snapcraft icon indicating copy to clipboard operation
snapcraft copied to clipboard

Published 20 hours ago verified publisher icon canonical

elf: add a class to check for dependency problems in a group of files

Open jhenstridge opened this issue 4 years ago • 3 comments

  • [ ] Have you followed the guidelines for contributing?
  • [ ] Have you signed the CLA?
  • [ ] Have you successfully run ./runtests.sh static?
  • [ ] Have you successfully run ./runtests.sh tests/unit?

This is still a work in progress, and somewhat duplicates the current ldd based dependency checking code. It is currently not hooked up to anything, and I'm not quite sure where it would make most sense to run the check.

With a single pass over all files in the snap, it performs the following checks:

  1. check for unused shared libraries, using the non-libraries as a starting point and recursively following dependencies.
  2. check that all dependencies in the set of used elf files are met by either the snap itself or its base. This includes checking that required symbol versions are defined (e.g. to catch executables requiring newer glibc).
  3. check whether libraries in the snap duplicate those in the base snap. We only generate a warning if the library from the base snap defines all the symbol versions required by the elf files in the snap.

For (1), I'm defining non-libraries as ELF files without a soname. I intended this to cover both executables and "plugin" type shared object files. Unfortunately my testing showed up a number of cases where plugins have sonames, so perhaps it needs to take the file path into account too.

Here is an example of the current output:

>>> from snapcraft.internal import elf
>>> dep = elf.DependencyChecker()
>>> dep.add_base_libs('/snap/core18/current')
>>> for w in dep.check('/snap/lxd/current'): print(w)
... 
library lib/liblxcfs.so in snap is unused
library lib/libmnl.so.0.2.0 in snap duplicates /snap/core18/current/lib/x86_64-linux-gnu/libmnl.so.0.2.0 from base snap
library lib/libseccomp.so.2.5.1 in snap duplicates /snap/core18/current/lib/x86_64-linux-gnu/libseccomp.so.2.4.3 from base snap
library lib/libsqlite3.so.0.8.6 in snap duplicates /snap/core18/current/usr/lib/x86_64-linux-gnu/libsqlite3.so.0.8.6 from base snap
library lib/x86_64-linux-gnu/ceph/compressor/libceph_snappy.so.2.0.0 in snap is unused
library lib/x86_64-linux-gnu/ceph/compressor/libceph_zlib.so.2.0.0 in snap is unused
library lib/x86_64-linux-gnu/ceph/compressor/libceph_zstd.so.2.0.0 in snap is unused
library lib/x86_64-linux-gnu/ceph/crypto/libceph_crypto_isal.so.1.0.0 in snap is unused
library lib/x86_64-linux-gnu/device-mapper/libdevmapper-event-lvm2mirror.so in snap is unused
library lib/x86_64-linux-gnu/device-mapper/libdevmapper-event-lvm2raid.so in snap is unused
library lib/x86_64-linux-gnu/device-mapper/libdevmapper-event-lvm2snapshot.so in snap is unused
library lib/x86_64-linux-gnu/device-mapper/libdevmapper-event-lvm2thin.so in snap is unused
library lib/x86_64-linux-gnu/libdb-5.3.so in snap duplicates /snap/core18/current/usr/lib/x86_64-linux-gnu/libdb-5.3.so from base snap
library lib/x86_64-linux-gnu/libdevmapper-event-lvm2.so.2.02 in snap is unused
library lib/x86_64-linux-gnu/liblvm2app.so.2.2 in snap is unused
library lib/x86_64-linux-gnu/liblvm2cmd.so.2.02 in snap is unused
library lib/x86_64-linux-gnu/libsnappy.so.1.1.7 in snap is unused
library lib/x86_64-linux-gnu/libusbredirhost.so.1.0.0 in snap is unused
library lib/x86_64-linux-gnu/nss/libfreeblpriv3.so in snap is unused
library lib/x86_64-linux-gnu/nss/libsoftokn3.so in snap is unused
library libebt_802_3.so required by bin/ebtables is missing
library libebt_among.so required by bin/ebtables is missing
library libebt_arp.so required by bin/ebtables is missing
library libebt_arpreply.so required by bin/ebtables is missing
library libebt_ip.so required by bin/ebtables is missing
library libebt_ip6.so required by bin/ebtables is missing
library libebt_limit.so required by bin/ebtables is missing
library libebt_log.so required by bin/ebtables is missing
library libebt_mark.so required by bin/ebtables is missing
library libebt_mark_m.so required by bin/ebtables is missing
library libebt_nat.so required by bin/ebtables is missing
library libebt_nflog.so required by bin/ebtables is missing
library libebt_pkttype.so required by bin/ebtables is missing
library libebt_redirect.so required by bin/ebtables is missing
library libebt_standard.so required by bin/ebtables is missing
library libebt_stp.so required by bin/ebtables is missing
library libebt_ulog.so required by bin/ebtables is missing
library libebt_vlan.so required by bin/ebtables is missing
library libebtable_broute.so required by bin/ebtables is missing
library libebtable_filter.so required by bin/ebtables is missing
library libebtable_nat.so required by bin/ebtables is missing
library zfs-2.0/lib/libzfsbootenv.so.1.0.0 in snap is unused
library zfs-2.0/lib/libzpool.so.4.0.0 in snap is unused

While this shows up a few libraries that could be removed from the snap, there it also exposes a few problems with the checks:

  • the ceph and device-mapper plugins are listed as unused libraries, which has knock-on effects for other libraries in the snap. They should be treated as non-libraries despite having a soname.
  • the libebt_*.so libraries are reported as missing. It turns out the files exist but have no soname set so were incorrectly excluded from the library set.

So perhaps doing a path based check is a better approach for distinguishing libraries from executables/plugins. Perhaps checking that the file's dirname ends with /lib or /lib/${any_arch_triplet} would be appropriate?

jhenstridge avatar Jan 13 '21 14:01 jhenstridge

I've adjusted the code to include files in library directories in the library list even if they don't have a soname, and to include anything not in a library directory as the part of the kernel for deciding what is unused. With those changes, these are the warnings it generates for the lxd snap:

library lib/liblxcfs.so in snap is unused
library lib/libmnl.so.0.2.0 in snap duplicates /snap/core18/current/lib/x86_64-linux-gnu/libmnl.so.0.2.0 from base snap
library lib/libseccomp.so.2.5.1 in snap duplicates /snap/core18/current/lib/x86_64-linux-gnu/libseccomp.so.2.4.3 from base snap
library lib/libsqlite3.so.0.8.6 in snap duplicates /snap/core18/current/usr/lib/x86_64-linux-gnu/libsqlite3.so.0.8.6 from base snap
library lib/x86_64-linux-gnu/libdb-5.3.so in snap duplicates /snap/core18/current/usr/lib/x86_64-linux-gnu/libdb-5.3.so from base snap
library lib/x86_64-linux-gnu/liblvm2app.so.2.2 in snap is unused
library lib/x86_64-linux-gnu/libusbredirhost.so.1.0.0 in snap is unused
library zfs-2.0/lib/libzfsbootenv.so.1.0.0 in snap is unused
library zfs-2.0/lib/libzpool.so.4.0.0 in snap is unused

Out of these warnings, perhaps the libseccomp.so one should be silenced. LXD is building its own libseccomp, so presumably it relies on fixes or features not present in the base snap's libseccomp. Maybe checking if the base name of the two libraries differ would be appropriate?

Checking the snap-store snap, including gnome-3-34-1804's files as base libraries:

>>> from snapcraft.internal import elf
>>> dep = elf.DependencyChecker()
>>> dep.add_base_libs('/snap/core18/current')
>>> dep.add_base_libs('/snap/gnome-3-34-1804/current')
>>> for w in dep.check('/snap/snap-store/current'): print(w)
... 
library lib/x86_64-linux-gnu/bindtextdomain.so in snap is unused
library lib/x86_64-linux-gnu/libbsd.so.0.8.7 in snap duplicates /snap/gnome-3-34-1804/current/lib/x86_64-linux-gnu/libbsd.so.0.8.7 from base snap
library lib/x86_64-linux-gnu/libcap-ng.so.0.0.0 in snap duplicates /snap/core18/current/lib/x86_64-linux-gnu/libcap-ng.so.0.0.0 from base snap
library lib/x86_64-linux-gnu/libcom_err.so.2.1 in snap duplicates /snap/gnome-3-34-1804/current/lib/x86_64-linux-gnu/libcom_err.so.2.1 from base snap
library lib/x86_64-linux-gnu/libdbus-1.so.3.19.4 in snap duplicates /snap/gnome-3-34-1804/current/lib/x86_64-linux-gnu/libdbus-1.so.3.19.4 from base snap
library lib/x86_64-linux-gnu/libexpat.so.1.6.7 in snap duplicates /snap/gnome-3-34-1804/current/lib/x86_64-linux-gnu/libexpat.so.1.6.7 from base snap
library lib/x86_64-linux-gnu/libfdisk.so.1.1.0 in snap duplicates /snap/core18/current/lib/x86_64-linux-gnu/libfdisk.so.1.1.0 from base snap
library lib/x86_64-linux-gnu/libhistory.so.7.0 in snap is unused
library lib/x86_64-linux-gnu/libkeyutils.so.1.5 in snap duplicates /snap/gnome-3-34-1804/current/lib/x86_64-linux-gnu/libkeyutils.so.1.5 from base snap
library lib/x86_64-linux-gnu/liblzo2.so.2.0.0 in snap duplicates /snap/core18/current/lib/x86_64-linux-gnu/liblzo2.so.2.0.0 from base snap
library lib/x86_64-linux-gnu/libreadline.so.7.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libX11.so.6.3.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libX11.so.6.3.0 from base snap
library usr/lib/x86_64-linux-gnu/libXau.so.6.0.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libXau.so.6.0.0 from base snap
library usr/lib/x86_64-linux-gnu/libXcomposite.so.1.0.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2 in snap is unused
library usr/lib/x86_64-linux-gnu/libXdamage.so.1.1.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0 from base snap
library usr/lib/x86_64-linux-gnu/libXext.so.6.4.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libXext.so.6.4.0 from base snap
library usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libXi.so.6.1.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libXinerama.so.1.0.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libXrandr.so.2.2.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0 from base snap
library usr/lib/x86_64-linux-gnu/libasn1.so.8.0.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libasn1.so.8.0.0 from base snap
library usr/lib/x86_64-linux-gnu/libaspell.so.15.2.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libaspell.so.15.2.0 from base snap
library usr/lib/x86_64-linux-gnu/libatk-1.0.so.0.22810.1 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libatk-1.0.so.0.23410.1 from base snap
library usr/lib/x86_64-linux-gnu/libatk-bridge-2.0.so.0.0.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libatspi.so.0.0.1 in snap is unused
library usr/lib/x86_64-linux-gnu/libavahi-client.so.3.2.9 in snap is unused
library usr/lib/x86_64-linux-gnu/libavahi-common.so.3.5.3 in snap is unused
library usr/lib/x86_64-linux-gnu/libcairo-gobject.so.2.11510.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libcairo.so.2.11510.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/libcairo.so.2.11600.0 from base snap
library usr/lib/x86_64-linux-gnu/libcolord.so.2.0.5 in snap is unused
library usr/lib/x86_64-linux-gnu/libcolordprivate.so.2.0.5 in snap is unused
library usr/lib/x86_64-linux-gnu/libcroco-0.6.so.3.0.1 in snap is unused
library usr/lib/x86_64-linux-gnu/libcups.so.2 in snap is unused
library usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.5.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libdatrie.so.1.3.3 in snap is unused
library usr/lib/x86_64-linux-gnu/libdconf.so.1.0.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libelf-0.170.so in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libelf-0.170.so from base snap
library usr/lib/x86_64-linux-gnu/libenchant.so.1.6.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libenchant.so.1.6.0 from base snap
library usr/lib/x86_64-linux-gnu/libepoxy.so.0.0.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libexpatw.so.1.6.7 in snap is unused
library usr/lib/x86_64-linux-gnu/libffi.so.6.0.4 in snap duplicates /snap/core18/current/usr/lib/x86_64-linux-gnu/libffi.so.6.0.4 from base snap
library usr/lib/x86_64-linux-gnu/libfontconfig.so.1.10.1 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libfontconfig.so.1.10.1 from base snap
library usr/lib/x86_64-linux-gnu/libfreetype.so.6.15.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libfreetype.so.6.15.0 from base snap
library usr/lib/x86_64-linux-gnu/libgmodule-2.0.so.0.5600.4 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libgmodule-2.0.so.0.6400.6 from base snap
library usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2 from base snap
library usr/lib/x86_64-linux-gnu/libgnutls.so.30.14.10 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libgnutls.so.30.14.10 from base snap
library usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5600.4 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.6400.6 from base snap
library usr/lib/x86_64-linux-gnu/libgraphite2.so.3.0.1 in snap is unused
library usr/lib/x86_64-linux-gnu/libgspell-1.so.1.3.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libgspell-1.so.1.3.0 from base snap
library usr/lib/x86_64-linux-gnu/libgssapi.so.3.0.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libgssapi.so.3.0.0 from base snap
library usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2.2 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2.2 from base snap
library usr/lib/x86_64-linux-gnu/libgstbase-1.0.so.0.1405.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libgstbase-1.0.so.0.1405.0 from base snap
library usr/lib/x86_64-linux-gnu/libgstcheck-1.0.so.0.1405.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libgstcontroller-1.0.so.0.1405.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libgstnet-1.0.so.0.1405.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0.1405.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0.1405.0 from base snap
library usr/lib/x86_64-linux-gnu/libgthread-2.0.so.0.5600.4 in snap is unused
library usr/lib/x86_64-linux-gnu/libgudev-1.0.so.0.2.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libgudev-1.0.so.0.2.0 from base snap
