[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: -ffile-prefix-map option and reproducibility

On Tue, 2023-02-07 at 20:00:06 +0100, Sven Joachim wrote:
> On 2023-02-07 17:50 +0100, Guillem Jover wrote:
> > On Tue, 2023-02-07 at 16:41:47 +0100, Stéphane Glondu wrote:
> >> I suspect this was added to improve reproducibility. Ironically, it makes
> >> packages that capture this variable non reproducible, since the build path
> >> seems to be randomized (has it always been the case? since when?). It is the
> >> case of OCaml (see #1030785), and seemingly of R as well (found by grepping
> >> in my /etc). I wouldn't be surprised other packages are affected as well.
> >
> > AFAIR this was considered at the time, yes. If the flag is effectively
> > not fixing anything for the set of packages involved, and is in fact
> > actually making them unreproducible when they would not then, you can
> > disable the fixfilepath feature in the reproducible build flags area,
> This does not help for packages which capture all build flags and store
> them in some file in the package (as is the case here).  With
> DEB_BUILD_MAINT_OPTIONS=reproducible=-fixfilepath, dpkg-buildflags falls
> back to "-fdebug-prefix-map=<BUILDDIR>=.", and you have the same
> problem.  If you disable that as well via
> DEB_BUILD_MAINT_OPTIONS=reproducible=-fixfilepath,-fixdebugpath, the
> -dbgsym packages will most likely end up unreproducible.

Ah, you are absolutely right. I don't think the case of these flags
making the build unreproducible and the package not generating any
debug objects are going to be common at all. I considered mentioning
fixing the build to stop capturing, but felt it might be more effort
than requested. :) Should probably have mentioned anyway, as was done
elsewhere in the thread.

In any case I'm thinking to add something like the attached to the man
page to try to clarify this.

From 1d94da75b63115485ad1247c44f64973ed74339f Mon Sep 17 00:00:00 2001
From: Guillem Jover <guillem@debian.org>
Date: Wed, 8 Feb 2023 11:26:14 +0100
Subject: [PATCH] man: Add notes about reproducibility properties for path
 fixing build features

Mention that if the build captures the build flags that will make it
unreproducible, the traps with trying to disable these flags to get
back to a reproducible output. And that the ideal fix is to stop
capturing build flags.

Prompted-by: Sven Joachim <svenjoac@gmx.de>
 man/dpkg-buildflags.pod | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/man/dpkg-buildflags.pod b/man/dpkg-buildflags.pod
index 6067d4923..01c14269e 100644
--- a/man/dpkg-buildflags.pod
+++ b/man/dpkg-buildflags.pod
@@ -622,6 +622,13 @@ This has the effect of removing the build path from any generated file.
 If both B<fixdebugpath> and B<fixfilepath> are set, this option
 takes precedence, because it is a superset of the former.
+B<Note>: If the build process captures the build flags into the resulting
+built objects, that will make the package unreproducible.
+And while disabling this option might make some of the objects reproducible
+again this would also require disabling B<fixdebugpath>, which might make
+any generated debug symbols objects unreproducible.
+The ideal fix is to stop capturing build flags.
 =item B<fixdebugpath>
 This setting (enabled by default) adds
@@ -632,6 +639,8 @@ set to the top-level directory of the package being built.
 This has the effect of removing the build path from any generated debug
+B<Note>: This feature has similar reproducible properties as B<fixfilepath>.

Reply to: