1 |
On Sat, Sep 23, 2006 at 11:31:12PM -0400, Mike Frysinger wrote: |
2 |
> On Saturday 23 September 2006 10:30, Brian Harring wrote: |
3 |
> > dlopen? |
4 |
> |
5 |
> we already said that this will need a new depend variable |
6 |
> |
7 |
> > How does this fix openssl horkage? (bad soname handling) |
8 |
> |
9 |
> it wont, but such things are broken regardless outside of Gentoo ... and |
10 |
> trying to accommodate something that happens every three blue moons at the |
11 |
> cost of developer time is not worth it |
12 |
|
13 |
Bad soname handling is just *part* of what BINCOMPAT could do; it's |
14 |
not the sole reason for it's existance, as such it's not quite right |
15 |
dismissing it just because it addresses a rarity the NEEDED approach |
16 |
doesn't. :) |
17 |
|
18 |
> > Also... what do we do for python/perl (*-updater scripts in general) |
19 |
> > where a change in a pkg state means we have to rebuild the revdeps? |
20 |
> |
21 |
> my solution does not address this, but what you're proposing would over |
22 |
> address this ... how do you know when a package needs to be rebuilt (a perl |
23 |
> module) or rebuilding is a waste of time (a package installs perl scripts |
24 |
> that execute `perl` and nothing else) |
25 |
|
26 |
Original email stated that 'binding deps' would be required for that, |
27 |
marking deps in some way such that it indicates they're sensitive to |
28 |
changes in BINCOMPAT of the match. |
29 |
|
30 |
*IF* we actually had that in place it would enable detecting and |
31 |
rebuilding c++ code whenever gcc pulls its next c++ abi change with |
32 |
appropriate deps in place (iow, kill off the implicit system deps). |
33 |
|
34 |
Back to your example, if it's just a caller of it, it's not binding; |
35 |
now if it were a perl module that sticks its modules into the perl |
36 |
installation, yes, binding (it needs to rebuild to merge to the new |
37 |
location). |
38 |
|
39 |
|
40 |
> > What you're suggesting works for strictly linkage; still think this |
41 |
> > shouuld work for the general problem rather then just one subset. |
42 |
> |
43 |
> yes, i am addressing what i see to be the most critical issue and the easiest |
44 |
> to break a user's system |
45 |
> |
46 |
> > Clarifying my statement; we don't break our DEPEND down into "this is |
47 |
> > what is executed in building the package" (toolchain), |
48 |
> |
49 |
> DEPEND |
50 |
> |
51 |
> > vs "this is the |
52 |
> > crap the binaries we build against need avail to be linked against", |
53 |
> > literally what winds up as -l args. |
54 |
> |
55 |
> RDEPEND |
56 |
|
57 |
If that were the case, why do we have libraries listed in DEPEND then? |
58 |
|
59 |
DEPEND is (and always has been) "this is the crap I need merged to be |
60 |
able to build an install image of myself", RDEPEND is (and always has |
61 |
been) "this is the crap I need on the fs to actually run my |
62 |
binaries/libs" and PDEPEND is around to cover up portages resolver, |
63 |
but moreso the trees mostly whacked deps. |
64 |
|
65 |
This is why eradicator, solar, and you were discussing splitting link |
66 |
depends out of DEPEND for saner CHOST/CTARGET support around a year |
67 |
back also. |
68 |
|
69 |
Semantics at this point, but RDEPEND does *not* need to be merged to |
70 |
build a pkg, only DEPEND; it's never been any other way. |
71 |
|
72 |
|
73 |
> > If punting the old lib (as I assumed), means we would potentially be |
74 |
> > making certain DEPEND atoms unusable if they're required in an |
75 |
> > execution context (rather then just winding up as a -l arg). |
76 |
> |
77 |
> no ... lemme give a perfect example. |
78 |
> |
79 |
> user has openssl-0.9.7j installed and they upgrade to openssl-0.9.8c ... the |
80 |
> old version provided SONAME files libcrypto.so.0.9.7 and libssl.so.0.9.7 |
81 |
> while the new one provides SONAME files libcrypto.so.0.9.8 and |
82 |
> libssl.so.0.9.8 |
83 |
> |
84 |
> everything from openssl-0.9.7j is unmerged except for the two files |
85 |
> libcrypto.so.0.9.7 and libssl.so.0.9.7. openssl-0.9.8c, being a different |
86 |
> ABI, does not provide these files thus there is no clash. |
87 |
> |
88 |
> portage keeps track of libcrypto.so.0.9.7 and libssl.so.0.9.7 and once no more |
89 |
> packages have NEEDED entries for these, will silently clean them out |
90 |
> |
91 |
> openssl is odd in that it encodes .x.y.z version into the ABI ... if we use |
92 |
> the more common example with say expat, older versions install |
93 |
> libexpat.so.0.1, libexpat.so.0.2, libexpat.so.0.3, etc... but the ABI SONAME |
94 |
> is still just libexpat.so.0. when the next major version of expat comes out, |
95 |
> the SONAME is bumped to libexpat.so.1 and portage needs to keep around the |
96 |
> last libexpat.so.0 |
97 |
> |
98 |
> > In that case, wouldn't mind a response to the "what about ctrl+c |
99 |
> > during the run?" The potential for orphaning there sucks; recording |
100 |
