Is musl better than glibc

Please take notice of the following advisories if you intend to use versions other than the latest release. On bit x86 "i" only, all versions prior to 1.

Looking at Alpine Linux

Other archs are not affected. Versions 0. All versions prior to 1. Versions 1. Earlier 0. Since 1. There are no new requirements on kernel version, and this is not a hard ABI break, but the type changes do impact compatibility between code built against previous versions of musl and code built against musl 1.

Users upgrading bit systems should read the detailed time64 release notes. In addition, character data has been updated to align with Unicode Correctness of results has been improved in the math library, particularly some complex functions and bit x86 asm. Various arch-specific bugs have also been fixed. Various low-severity, non-arch-specific bugs are also fixed. Most of the changes are not externally visible, but some affect which syscalls are used.

Notably, mips64 stat -family functions can now report bit file timestamps correctly, and some time-related breakage on x32 is fixed. In addition, select no longer stores remaining time back to the timeout argument. Previously, whether it did so was arch-dependent and merely a consequence of the Linux syscall behavior, which was found to be mildly non-conforming. This version merges the RISC-V bit port and new math library implementations of logexpand pow.

Internals of how non-cancellable syscalls are performed have been overhauled so that all code necessary to make the syscall resides in the arch-provided header and is inlinable. In the process, bugs in the implementation of mips and microblaze syscall mechanisms were found and fixed.Become a fan of Slashdot on Facebook.

Steps to a useless comment: 1 Speculate on the features of something 2 Note that that speculated feature set doesn't include something you want 3 Criticise based on your speculation. You're right that musl doesn't support the same breadth of architectures that glibc does. One big advantage they do have is that it's much simpler to add support for a new architecture to musl than it is to add it to glibc. They are interested in supporting more architectures, so I'd expect their list of supported architectures to grow fairly quickly if there are people interested in that support.

The first priority on musl is correctness, and they will take a hit to size and speed if that's what's necessary to achieve it. But thus far, they've been doing a good job of achieving correctness without introducing too much bloat.

Take a look at their page on bugs found while developing musl [musl-libc. WTF does this mean? I'm sure as hell not developing against a libc that doesn't have debugging hooks.

Benchmarks with gcc, musl and clang and how can they affect the embedded development cost

This can't be what it means. It doesn't mean you can't use gdb, just that libc itself does not try to double as a debugging tool. This is actually a security consideration. For example, glibc prints debugging information if it detects corruption in malloc. But if there's already memory corruption, you have to assume the whole program state is inconsistent; the corruption may be intentional due to the actions of an attacker, and various function pointers, etc. Continuing execution, even to print debug output, risks expanding the attacker's opportunity to take control of the program.

is musl better than glibc

FWIW, musl does detect heap corruption. The difference is that it immediately executes an instruction that will crash the program rather than trying to continue execution, make additional function calls that go though indirection the PLT and access complex data structures, etc. I'm sorry, this sounds like a poor rationalization for lack of useful functionality.

By this logic, you should crash the program without warning whenever invalid input is detected - it could be an attack since no program should ever provide invalid input to a function.

In real life, programs have tons of bugs and diagnostic messages are hugely useful in identifying and then fixing them. Especially since the vast majority of programs are not used in a context where an attack can occur. A 'paranoid' mode with this behavior may make sense for some people. Most people, especially those in the process of developing the software, would prefer diagnostics when things go wrong.

I disagree. There is a big difference between invalid input to a function eg trying to convert "abc" to an integer and a memory corruption bug. In the former case, you can return an error to the caller, and if they were written with enough attention to detail, they can fix the problem and move on, or ask the user for actually valid input, or whatever followup action may be appropriate.If you have heard of Zig before, you may know it as a promising new programming language which is ambitiously trying to overthrow C as the de-facto systems language.

But did you know that it also can straight up compile C code? This has been possible for a while, and you can see some examples of this on the home page. What's new is that the zig cc sub-command is available, and it supports the same options as Clangwhich, in turn, supports the same options as GCC. Now, I'm sure you're feeling pretty skeptical right about now, so let me hook you real quick before I get into the juicy details.

