[Debian-med-packaging] Bug#1003488: last-align: reproducible-builds: ignored CFLAGS/CXXFLAGS break optimization and embed buildpaths

Vagrant Cascadian vagrant at reproducible-builds.org
Tue Jan 11 00:37:40 GMT 2022 

Source: last-align
Severity: important
Tags: patch
User: reproducible-builds at lists.alioth.debian.org
Usertags: buildpath
X-Debbugs-Cc: reproducible-bugs at lists.alioth.debian.org

Both CFLAGS and CXXFLAGS were not actually getting passed to the builds
in all cases, resulting in two issues, the "optimized variants" of
various commands were actually identical:

  $ sha256sum lastdb5-*
  a902143d8f91b11bc2bd1d45ed2798b62d3e9c6763785464ada2f2df99410723  lastdb5-avx
  a902143d8f91b11bc2bd1d45ed2798b62d3e9c6763785464ada2f2df99410723  lastdb5-avx2
  a902143d8f91b11bc2bd1d45ed2798b62d3e9c6763785464ada2f2df99410723  lastdb5-plain
  a902143d8f91b11bc2bd1d45ed2798b62d3e9c6763785464ada2f2df99410723  lastdb5-sse2
  a902143d8f91b11bc2bd1d45ed2798b62d3e9c6763785464ada2f2df99410723  lastdb5-sse3
  a902143d8f91b11bc2bd1d45ed2798b62d3e9c6763785464ada2f2df99410723  lastdb5-sse4.1
  a902143d8f91b11bc2bd1d45ed2798b62d3e9c6763785464ada2f2df99410723  lastdb5-ssse3

Generally, I love it when binaries come out bit-for-bit identical, but
in this case, it actually is a bug!

The only command that built differently were the last-merge-batches-*
variants. I'm not sure why, possibly something in the ordering of which
packages get built somehow resulting in the *FLAGS being applied only
once?


The other issue is that the buildpath is embedded in the binaries and
debugging symbols, as -ffile-prefix-map=BUILDPATH=. was not passed via
CFLAGS/CXXFLAGS.

The attached patch to debian/rules fixes this by passing CFLAGS and
CXXFLAGS via dh_auto_build, rather than relying on the exported
variables.


With this patch applied, last-align should build reproducibly on
tests.reproducible-builds.org (and probably salsa-ci too!), not to
mention that the optimized binaries will actually be optimized!


Thanks for maintaining last-align!


live well,
  vagrant
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-debian-rules-Pass-CFLAGS-and-CXXFLAGS-directly-to-dh.patch
Type: text/x-diff
Size: 1960 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/debian-med-packaging/attachments/20220110/84552019/attachment-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/debian-med-packaging/attachments/20220110/84552019/attachment-0001.sig>

More information about the Debian-med-packaging mailing list