Principle:ClickHouse ClickHouse Glibc Symbol Replacement
| Knowledge Sources | |
|---|---|
| Domains | Portability, System_Compatibility |
| Last Updated | 2026-02-08 00:00 GMT |
Overview
Build binaries with newer toolchains while maintaining runtime compatibility with older system libraries by providing symbol replacements.
Description
This principle addresses the challenge of forward compatibility in Linux distributions where applications built against newer glibc versions cannot run on systems with older glibc. By providing alternative implementations of newer glibc symbols, programs can be compiled with modern development tools while still running on older production systems. The approach includes replacing fortified function variants with non-checking versions, implementing missing system calls via direct syscall interface, and providing compatibility shims for features unavailable in older libc versions.
Usage
Apply this principle when distributing pre-compiled binaries that must run across a wide range of Linux distributions, particularly targeting enterprise systems with long-term support cycles that may have significantly older system libraries.
Theoretical Basis
The glibc symbol versioning system allows multiple versions of the same symbol to coexist, but requires that the application be linked against versions no newer than the target system's glibc. By providing weak symbol replacements that match older API contracts, applications can satisfy both the compiler's requirements (using modern headers) and the runtime's constraints (using older symbol versions).
The fortified functions (with `_chk` suffix) were introduced for buffer overflow protection but are often unnecessarily strict for known-safe code. By replacing them with non-checking versions, we maintain functionality while avoiding dependencies on newer glibc versions.
System calls provide a stable kernel ABI that doesn't depend on glibc version. When newer libc adds wrapper functions for new system calls, directly invoking the syscall allows older systems to use the functionality if their kernel supports it.