It merely exposes the already-existing capabilities of the Zig compiler via a small frontend layer that parses C compiler options. Zig is an open source project, and of course can be built and installed from source the usual way. However, the Zig project also has tarballs available on the download page. You can download a 45 MiB tarball, unpack it, and you're done. You can even have multiple versions at the same time, no problem. Take a moment to appreciate what just happened here - I downloaded a Windows build of Zig, ran it in Wine, using it to cross compile for Linux, and then ran the binary natively.

Computers are fun! Compare this to downloading Clangwhich has MiB Linux-distribution-specific tarballs. Zig's Linux tarballs are fully statically linked, and therefore work correctly on all Linux distributions. The size difference here comes because the Clang tarball ships with more utilities than a C compiler, as well as pre-compiled static libraries for both LLVM and Clang. Zig does not ship with any pre-compiled libraries; instead it ships with source code, and builds what it needs on-the-fly.

The Zig compiler uses a sophisticated caching system to avoid needlessly rebuilding artifacts. I carefully designed this caching system to make optimal use of the file system while maintaining correct semantics - which is trickier than you might think! The caching system uses a combination of hashing inputs and checking the fstat values of file paths, while being mindful of mtime granularity. This makes it avoid needlessly hashing files, while at the same time detecting when a modified file has the same contents.Normally this just yields good performance independent of heuristics on when to buffer and when to transfer.

Some popular extensions are supported, but not all; in particular, up until version 1. This alternate API is not supported by musl at all. The ABI is compatible on bit. Calling exit more than once invokes undefined behavior. The error is not diagnosed and may give unexpected results, or may happen to do what the programmer intended.

is musl better than glibc

In theory this reduces startup latency if a large number of references are never used; in reality, it sometimes increases it by delocalizing the accesses. In any case, musl does not support lazy binding. This is both for robustness reasons reporting failure of lazy binding is impossible and because it greatly reduces the amount of fragile, arch-dependent code needed in the dynamic linker.

Such code has been a perpetual source of bugs in the glibc implementation. Until version 1. This is erroneous usage and could also break on archs where full lazy binding is not possible or practical. The differences in observable behavior to applications:. Either behavior conforms to POSIX, but only the musl behavior can satisfy the robustness conditions musl aims to provide.

In particular:. Prior versions required it to use a global buffer. Versions of musl up through 1. Starting with 1. It generally ends up being MB. So the actual map size may appear closer to k, with around k usable by the application.

This size was determined empirically with the goals of not gratuitously breaking applications but also not causing large amounts of memory and virtual address space to be committed in programs with large numbers of threads.

For largely unrestrained use of the standard library, a minimum of 12k is recommended, but stack sizes down to 2k are allowed. Since 1. Any destructors or exception handlers present when acting on cancellation will not be run. Up through version 1. Starting with version 1. Under glibc versions at least up through 2. UTF-8" as the default. There has been discussion on the glibc side of possibly adopting the musl behavior here once the "C.

UTF-8" locale is an established feature of glibc. The iconv implementation musl is very small and oriented towards being unobtrusive to static link. Unlike glibc, musl does not try to support non-conforming floating-point formats and arithmetics eg.

IEEE specifies five exception signals and five exception status flags as well inexact, invalid, divbyzero, underflow, overflow. The signals are all masked in the default environment so in case of an exceptional condition the system does not trap but delivers a default result and raises the appropriate status flag. Note: exact underflow is a special case that signals the underflow exception but does not raise the underflow status flag.

The C standard does not provide any way to unmask the exception signals but the specification of feraiseexcept and fesetexceptflag takes unmasked exception signals into account.

Thus a conformant implementation can behave as if floating-point computations never trap, the observable behaviour is conforming, unless the application circumvents the libc eg.

