3068, thanks for the PR! |
Switch the CI to use musl 1.2.2 and fix any CI problems.