Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cleanup .gnu.version_r after removing symbol version #374

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

sulix
Copy link

@sulix sulix commented Apr 11, 2022

If --clear-symbol-version is used to remove all occurrances of a symbol version, it nevertheless remains in the .gnu.version_r section as being required by a particular dependency.

Instead, after removing symbol versions, loop over the .gnu.version and gnu.version_r tables to find any unused version, and unlink them from the linked-lists in the .gnu.version_r section.

While an ideal implementation would probably rebuild the entire .gnu.version_r section, this works well enough to stop objdump noting the no-longer-valid version dependency.

Note that the test is very glibc-specific — it works on my machine, but I wouldn't trust it too much further. I assume that's one of the reasons symbol versions aren't tested much yet, so if you'd rather I remove the test, that's fine.

@sulix sulix changed the title Verneed fix Cleanup .gnu.version_r after removing symbol version Apr 11, 2022
@martinetd
Copy link
Member

martinetd commented Apr 12, 2022

Thank you! This is awesome! You're doing pretty much exactly what I was suggesting, so I'm obviously happy with it :)
I've tested it on the couple of binaries I need to edit and it works as advertised for me.

For the test, I agree it's not great as is, and checking we don't remove too much in .gnu.version_r by adding two symbols and removing them one at a time?
I've just tried that, but I managed to produce a binary with versions without gnu.version_r and patchelf fails on these:

$ cat foo.map 
VERS1 {
  global:
    vers1_1; vers1_2;
  local:
    *;
};

VERS2 {
  global:
    vers2;
  local:
    *;
} VERS1;
$ cat foo.c
void vers1_1(void) {}
void vers1_2(void) {}
void vers2(void) {}
$ gcc -Wl,--version-script=foo.map -fpic -shared -o libfoo.so foo.c
$ ~/code/patchelf/src/patchelf --clear-symbol-version vers1_1 libfoo.so
patchelf: cannot find section '.gnu.version_r'
$ echo $?
1
$ readelf -V libfoo.so 

Version symbols section '.gnu.version' contains 10 entries:
 Addr: 0x000000000000040a  Offset: 0x00040a  Link: 3 (.dynsym)
  000:   0 (*local*)       1 (*global*)      1 (*global*)      1 (*global*)   
  004:   1 (*global*)      2 (VERS1)         2 (VERS1)         3 (VERS2)      
  008:   3 (VERS2)         2 (VERS1)      

Version definition section '.gnu.version_d' contains 3 entries:
 Addr: 0x0000000000000420  Offset: 0x000420  Link: 4 (.dynstr)
  000000: Rev: 1  Flags: BASE  Index: 1  Cnt: 1  Name: libfoo.so
  0x001c: Rev: 1  Flags: none  Index: 2  Cnt: 1  Name: VERS1
  0x0038: Rev: 1  Flags: none  Index: 3  Cnt: 2  Name: VERS2
  0x0054: Parent 1: VERS1

I'm running out of time right now but I'll have a look tomorrow to see if I can get it to use version_r instead for our tests.

# We expect this to appear at least twice: once for the symbol entry,
# and once for verneed entry.
echo "Couldn't find expected versioned symbol. Are you building with glibc?"
exit 1
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for the late review, but never now than never...
I think this test should not fail on non-glibc machines as we also have openbsd/freebsd user:

Suggested change
exit 1
exit 0

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good idea. I've changed this, and improved the message printed.

Copy link
Member

@Mic92 Mic92 Jul 31, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you still make the test not fail in this case? It also effects our musl builds, that we use for static binaries.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whoops — I didn't notice that git was stuck asking for the password to push this. I've actually uploaded the new version with that changed. Sorry!

RANDOM_PATH=$(pwd)/${SCRATCH}/$RANDOM

SYMBOL_TO_REMOVE=__libc_start_main
VERSION_TO_REMOVE=GLIBC_2.34
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this not break when we upgrade glibc or do I miss something?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, but rarely.

glibc only updates symbol versions if that particular function has changed in an incompatible way. For the __libc_start_main symbol, it has changed exactly once, to introduce the GLIBC_2.34 version. It's not particularly likely that this function will change in an incompatible way regularly, so it seemed a reasonably safe bet that this'll still work for the next 5–10 years.

@Mic92
Copy link
Member

Mic92 commented May 20, 2022

I'm running out of time right now but I'll have a look tomorrow to see if I can get it to use version_r instead for our tests.

Do you still plan to do this?

@martinetd
Copy link
Member

I'm running out of time right now but I'll have a look tomorrow to see if I can get it to use version_r instead for our tests.

Do you still plan to do this?

Sorry didn't manage to do it quickly enough back then and forgot about it...
Turns out I was silly and too focused on producing a lib with multiple versions (.gnu.version_d), but version_r is about using anything we care about so it's much simpler:

$ cat user.c
#include <sys/stat.h>

int foo() {
	struct stat buf;

	fstat(0, &buf);
	stat(".", &buf);
	return 0;
}
$ gcc -fpic -shared -o libuser.so user.c
$ nm -D libuser.so | grep @
                 w __cxa_finalize@GLIBC_2.2.5
                 U fstat@GLIBC_2.33
                 U stat@GLIBC_2.33
$ objdump -x libuser.so | grep -A 3 Version
Version References:
  required from libc.so.6:
    0x09691a75 0x00 03 GLIBC_2.2.5
    0x069691b3 0x00 02 GLIBC_2.33
$ ../src/patchelf --clear-symbol-version stat libuser.so
$ nm -D libuser.so | grep @
                 w __cxa_finalize@GLIBC_2.2.5
                 U fstat@GLIBC_2.33
$ objdump -x libuser.so | grep -A 3 Version
Version References:
  required from libc.so.6:
    0x09691a75 0x00 03 GLIBC_2.2.5
    0x069691b3 0x00 02 GLIBC_2.33
$ ../src/patchelf --clear-symbol-version fstat libuser.so
$ nm -D libuser.so | grep @
                 w __cxa_finalize@GLIBC_2.2.5
$ objdump -x libuser.so | grep -A 3 Version
Version References:
  required from libc.so.6:
    0x09691a75 0x00 03 GLIBC_2.2.5

( so 2.33 is gone after removing both symbols and only after removing both symbols from it - which is what I think I wanted to test?)

ideally could go as far as actually running it to make sure linker is happy, but that'd mean providing the symbols and that feels too much like work to do on a busy weekend; please tell me and I'll try not to forget this time :)

If --clear-symbol-version is used to remove all occurrances of a symbol
version, it nevertheless remains in the .gnu.version_r section as being
required by a particular dependency.

Instead, after removing symbol versions, loop over the .gnu.version and
gnu.version_r tables to find any unused version, and unlink them from
the linked-lists in the .gnu.version_r section.
This test removes the __libc_start_main@GLIBC_2.34 symbol, which should
be the only GLIBC_2.34 symbol in 'main' when built with recent (i.e., >
2.34) glibc. Because it is the only symbol, the entry in .gnu.version_r
should also be removed.

Because this is a symbol version test, it's unlikely to work on musl or
anything else which doesn't use glibc symbol versions. In these cases
(or in the case that __libc_start_main is now at a different version),
the test should print a warning, but exit with "0" to report a pass.
@sulix
Copy link
Author

sulix commented Jul 30, 2022

I needed this again today, so I rebased the change, and tidied up the test slightly.

It's still not the ideal way of testing this: we probably should build our own separate library with symbol versions, and a program which links against it. But that's significantly more work, and glibc's own symbol versions are pretty much everyone's use-case.