On such platforms an implementation can only fall back to the classic errno based error reporting that was already present in COne year ago, I quit my day job to work on Zig full time. Since then, the project has seen a steady growth in funding. Thanks to the people donating, Zig is on track to become fully sustainable before my savings run out.

This support has allowed me to focus on steady improvements to the language and tooling. In the last year, Zig has released two versions:. These release notes serve as my accountability to people who donate, and if you have a look at them, I hope you can agree with me that they speak for themselves. I know that open-source project funding has been on people's minds lately, as we've watched the Internet's reaction to the bizarre open-sourcing of the V language unfold.

As to how this relates to musl libc, stick with me - let me give you the talking points of this situation:. Now that the website has the "WIP" label to communicate which features are not available, and the source is released, I no longer consider this project to be fraudulent.

The information is available to everyone, and people who donate on Patreon are making an informed choice. I'm genuinely glad it turned out this way. Good luck on your endeavor, and welcome to the programming languages club. One thing that is crystal clear is that the V author succeeded in creating hype.

He got people excited about ambitious features - so excited that they were willing to donate some cash. This made me think of another open source project in the opposite category. It's been around for years, yet making less than V in donations. Especially in the early stages of the Zig project, but still to this day, I asked question after question in the musl IRC channel, and the musl community patiently and expertly indulged them.

Sometimes my questions were not even musl-related, but just more about how the Linux kernel works.

`zig cc`: a Powerful Drop-In Replacement for GCC/Clang

I didn't start off as an expert systems programmer when I started Zig, but the musl community has mentored me over the years.

Zig ships with musl source code. This allows Zig projects to cross compile for Linux.If you are looking for an alternative of glibc musl is worth your time. The project is maintained by the musl community and is under active development at the time of writing.

Several standard libraries are implemented in musl. Even dynamic linking is efficient as the full library including the dynamic linker is a single shared library, greatly reducing the startup time and memory needed for dynamic linking.

Why I'm donating $150/month (10% of my income) to the musl libc project

I tested one of my programs in musl with mixed results. In some cases it performed better than glibc and vice versa. However, binary sizes generated by musl are surprisingly small. The gain is significant in case of static linking. The program I chose finds the th Prime Palindrome with 13 digits. GitHub source. Here comes the twist — when I re-implemented the function ltoa using lldiv musl performed much better in dynamically linked mode. However, if we remember that these libraries are implemented independently the above results make sense.

Do try it out the next chance you get! Your email address will not be published. About Contact Donate Archives. Pingback: vis: a simpler vim — TuxDiary.

is musl better than glibc

Leave a Reply Cancel reply Your email address will not be published. Previous Previous post: GitKraken: the missing Git client.The more awareness musl gets, the better. I'll check out these distro's in the near future. I at least got a laugh out of what I saw on alpine's homepage: "Simple.

The Alpine Linux docker image is only a couple megabytes[0]. There are quite a few people including myself using it as a light-weight OS for their containers. Now that is more like it!

is musl better than glibc

Haven't ported it to musl yet mostly due to the fact that musl wasn't yet merged into crosstool-NG but that's high on my list. A side note: Clang is such a beauty whose structure is so easy to understand yet very extendible.

There are actually few things to be done on clang to support musl. Just implement a proper frontend, and you're mostly done.

Excuse the noob question, but why are there different libc implementations at all? I mean, their featureset is defined by standard, so all implementations should strive for the maximum performance - so where comes the bloat from?

Support for multiple archs is of course a valid source for percieved bloat, but that should matter only at compile time? I think you'd be surprised at how much variation there is in the feature set.

And also the toxic maintainership of glibc in the Drepper era. Good luck. Nelson69 on June 28, Have you probed around the musl code? I welcome the competition to glibc and think they have some good goals. It's remarkably stark in terms of documentation. Only because I've wasted time to look at many of them, it doesn't look bad, but it just doesn't look great either. I'd probably grok musl's faster but I'd not want to jump in and hack on either of them or debug them.


comments

Leave a Reply

Your email address will not be published. Required fields are marked *