On Sat, 2015-10-10 at 01:51 +0200, Kevin Kofler wrote: > * Scanning binary packages for conflicting symbols does not work either > because they are only a problem if the conflicting libraries get dragged > into the same executable at runtime.
You can compute this statically. You know the DT_NEEDED tree for every dynamic object. For applications that don't call dlopen (themselves or in their dependencies), that's good enough, any instance of two conflicting libraries in the same tree is a bug. For callers of dlopen you also add every possible plugin they might load to the tree. In any case you may get false positives, but you'll get no false negatives. The rest of your argument reduces to "we haven't written the tool to do that yet", which, fair enough, but we're talking maybe 500 lines of python, and an optional and small amount of package metadata to trim the false-positive tree for dlopen. If you consider that scale of problem to be a "giant scary minefield" I'm not sure we have common grounds for communication. - ajax -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
