In 2016, many improvements happened in the ABI static analysis framework that is Libabigail. In this article we'll present how fedabipkgdiff, a new Libabigail tool can help Fedora users, developers and others to analyze ABI changes of libraries carried by packages of the distribution.
Introduction
As many of you already know, the engine used to build RPM packages in the Fedora build system is named Koji. Thus, one can get Fedora RPMs from Koji using a web browser. In that case, it's easy enough to go to https://koji.fedoraproject.org/koji/ and use the search text box on that page to look for a given package that carries libraries we want to analyze ABI changes for.
For instance, let's say that throughout this article, we want to analyze the ABI changes that happened to the libraries of the latest stable spice-server package between Fedora 23 and Fedora 25.
If we were to do this without fedabipkgdiff, I guess we'd have to use the abipkgdiff tool. That tool needs the two packages to compare (the spice-server from fedora 23 and the one from Fedora 25) and their associated debug information packages. That makes 4 packages to download from Koji, by hand.
We could even add the development packages that contain the header files of the shared libraries carried by the spice-server packages. abipkgdiff might need these development packages to filter out ABI changes coming from changes to types that are not defined in the public headers of the library. In other words, filter out changes to types that are private to the library.
So with these two additional development packages, that makes 6 packages to download from Koji, by hand.
Once we have downloaded those six packages, the invocation of abipkgdiff would look like:
abipkgdiff --debug-info-pkg1 spice-server-debuginfo-<from-fedora23>.rpm \ --debug-info-pkg2 spice-server-debuginfo-<from-fedora25>.rpm \ --devel-pkg1 spice-server-devel-<from-fedora23>.rpm \ --devel-pkg2 spice-server-devel-<from-fedora25>.rpm \ spice-server-<from-fedora23>.rpm \ spice-server-<from-fedora25>.rpm
One still has to figure out what the exact names of the latest "stable" RPMs are for Fedora 23 and Fedora 25. And that is for just one architecture.
In all fairness, as the old saying goes, there's gotta be a better way.
fedabipkgdiff: a friendly broker to Koji
It turns out that Koji does have a programmatic interface. So one can use the Koji API to discover the exact full name of the latest stable package, the associated development package or the associated debug info package. And that, for each architecture.
And this is where fedabipkgdiff kicks in. It acts as a proxy between the user who asks questions like "what are the ABI changes between Fedora 23 and 25 for the spice-server" and the Koji server. It thus downloads the packages to compare along with all their necessary ancillary packages, for all the available architectures. It then uses the abipkgdiff tool under the hood to perform the comparisons of the packages.
Invocation
"What are the ABI changes between Fedora 23 and 25 for the spice-server package?".
The command line equivalent to that question, using fedabipkgdiff, is exactly:
fedabipkgdiff --from fc23 --to fc25 spice-server
Interested readers will hopefully appreciate the compactness of this approach compared to the previous approach of downloading all the necessary packages by hand and using abipkgdiff directly.
Analyzing the results
Here is what fedabipkgdiff actually says:
$ fedabipkgdiff --from fc23 --to fc25 spice-server
Comparing the ABI of binaries between spice-server-0.12.8-1.fc23.armv7hl.rpm and spice-server-0.13.3-2.fc25.armv7hl.rpm:
================ changes of 'libspice-server.so.1.10.1'===============
Functions changes summary: 0 Removed, 0 Changed (85 filtered out), 3 Added functions
Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
3 Added functions:
'function void spice_qxl_gl_draw_async(QXLInstance*, uint32_t, uint32_t, uint32_t, uint32_t, uint64_t)' {spice_qxl_gl_draw_async@@SPICE_SERVER_0.13.1}
'function void spice_qxl_gl_scanout(QXLInstance*, int, uint32_t, uint32_t, uint32_t, uint32_t, int)' {spice_qxl_gl_scanout@@SPICE_SERVER_0.13.1}
'function int spice_server_set_video_codecs(SpiceServer*, const char*)' {spice_server_set_video_codecs@@SPICE_SERVER_0.13.2}
================ end of changes of 'libspice-server.so.1.10.1'===============
Comparing the ABI of binaries between spice-server-0.12.8-1.fc23.i686.rpm and spice-server-0.13.3-2.fc25.i686.rpm:
================ changes of 'libspice-server.so.1.10.1'===============
Functions changes summary: 0 Removed, 0 Changed (85 filtered out), 3 Added functions
Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
3 Added functions:
'function void spice_qxl_gl_draw_async(QXLInstance*, uint32_t, uint32_t, uint32_t, uint32_t, uint64_t)' {spice_qxl_gl_draw_async@@SPICE_SERVER_0.13.1}
'function void spice_qxl_gl_scanout(QXLInstance*, int, uint32_t, uint32_t, uint32_t, uint32_t, int)' {spice_qxl_gl_scanout@@SPICE_SERVER_0.13.1}
'function int spice_server_set_video_codecs(SpiceServer*, const char*)' {spice_server_set_video_codecs@@SPICE_SERVER_0.13.2}
================ end of changes of 'libspice-server.so.1.10.1'===============
Comparing the ABI of binaries between spice-server-0.12.8-1.fc23.x86_64.rpm and spice-server-0.13.3-2.fc25.x86_64.rpm:
================ changes of 'libspice-server.so.1.10.1'===============
Functions changes summary: 0 Removed, 0 Changed (85 filtered out), 3 Added functions
Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
3 Added functions:
'function void spice_qxl_gl_draw_async(QXLInstance*, uint32_t, uint32_t, uint32_t, uint32_t, uint64_t)' {spice_qxl_gl_draw_async@@SPICE_SERVER_0.13.1}
'function void spice_qxl_gl_scanout(QXLInstance*, int, uint32_t, uint32_t, uint32_t, uint32_t, int)' {spice_qxl_gl_scanout@@SPICE_SERVER_0.13.1}
'function int spice_server_set_video_codecs(SpiceServer*, const char*)' {spice_server_set_video_codecs@@SPICE_SERVER_0.13.2}
================ end of changes of 'libspice-server.so.1.10.1'===============
$
As you can see in the report above, the name of the spice-server package in Fedora 23 is actually spice-server-0.12.8-1.fc23. In Fedora 25, the package is spice-server-0.13.3-2.fc25.
