[yjftsjthsd-h]

It is absolutely not true on many (most?) operating systems; Linux is actually an outlier, and we mostly forget that it's the odd one out because it's so popular. Off the top of my head, I believe both NT and Solaris define libc as the stable interface that userspace uses; I don't recall exactly what the BSDs do, but I suspect that they at least strongly encourage using libc and not trying to talk to the kernel yourself (IIRC OpenBSD does this because some of their security measures are managed by libc). Go has hit this a few times because they don't want to depend on libc if they can avoid it, but on a lot of systems they really can't avoid it.

Ah, here we go: https://github.com/golang/go/issues/36435

> Upcoming changes to the OpenBSD kernel will prevent system calls from being made unless they are coming from libc.so (with some exceptions, for example, a static binary). There are also likely to be changes to the APIs used for system calls. As such, the Go runtime (and other packages) need to stop using direct syscalls, rather calling into libc functions instead (as has always been done for Solaris and now also for macOS).

(and the "with some exceptions" is why I say "strongly encouraged")

[pjmlp]

Only UNIX based OSes use libc as part of the stable interface, which on UNIXes case actually means ISO C + POSIX.

On non-POSIX OSes like NT and plenty of others, libc is part of whatever compiler one decides to use and as such not part of any OS interface as such.

On NT the stable OS APIs are provided via the OS personalities, meaning OS/2 (dead now), the old POSIX one (also dead and replaced by WSL), and Win32 (actually User, Kernel, GDI as the main ones), which as of Windows 8 and MinWin refactoring is split into redirection dlls know as API sets, https://docs.microsoft.com/en-us/windows/win32/apiindex/wind....

Which is why on code that never intends to be portable, you will see calls like ZeroMemory instead of memset.

[anaisbetts]

Yep, ntdll is the bottom of the stack. Raw syscall numbers are not guaranteed across Windows versions and in fact, can be changed by as something as small as a security update. They end up being generated automatically at build time, so there's no guarantee of any kind of stability.

[yjftsjthsd-h]

Oh, interesting; I'd assumed that NT was just using libc as its stable ABI, but on further reading it looks more like ntdll.dll (probably just for that personality?). Similar concept, slightly different place. Still, my point was that under the "Windows" personalities, you talk to a library, never directly to the kernel.

EDIT: Found https://web.archive.org/web/20121224002314/http://netcode.cz... which if I'm reading right indicates that ntdll is indeed the bottom-layer library that's allowed to actually talk to the kernel.

[pjmlp]

Yes, ntdll is the lowest level, but you aren't supposed to use it directly, and if you do, well no one is going to help when a patch Tuesday or something like that breaks the application.

The personality DLLs are the applications entry point with the kernel.

[monocasa]

Most of ntdll.dll is officially sanctioned at this point. It's officially documented, and obviously plays into the backwards compat choices they make.

[pjmlp]

Not really, Windows Internals always refers to the few public ones as "take care when relying on this", very few entries do exist on MSDN or Technet, and those that do exist are mostly tailored for device drivers scenarios.

[ChrisSD]

Sort of. Many NT functions are officially documented. But they're also officially documented as unstable. They probably won't break many of the oldest functions but they reserve the right to do so at some point.

[saagarjha]

macOS, in some sense a BSD (at least nominally), would like you to not make system calls yourself as well. Actually, not linking against libc has a number of hilarious consequences, one of which is that you bypass the platform sandbox because apparently the engineers thought it couldn't be possible to write a program without it :P

[khrbtxyz]

Is there an example somewhere on how to link without libc and make my own syscalls? I tried this a while ago (can't remember which version of macOS it was), fiddling with Csu, nasm etc. but couldn't quite figure it out.

[jmillikin]

https://john-millikin.com/unix-syscalls#darwin is a small, "hello world" example.

[saagarjha]

> Note that I have left out the instructions to statically link binaries because they are documented as unsupported

That's a bit annoying, especially since you're already using raw syscall numbers anyways. Here's how to make it static:

  .intel_syntax noprefix
  
  #include <sys/syscall.h>
  
  #define UNIX_SYSCALL 0x2000000
  
  .globl start
  start:
      mov rax, UNIX_SYSCALL | SYS_write
      mov rdi, 1
      lea rsi, text[rip]
      lea rdx, length
      syscall
      mov rax, UNIX_SYSCALL | SYS_exit
      xor rdi, rdi
      syscall
  
  text:
  .asciz "Hello, world!\n"
  .equ length, . - text

Compile that with clang -static -nostdlib.

[jmillikin]

You don't have to change the source or compile with `clang` -- switching the LD command to:

  ld -arch x86_64 -o hello hello.o -macosx_version_min 10.8 -static -e _main

is sufficient if you're determined to violate the OS vendor's compatibility requirements.

[saagarjha]

That works too, but I'm lazy :P

[saagarjha]

-static -nostdlib, and make sure you have an entry point set.

[fomine3]

I'm curious why golang architects (looks like top smart people) treated ABI as stable interface not only for Linux/Window but also initially for BSD/macOS.

[api]

Windows has a libc? I often see windows binaries statically linked because otherwise you have to drag along all the DLLs.

[ChrisSD]

With Windows "libc" is split in two: ucrt and vcruntime

ucrt is available on all modern version of Windows (since 7) and doesn't need to be statically linked or distributed with the application. It has most functions needed for the c runtime and library.

vcruntime comes with Microsoft's C/C++ compiler. It has functions such as longjmp, memcpy, memset etc and C++ exception handlers. This does not come with Windows. It can be installed separately by the user or distributed with the application (either by placing it the same folder as the exe or by statically linking).