library usr/lib/x86_64-linux-gnu/libhcrypto.so.4.1.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libhcrypto.so.4.1.0 from base snap
library usr/lib/x86_64-linux-gnu/libheimbase.so.1.0.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libheimbase.so.1.0.0 from base snap
library usr/lib/x86_64-linux-gnu/libheimntlm.so.0.1.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libheimntlm.so.0.1.0 from base snap
library usr/lib/x86_64-linux-gnu/libhogweed.so.4.4 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libhogweed.so.4.4 from base snap
library usr/lib/x86_64-linux-gnu/libhunspell-1.6.so.0.0.1 in snap is unused
library usr/lib/x86_64-linux-gnu/libhx509.so.5.0.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libhx509.so.5.0.0 from base snap
library usr/lib/x86_64-linux-gnu/libicudata.so.60.2 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libicudata.so.60.2 from base snap
library usr/lib/x86_64-linux-gnu/libicui18n.so.60.2 in snap is unused
library usr/lib/x86_64-linux-gnu/libicuio.so.60.2 in snap is unused
library usr/lib/x86_64-linux-gnu/libicutest.so.60.2 in snap is unused
library usr/lib/x86_64-linux-gnu/libicutu.so.60.2 in snap is unused
library usr/lib/x86_64-linux-gnu/libicuuc.so.60.2 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libicuuc.so.60.2 from base snap
library usr/lib/x86_64-linux-gnu/libidn2.so.0.3.3 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libidn2.so.0.3.3 from base snap
library usr/lib/x86_64-linux-gnu/libjbig.so.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libjpeg.so.8.1.2 in snap is unused
library usr/lib/x86_64-linux-gnu/libjson-glib-1.0.so.0.400.2 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libjson-glib-1.0.so.0.400.5 from base snap
library usr/lib/x86_64-linux-gnu/libk5crypto.so.3.1 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libk5crypto.so.3.1 from base snap
library usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0 from base snap
library usr/lib/x86_64-linux-gnu/libkrb5.so.3.3 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libkrb5.so.3.3 from base snap
library usr/lib/x86_64-linux-gnu/libkrb5support.so.0.1 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libkrb5support.so.0.1 from base snap
library usr/lib/x86_64-linux-gnu/libksba.so.8.11.6 in snap is unused
library usr/lib/x86_64-linux-gnu/liblber-2.4.so.2.10.8 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/liblber-2.4.so.2.10.8 from base snap
library usr/lib/x86_64-linux-gnu/liblcms2.so.2.0.8 in snap is unused
library usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.10.8 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.10.8 from base snap
library usr/lib/x86_64-linux-gnu/liblz4.so.1.7.1 in snap duplicates /snap/core18/current/usr/lib/x86_64-linux-gnu/liblz4.so.1.7.1 from base snap
library usr/lib/x86_64-linux-gnu/libnettle.so.6.4 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libnettle.so.6.4 from base snap
library usr/lib/x86_64-linux-gnu/libnghttp2.so.14.15.2 in snap is unused
library usr/lib/x86_64-linux-gnu/libnpth.so.0.1.1 in snap is unused
library usr/lib/x86_64-linux-gnu/libnss3.so in snap is unused
library usr/lib/x86_64-linux-gnu/liboauth.so.0.8.7 in snap is unused
library usr/lib/x86_64-linux-gnu/libp11-kit.so.0.3.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libp11-kit.so.0.3.0 from base snap
library usr/lib/x86_64-linux-gnu/libpixman-1.so.0.34.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/libpixman-1.so.0.38.4 from base snap
library usr/lib/x86_64-linux-gnu/libpng16.so.16.34.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libpng16.so.16.34.0 from base snap
library usr/lib/x86_64-linux-gnu/libproxy.so.1.0.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libproxy.so.1.0.0 from base snap
library usr/lib/x86_64-linux-gnu/libpsl.so.5.2.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libpspell.so.15.2.0 in snap is unused
library usr/lib/x86_64-linux-gnu/librest-0.7.so.0.0.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libroken.so.18.1.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libroken.so.18.1.0 from base snap
library usr/lib/x86_64-linux-gnu/librsvg-2.so.2.40.20 in snap is unused
library usr/lib/x86_64-linux-gnu/librtmp.so.1 in snap is unused
library usr/lib/x86_64-linux-gnu/libsasl2.so.2.0.25 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libsasl2.so.2.0.25 from base snap
library usr/lib/x86_64-linux-gnu/libsecret-1.so.0.0.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libsmime3.so in snap is unused
library usr/lib/x86_64-linux-gnu/libsoup-2.4.so.1.8.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libsoup-2.4.so.1.8.0 from base snap
library usr/lib/x86_64-linux-gnu/libsoup-gnome-2.4.so.1.8.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libsqlite3.so.0.8.6 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libsqlite3.so.0.8.6 from base snap
library usr/lib/x86_64-linux-gnu/libssl3.so in snap is unused
library usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.5 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.5 from base snap
library usr/lib/x86_64-linux-gnu/libthai.so.0.3.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libtiff.so.5.3.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libunistring.so.2.1.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libunistring.so.2.1.0 from base snap
library usr/lib/x86_64-linux-gnu/libwayland-client.so.0.3.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libwayland-cursor.so.0.0.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libwayland-egl.so.1.0.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libwind.so.0.0.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libwind.so.0.0.0 from base snap
library usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.0 from base snap
library usr/lib/x86_64-linux-gnu/libxcb-shm.so.0.0.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libxcb-shm.so.0.0.0 from base snap
library usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0 from base snap
library usr/lib/x86_64-linux-gnu/libxkbcommon.so.0.0.0 in snap is unused
library usr/lib/x86_64-linux-gnu/libxml2.so.2.9.4 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libxml2.so.2.9.4 from base snap
library usr/lib/x86_64-linux-gnu/libyaml-0.so.2.0.5 in snap duplicates /snap/core18/current/usr/lib/x86_64-linux-gnu/libyaml-0.so.2.0.5 from base snap
library usr/lib/x86_64-linux-gnu/libzstd.so.1.3.3 in snap duplicates /snap/gnome-3-34-1804/current/usr/lib/x86_64-linux-gnu/libzstd.so.1.3.3 from base snap

