OpenSSL Communities

Dealing with autogenerated files - poll

DB Dmitry Belyavsky Mon 8 Sep 2025 1:22PM Public Seen by 20

We had a discussion in the Committers community about autogenerated files and related complications. At today's Corp BoD /TAC meeting we agreed that we will have a poll on this decision. Stay tuned.

DB

Dmitry Belyavsky Thu 11 Sep 2025 9:03PM

I'm really disturbed by (2) and (3).

TM

Tomas Mraz Fri 12 Sep 2025 7:17AM

@Dmitry Belyavsky 3) could be solved by changing the generator to use the full param name in the produce_param_decoder() call.

TM

Tomas Mraz Fri 12 Sep 2025 7:19AM

And I believe that it might solve 2) partially as well because when you then search for the full param name you get the template file as a result which should hint you that the .c file is generated. Also 2) can be solved by making the generated files read-only or by using out-of-tree builds which is a good idea regardless.

Item removed

Item removed

PD

Paul Dale Fri 12 Sep 2025 7:36AM

3 would be better solved by using the full param name in the table of params and the paramgen script. In hindsight, I shouldn't have omitted the OSSL_ prefix.

There should be zero need to care about the .c files or even know that they exist. Once this is achieved, problem 2 simply goes away.

I still have no idea how looking at the generated .c files to see how a param is being processed helps, in any way, to locate where & how it is used. All it does is assign the param to a pointer in the structure, quite literally "r->name = p;"

PD

Paul Dale Fri 12 Sep 2025 8:11AM

The param name is included in the decoder as a comment in the appropriate location. 3 would be better solved by using the full param name in the table of params and the paramgen script. In hindsight, I shouldn't have omitted the OSSL_ prefix.

There should be zero need to care about the .c files or even know that they exist. Once this is achieved, problem 2 simply goes away.

I still have no idea how looking at the generated .c files to see how a param is being processed helps, in any way, to locate where & how it is used. All it does is assign the param to a pointer in the structure, quite literally "r->name = p;"

DB

Dmitry Belyavsky Fri 12 Sep 2025 11:22AM

@Paul Dale thanks for resolving (3)

@Tomas Mraz Your ideas to resolve (2) seem reasonable but I think not many people use out-of-tree builds

PD

Paul Dale Fri 12 Sep 2025 11:36AM

Rather than out of tree builds (which I only use :), making the generated files read only should work.

PD

Paul Dale Fri 12 Sep 2025 11:36AM

Rather than out of tree builds (which I only use :), making the generated files read only should work.

My resolution for (3) ought to go to 3.6.

PD

Paul Dale Fri 12 Sep 2025 11:37AM

Rather than out of tree builds (which I only use :), making the generated files read only should work.

My resolution for (3) ought to go to 3.6 as well as master to avoid a pustular blister in the code base.

RL

Richard Levitte Mon 15 Sep 2025 1:41PM

@Paul Dale, could making the generated files read-only be made conditional on if they're part of a release? It's pretty easy to detect a release by looking at 'RELEASE_DATE' from VERSION.dat, which also finds its way to $config{releast_date} in perl.

The reason I'm saying this is that an OpenSSL developer between releases will otherwise constantly have to ensure the generated files are writeable, 'cause any update to the git working directory may potentially lead to them being regenerated, and that would be such a pain.

PD

Paul Dale Mon 15 Sep 2025 10:42PM

The regeneration would change permissions and overwrite.

Making them read only is to stop you, the programmer, from editing them and later losing your changes.

@Dmitry Belyavsky with point (2) addressed, is there still a high likelihood of mistakeningly editing the .c files?

DB

Dmitry Belyavsky Tue 16 Sep 2025 7:07AM

How do you address it?

@Paul Dale I understand your great intention but introducing huge amount of preprocessable files that potentially should be changed (and the changes are not easily reparable, comparing to header files) looks fishy to me

RL

Richard Levitte Mon 8 Sep 2025 1:26PM

No

All in all, I'm unsure this will gain us much, and from conversation, it doesn't really seems to solve the actual issue(s).

That being said, I'm not against making some generated files part of the repository and updated with 'make update'.

PD

Paul Dale Tue 9 Sep 2025 1:06AM

I think this poll is misguided (sorry Dmitri), the problem that needs solving won't be solved by having the generated files included in the tree -- that will help a little but will also introduce other problems. To my mind it's the learning curve and the mistakes inherent in it that are the real problem. We need documentation about how this all works with examples so that new comers get a more gradual introduction to what is automated and how it all hangs together. We will also need coders to read the documentation but that's a harder problem…

I think we do need to get the compiler error message line numbers correct. With this there really will be no need to ever inspect the generated code.

SL

Shane Lontis Tue 9 Sep 2025 7:22AM

1) Would require some trickery to get the compiler to report the error in the .in file,.
2) could be addressed by making the generated file read only..
3) Comments could solve this.

You could possibly edit either the .in file and/or the generated file and then up with merge conflicts in both. If this has any chance of producing more files that behave like the generated .num file then that would be really annoying.

RL

Richard Levitte Mon 15 Sep 2025 1:43PM

@Shane Lontis
> 3) Comments could solve this.

Er... have you looked? We usually have a warning comment at the top of the files. For example, include/openssl/asn1.h:

```
/*
* WARNING: do not edit!
* Generated by Makefile from ../include/openssl/asn1.h.in
*
```

SL

Shane Lontis Mon 15 Sep 2025 10:41PM

That does require you to notice the warnings (which may depend on how you traverse the file)
The '.in' files dont have these generated warnings though?

RL

Richard Levitte Wed 17 Sep 2025 5:40AM

@Shane Lontis

Not sure why the '.in' files would need warnings against editing them?

What they have is the perl droplet that generates those warnings. Specifically, in include/openssl/asn1.h.in, it looks like this:

/*
 * {- join("\n * ", @autowarntext) -}
 *
RL

Richard Levitte Wed 17 Sep 2025 5:43AM

Perhaps I misunderstand what "Comments could solve this" was meant to imply

PD

Paul Dale Tue 9 Sep 2025 7:37AM

Keeping the .c files in the tree also leads to the question of when the .c.in files are converted to .c ones. Currently, this happens are part of the make process. I.e. any changes to a .c.in file are immediately represented in the corresponding .c file. If this is maintained, changes to the .c file will be immediately lost. If this is not maintained, the burden when working on these files is significant -- one would have to remember to make update or similar after every edit.

With the .c files in the tree, the best option would be for make to error out if the .c file has been edited. This could be done with some trickery but it's not going to be straightforward.

RL

Richard Levitte Tue 9 Sep 2025 6:01PM

I'm ambivalent, and find myself unable to vote with confidence.
I'm thinking "yes" for files that do not depend on build configuration, "no" for those who do. For files where I say "yes", a simple "make update" should update them.

But that doesn't really help the core issue, like at all.

RL

Richard Levitte Fri 19 Sep 2025 5:58AM

During yesterday's Foundation TAC meeting, someone (nope, not me) came up with an easy enough idea for this, leading to a 10 minute PR: https://github.com/openssl/openssl/pull/28612

PD

Paul Dale Fri 19 Sep 2025 6:34AM

I suggested this very early on.

Let's see if it makes things better or not.