[Fedora-packaging] Re: ocaml signature hashing: really neccessary?
Axel.Thimm at ATrpms.net
Fri Jun 15 15:34:51 UTC 2007
On Fri, Jun 15, 2007 at 12:29:13PM +0100, Richard W.M. Jones wrote:
> Axel Thimm wrote:
> >I wonder whether this is maybe overdesigned. AFAIU this signature
> >hashing was made because ocaml is not considered stable enough to
> >carry over signatures from release to release.
> >Same could be told about hundreds of C libraries, wouldn't the
> >neccessity in ocaml then imply a neccessity to hash C-library APIs as
> >well? Maybe it's something we will consider to do someday, but the
> >order would be to cater for C/C++/Fortran/etc libraries first and then
> >for niche languages like ocaml.
> >I think it's a bit too much, or did I miss something important (I'm
> >not a real ocaml user, there is just this one application that even
> >justifies ocaml's existance ;)
> No, it's really necessary and has nothing to do with stability or
> otherwise of OCaml (which is a very mature language that has been around
> in one form or another since the mid 80s).
> When OCaml compiles a library A, it takes a hash over the whole
> interface -- every single function, every argument to every function,
> and some of the internals, are just some of the things included in this
> When OCaml compiles library B which depends on library A, it encodes the
> hash of A into B.
> Now we come to link a program against library B (and hence against
> library A). The hashes are checked and the linking will fail if, for
> example, the hash of A has changed since B was compiled.
> C has only weak checking in comparison. Sure, you can change a library,
> but you'd better hope for example that some struct in that library
> didn't change the size of one of its fields. If it did your program
> will still link, but will fail in interesting ways at runtime.
> OCaml's checking has the big downside, which is that it goes above and
> beyond what is necessary for just checking compatibility. For example,
> you can't add more functions to library A, even though such a change is
> probably safe. Nevertheless, RPM hashes are just enforcing what the
> OCaml linker enforces, and without them you'd be able to install
> incompatible OCaml RPMs which won't actually work together.
Thanks Rich for dusting off an old mind. I agree, if this is an
upstream mechanism that makes even conventional rpm packaging fail,
then we need that. I thought it was something put on top of ocaml,
e.g. a pure packaging level hashing. Standing corrected and in
agreement now. ;)
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the Fedora-packaging