[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: -ffile-prefix-map option and reproducibility

On Tue, Feb 07, 2023 at 04:41:47PM +0100, Stéphane Glondu wrote:
> When building packages, a -ffile-prefix-map option is automatically injected
> into CFLAGS. Where does it come from? Since when?
> I suspect this was added to improve reproducibility. Ironically, it makes
> packages that capture this variable non reproducible, since the build path
> seems to be randomized (has it always been the case? since when?).

The build path has always been randomized since, or at least it has been
for as long as I've been involved in Debian.

> It is the
> case of OCaml (see #1030785), and seemingly of R as well (found by grepping
> in my /etc). I wouldn't be surprised other packages are affected as well.
> Is there a way to not get this option? More elegant than explicitly
> filtering it out of CFLAGS in debian/rules...

Besides doing
I actually propose to you to filter out the whole option from being
saved.  I've seen a similar pattern in other packages in the past, and
all of those packages already had a filtering function in place to
remove other gcc flags that make no sense being saved (just looking at:
    -   8: const("camlConfig__8"="-O2 -fno-strict-aliasing -fwrapv -pthread -fPIC -g -O2 -ffile-prefix-map=/build/ocaml-Vq2uKK/ocaml-4.13.1=. -fstack-protector-strong -Wformat -Werror=format-security");
    +   8: const("camlConfig__8"="-O2 -fno-strict-aliasing -fwrapv -pthread -fPIC -g -O2 -ffile-prefix-map=/build/ocaml-xz3WL7/ocaml-4.13.1=. -fstack-protector-strong -Wformat -Werror=format-security");
makes me believe that many options have been stripped out…)

                        Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540      .''`.
More about me:  https://mapreri.org                             : :'  :
Launchpad user: https://launchpad.net/~mapreri                  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-

Attachment: signature.asc
Description: PGP signature

Reply to: