Stefano Zacchiroli a écrit : > [...] In practice however, dh_ocaml computes a single > ABI checksum for all binary packages of a given source package and use > that checksum for the Provides of all binary packages. So, even packages > containing only C stubs have their checksum.
No. dh_ocaml computes a checksum per libxxx/libxxx-dev pair (or per libxxx-dev if there is no libxxx counterpart), by looking at the ABI of whatever is shipped by both of them. Have a look at lablgtk2, for example. If we assume that users of a library which uses C part interacts with it only via the ML interface (i.e. not declaring external that they don't own), then we can reduce the ABI of a C stub library to the ABI of the ML interfaces that give access to it. That's what is done in dh_ocaml. > Stephane show that we have a probability of collision of about 1.6e-8, > the probability of a dumb upstream author of releasing a new C library > breaking ABI without bumping the soname is waaaay higher than that :-)) Indeed :-) > [1] Actually, this is rather interesting. I'm surprised that upstream > has never thought about this: it would be terribly useful to store > in some part of the .so a checksum which is verified at runtime > before loading the .so. I guess there is a technical reason for not > having done that, but I can't find exactly which at the moment. For the same reason as above, adding such checksums would be pointless (IMHO). -- Stéphane -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