@Mic92
Copy link
Member

Mic92 commented Aug 1, 2022

Hi. I opened up a new PR to add some more pointer checks on top. I know this is not consequently done in our codebase yet, but I want to converge over time to it: e1aa6d6

vszakats added a commit to curl/curl-for-win that referenced this pull request Aug 31, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to curl/curl-for-win that referenced this pull request Aug 31, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to curl/curl-for-win that referenced this pull request Aug 31, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to curl/curl-for-win that referenced this pull request Aug 31, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 1, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 1, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 1, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 1, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 1, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 1, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 1, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 1, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 1, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 2, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 4, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 5, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to curl/curl-for-win that referenced this pull request Sep 6, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to curl/curl-for-win that referenced this pull request Sep 6, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 6, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 7, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 7, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 7, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 7, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 20, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 20, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 22, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 22, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 22, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 23, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 23, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 24, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 27, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 28, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 28, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Sep 28, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Oct 2, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Oct 2, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Oct 3, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Oct 5, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Oct 7, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Oct 7, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to vszakats/curl-for-win that referenced this pull request Oct 7, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
https://github dot com/NixOS/patchelf/issues/284
https://github dot com/NixOS/patchelf/pull/374
https://github dot com/NixOS/patchelf/pull/394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
vszakats added a commit to curl/curl-for-win that referenced this pull request Oct 8, 2023
This problem did not improve much in the last 20 years.

The `patchelf` trick as v0.18.0 (2023-04) is broken due to:
NixOS/patchelf#284
NixOS/patchelf#374
NixOS/patchelf#394

It also looks like a rather fragile and accidental hack.

The only real solution is to somehow install older glibc
headers and libs and force-build against them. The force-load
it when running `curl -V` after the build. There seems to be
no out-of-the box way of doing these on Linux.

The common solution is to build on a Linux that is older than
everyone else's who wants to run the binaries bulit. This is
inconvenient, and forces to use old toolchains, possibly with
security and performance consequences.

Another is to use a tool like crosstool-ng, that involves
building the complete toolchain from scratch and also means
to deal with a whole lot of supply chain issues, esp. considering
the tendency that such tools often pull sources unverified
and/or via cleartext HTTP over the internet. Components are
often outdated and use custom patches. Plus resources needed
for building these.

Or possibly using NixOS could help here?

Or deploy with Docker, snap, flatpak, which is another thick
layer of complexity on top.

Links:
https://github.com/phusion/holy-build-box#problem-introduction
https://mesonbuild.com/Creating-Linux-binaries.html
https://andrewkelley.me/post/zig-cc-powerful-drop-in-replacement-gcc-clang.html
https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

arm64:
```
U __libc_start_main@GLIBC_2.34
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```

amd64:
```
U __explicit_bzero_chk@GLIBC_2.25
U __libc_start_main@GLIBC_2.34
U fcntl64@GLIBC_2.28
U fstat64@GLIBC_2.33
U fstat@GLIBC_2.33
w getentropy@GLIBC_2.25
U getrandom@GLIBC_2.25
U pthread_create@GLIBC_2.34
U pthread_detach@GLIBC_2.34
U pthread_getspecific@GLIBC_2.34
U pthread_join@GLIBC_2.34
U pthread_key_create@GLIBC_2.34
U pthread_key_delete@GLIBC_2.34
U pthread_once@GLIBC_2.34
U pthread_rwlock_destroy@GLIBC_2.34
U pthread_rwlock_init@GLIBC_2.34
U pthread_rwlock_rdlock@GLIBC_2.34
U pthread_rwlock_unlock@GLIBC_2.34
U pthread_rwlock_wrlock@GLIBC_2.34
U pthread_setspecific@GLIBC_2.34
U stat64@GLIBC_2.33
U stat@GLIBC_2.33
```
@bobbobbio
Copy link

I found myself wanting this today. Is there any chance this will eventually get merged in the future? What are the outstanding concerns with this approach? I couldn't understand from the existing comments.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants