Re: GCC5 library transition for xml-security-c -- needed or not?

To: debian-mentors@lists.debian.org
Subject: Re: GCC5 library transition for xml-security-c -- needed or not?
From: Jakub Wilk <jwilk@debian.org>
Date: Sun, 29 Nov 2015 15:34:18 +0100
Message-id: <[🔎] 20151129143418.GA3494@jwilk.net>
Mail-followup-to: debian-mentors@lists.debian.org
In-reply-to: <[🔎] 87r3jcvcn1.fsf@lant.ki.iif.hu>
References: <[🔎] 87r3jcvcn1.fsf@lant.ki.iif.hu>

* Ferenc Wagner <wferi@niif.hu>, 2015-11-26, 19:28:

I'm packaging a new upstream version of xml-security-c. The previoussid version was 1.7.2-3, which had a transition bug filed for it:https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=791323
Simon McVittie tagged it "unreproducible", because he suspected thatthe exported cxx11 symbols were not part of the API, but "weak symbolsfor template instantiations". I agree, because the demangled names (asdisplayed in the bug report) are not even present in the sources.

I disagree. :) One of the symbols in question is

std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, int, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const, int> > >::operator[](std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)

which is a verbose way of saying

std::map<std::string, int>::operator[](std::string)

This is an indication that the shared library usesstd::map<std::string, int> objects somewhere. It might be animplementation detail (in which case we're safe) or it might be part ofthe ABI.

If you grep for "std::map<std::string", you'll find this inOpenSSLCryptoProvider.hpp:


class DSIG_EXPORT OpenSSLCryptoProvider : public XSECCryptoProvider {
#ifdef XSEC_OPENSSL_HAVE_EC
   std::map<std::string,int> m_namedCurveMap;
#endif
...
}

and in OpenSSLCryptoProvider.cpp:

#ifdef XSEC_OPENSSL_HAVE_EC
int OpenSSLCryptoProvider::curveNameToNID(const char* curveName) const {
   std::map<std::string,int>::const_iterator i = m_namedCurveMap.find(curveName);
   ...
}
#endif

In Debian, XSEC_OPENSSL_HAVE_EC is defined, so I conclude that this ispart of xml-security-c ABI, and GCC 5 did break it, and the transitionwas justified.

On the other hand, the package got an NMU to deal with the transition.Now I think that was unnecessary, but could not look into the issue atthat time, thus I didn't object. So libxml-security-c17v5 was born.
Now I'm preparing 1.7.3-1. This minor version bump won't change the SOversion, it stays at 17. I guess I have to acknowledge the NMU someway. Should I keep the SO version change introduced by the NMU or not?

The NMU didn't change the SONAME, just the package name. And yes, youshould keep the new name.

(Even if it turned out that the rename was not necessary, you shouldkeep it. Unnecessary transitions is bad, but still better than twounnecessary transitions!)


--
Jakub Wilk

Reply to:

Follow-Ups:
- Re: GCC5 library transition for xml-security-c -- needed or not?
  - From: Ferenc Wagner <wferi@niif.hu>

References:
- GCC5 library transition for xml-security-c -- needed or not?
  - From: Ferenc Wagner <wferi@niif.hu>

Prev by Date: Re: general question about quilt patch handling
Next by Date: Re: .symbols or shlibs file
Previous by thread: GCC5 library transition for xml-security-c -- needed or not?
Next by thread: Re: GCC5 library transition for xml-security-c -- needed or not?
Index(es):
- Date
- Thread