A few of the libraries reported as unused here are likely transitive dependencies of the snap-store binary, but we didn't discover them because the intermediate dependency was provided by the base library set in gnome-3-34-1804. Presumably they are also duplicates.

jhenstridge avatar Jan 14 '21 01:01 jhenstridge

I'm setting this branch to ready for review, although the new code is not currently called from anywhere. I don't really have time to continue working on this, but I hope it will be useful for future work on Snapcraft.

The DependencyChecker class is enough to generate a set of warnings for a snap (as identified by a directory containing its contents: either the prime directory, or a mount of the final squashfs would do), when used in conjunction with the a base snap and any content it may have access to via the content interface (in both cases by pointing it at directories containing libraries via add_base_libs).

It can tell you:

  1. whether any executables or plugins from the snap are missing library dependencies. We also consider the ELF architecture in this check to handle 32-bit code in amd64/arm64 snaps. It also considers symbol versioning to handle cases where e.g. people try to create a snap with pre-built binaries that depend on a newer glibc.
  2. whether the snap contains libraries that duplicate those provided by the base or content snaps. Note that if the snap requires symbol versions not present in the base snap version of the library, no warning is produced.
  3. whether the snap contains libraries that don't appear to be required by any executables or plugins.

It tries to do all this in a single pass, rather than the quadratic time of the current ldd approach. It has a few drawbacks though:

  • the algorithm needs to be able to identify a set of root files to start walking dependencies. My initial thought was to use any ELF file that was not a shared library or was a shared library without a soname, with the thought that this would cover all executables and plugin modules. This doesn't quite work, since some apps add unnecessary sonames to their plugins, and some libraries lack sonames. The current version of the code also considers whether the file looks like it'd be on the library path. That's not perfect either, since e.g. NSS plugins are usually found on the library path.
  • We've got no visibility for library dependencies only accessed via dlopen. That's a limitation shared with the current ldd based code though.
  • There should probably be a way to silence the unused library warnings for cases where it is legitimate to ship unused libraries. Namely base snaps and snaps with content interface slots.

jhenstridge avatar Aug 31 '21 10:08 jhenstridge

Nice!

cjp256 avatar Aug 31 '21 11:08 cjp256