> > the old library in the new version sucks also since it complicates the |
101 |
> > merge process, that lib *must* be removed else it's a potential |
102 |
> > collision-protect minefield. |
103 |
> |
104 |
> - portage merges new version 2 to $ROOT |
105 |
> - system now has version 1 and version 2 in $ROOT |
106 |
> - portage starts to clean out version 1 from $ROOT |
107 |
> - do not fully trim version 1's vdb until version 2 has been updated with the |
108 |
> new information |
109 |
> |
110 |
> so ctrl+c at any point and so what ? you dont remove old files until new |
111 |
> files are fully placed and you can resume at any point |
112 |
|
113 |
Bleh, this is getting back to exactly my point that it's unbounded |
114 |
resolution. To support this, every step of execution would require |
115 |
scanning for dangling nodes to punt; aside from invalidating -p's |
116 |
output it *still* is a collision-protect hit. |
117 |
|
118 |
It also involves changing vdb nodes from "installed and usable" to |
119 |
"installed/usable" or "lingering", which makes things messier for |
120 |
1) resolver |
121 |
2) for --info |
122 |
3) for has_version |
123 |
4) for built_with_use |
124 |
5) glsa scanning |
125 |
|
126 |
There are more, but the point is that there isn't any concept of "half |
127 |
merged" packages for portage; introducing it gums things up pretty |
128 |
heavily, beyond the support NEEDED requires to actually mangle the |
129 |
half merged nodes. |
130 |
|
131 |
|
132 |
> > Finally, even if the lib is temporarily left behind, this solution |
133 |
> > doesn't gurantee the library actually would *work* still- it only can |
134 |
> > work if the lib is standalone from the rest of the pkg and doesn't |
135 |
> > rely on any external data from the pkg. |
136 |
> |
137 |
> we're talking about preserving the system long enough to rebuild things; we're |
138 |
> not talking about keeping the system forever in a sane state. |
139 |
> |
140 |
> i would guess that this corner case is not the norm and thus we can ignore it |
141 |
> as the situation is still a lot better than what we have now: |
142 |
> $ foo |
143 |
> foo: error while loading shared libraries: libbar.so.1: cannot open shared |
144 |
> object file: No such file or directory |
145 |
> |
146 |
> awesome |
147 |
|
148 |
So... NEEDED doesn't support bad soname handling, doesn't have a graph |
149 |
based gurantee that the remaining bits actually would work (bits |
150 |
above), and requires making merging *massively* slower (a NEEDED scan |
151 |
per vdb change effectively), finally emerge -p results no longer being |
152 |
accurate to what will be undertaken. |
153 |
|
154 |
Ways to speed it up, but frankly NEEDED just plain sucks. Its the |
155 |
route towards openembeddeds resolution, rather then up front |
156 |
calculation portage/rpm resolvers/apt all do. |
157 |
|
158 |
|
159 |
> > Basically trying to point out that what you're proposing only works in |
160 |
> > a subset of the cases revdep must deal with, and that revdep itself |
161 |
> > doesn't deal with *all* situations as is; hence BINCOMPAT as a way to |
162 |
> > try and shift it under maintainers control. |
163 |
> |
164 |
> revdep-rebuild doesnt take into consideration any of the issues you raised |
165 |
> |
166 |
> and forcing maintainers to always track BINCOMPAT is unwieldy ... a single |
167 |
> package provides multiple SONAMEs ? bitrot ? SONAME is dynamic based upon |
168 |
> architecture or USE flags ? |
169 |
|
170 |
Tracking BINCOMPAT should *not* be that hard. You hit a major |
171 |
version? Bump the bincompat. Not that fricking hard really; if |
172 |
dealing in a package that is pissy about it's so handling, well, you |
173 |
ought to know your inducing wide spread breakage for a rename already- |
174 |
so again, not that hard. |
175 |
|
176 |
The only case that is slightly funky is if the so doesn't change name, |
177 |
but changes abi- BINCOMPAT at least enables notifying the manager that |
178 |
a rebuild is needed, NEEDED based approach is incapable of it. |
179 |
|
180 |
Hell, automate a tool to determine if it's a BINCOMPAT bump via NEEDED |
181 |
data (folks should be compiling the pkg anyways), point is it's mainly |
182 |
common sense for maintainenance of it. |
183 |
|
184 |
|
185 |
The NEEDED approach doesn't really fix much frankly; from a complexity |
186 |
standpoint, leaving it in revdep-rebuild is *far* better then trying |
187 |
to integrate the crap you're requesting, both from an implementation |
188 |
and from a long standing maintainence view (unbounded resolution is |
189 |
*really* not the direction you want to go). |
190 |
|
191 |
The solution (imo) should be one that enables fixing the *class* of |
192 |
problem without making matters worse. |
193 |
|
194 |
Yes, if the solution can be automated without flinging poo into the |
195 |
code, I'm for it; that said I know what the implementation is going to |
196 |
have to look like, and it's *nasty*. |
197 |
|
198 |
~harring |