These packages are available for 3 architectures: i686, x86_64 and armv7hl.
There is one shared library library in the spice-server package which has ABI changes; it's libspice-server.so.1.10.1.
We see that the ABI changes are all the same for all the 3 architectures. So we can just focus on one of the architectures. Let's look at the ARM architecture then.
The summary of the changes says:
Comparing the ABI of binaries between spice-server-0.12.8-1.fc23.armv7hl.rpm and spice-server-0.13.3-2.fc25.armv7hl.rpm: ================ changes of 'libspice-server.so.1.10.1'=============== Functions changes summary: 0 Removed, 0 Changed (85 filtered out), 3 Added functions Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
In other words, 3 functions were added to the Fedora 25 version of the libspice-server.so.1.10.1 shared library.
An interesting piece of information from that report is this one:
Functions changes summary: [...] 0 Changed (85 filtered out) [...].
This means some types used by the signature of 85 functions exported by the shared library changed. But the tool figured out that the changes are to be filtered out because they are harmless. There are ways to see and analyze these changes nevertheless. More on this in a subsequent blog post. For now, we shall rejoice that we have 85 less functions to analyze :-)
So let's focus on the other changes that the tool is reporting:
3 Added functions:
'function void spice_qxl_gl_draw_async(QXLInstance*, uint32_t, uint32_t, uint32_t, uint32_t, uint64_t)' {spice_qxl_gl_draw_async@@SPICE_SERVER_0.13.1}
'function void spice_qxl_gl_scanout(QXLInstance*, int, uint32_t, uint32_t, uint32_t, uint32_t, int)' {spice_qxl_gl_scanout@@SPICE_SERVER_0.13.1}
'function int spice_server_set_video_codecs(SpiceServer*, const char*)' {spice_server_set_video_codecs@@SPICE_SERVER_0.13.2}
In the report above we see that 3 new functions were added:
spice_qxl_gl_draw_async spice_qxl_gl_scanout spice_server_set_video_codecs
The ELF symbol of these functions are shown in curly brackets in the report:
spice_qxl_gl_draw_async@@SPICE_SERVER_0.13.1 spice_qxl_gl_scanout@@SPICE_SERVER_0.13.1 spice_server_set_video_codecs@@SPICE_SERVER_0.13.2
We see that maintainers of the spice-server library carefully version the ELF symbols of these newly added functions and that the version of these new functions is the string 'SPICE_SERVER_0.13.1'.
Beyond Fedora
Interested readers might have figured out that anyone can install the Koji build system software to build her own RPMs. There actually are many examples of Koji systems being used all over the internet.
So users can tell fedabipkgdiff to use any Koji instance of their choice, not necessarily the one running at https://koji.fedoraproject.org.
To do so, they can use the --server option of fedabipkgdiff to point to their Koji installation of choice.
For other build systems of other distributions, I hope this article shows that it's possible to write an equivalent tool tailored for their needs, reusing the foundations laid out with the Libabigail framework.
Getting fedabipkgdiff
On Fedora, at least 23, please type:
dnf install libabigail
On RHEL, CentOS 6 or 7, with the EPEL repository configured, please type:
yum install libabigail
And you should be all set.
Credits
I would like to thank Chenxiong Qi who actually wrote the fedabipkgdiff tool on his own free time. He demonstrated the feasibility of using Libabigail and its associated tools to write ABI change analysis systems tailored, in this case, for a particular software distribution.
Last updated: February 24, 2024