[gnutls-devel] Symbol versioning in gnutls broken -> crashes

Andreas Metzler ametzler at bebt.de
Sat May 24 15:09:16 CEST 2014 

On 2014-05-24 Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
> On Sat, 2014-05-24 at 08:58 +0200, Andreas Metzler wrote:
[...]
> I think symbol versioning is pretty good for libc and stateless
> functions but cannot do much when there are internal structures involved
> like in gnutls. 

> I believe nevertheless that the way gnutls uses symbol versioning is the
> recommended way for all libraries.

Hello,
I do not think so. There are two distinct uses for symbol versioning:
#1 the glibc way: They use symbol versioning/mangling as a special
   tool to _avoid_ a soname bump when they change/extend the API/ABI
   while. If foo() in 2.1.16 behaves different than foo() in earlier
   versions than glibc provides both versions of foo(), binaries built
   against the old version can keep using foo at GLIBC_2.1 while a
   freshly built binary will end up using foo at GLIBC_2.1.16. This
   requires more than just shipping and using a .map file.

#2 Pretty much everything else. They occassionally break the ABI and
   need to bump the soname. Then one versions the symbols corresponding
   to the soname. This guarantees that a program which (indirectly)
   links against two versions of the library gets the correct function
   from the correct library.

> As I understand from your suggestion
> here, is to change symbol versioning on every major version bump?

Yes.

> I could consider that for the next soname bump (not soon) but
> unfortunately the ABI cannot be broken now as there have been quite
> many releases in the 3.x series. Is there a reason to keep the old
> gnutls version? The API's are compatible and old programs need only
> to be recompiled with the new library.

Well, it is not just a straight recompile. Some stuff does not build,
and also there is loads of unnecessary gcrypt linkage to get rid of.
And Debian especially needs to care about partial upgrades. Also the
transition is huge: There are 214 binary packages involved which just
will not all be ready for transition at one time.

I can understand if you will not bump the soname now, however I am
pretty sure we will be forced to do so in Debian.

cu Andreas

-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Gnutls-devel mailing list