Empty build-id to make package reproducible
mattia at debian.org
Sat Sep 1 22:24:55 BST 2018
On Sun, Sep 02, 2018 at 12:15:57AM +0300, Otto Kekäläinen wrote:
> First we fixed what r-b infra showed in diffoscope as the culprit,
> then we fixed what reprotest showed as the failure on Salsa-CI. None
> of the fixes were uploaded and now all of a sudden r-b pass..
Oh, that's annoying. And alas hard to figure now unless you just so
happen to have the .buildinfo of some unreproducible builds :|
> > As a datapoint, the package is reproducible in our infra.
> Apparently it now is..
> 2018-08-22 23:50 25.3.23-1 unstable amd64 reproducible￼
> .. but it was not in unstable at the time we were investigating this
> and trying to fix it:
> 2018-07-05 21:09 25.3.23-1 unstable amd64 unreproducible unreproducible
> (from https://tests.reproducible-builds.org/debian/history/galera-3.html)
> It seems we were trying to fix in the package an issue that was after
> all in the r-b infra.
I hadn't looked at the history before. Looking at it now it seems like
it was costantly unreproducible in unstable, and the first reproducible
built happened on 2018-08-12. That would be somewhat consistent with
the change we did following the gcc-7→gcc-8 default change, where we
instructed gcc to inject a new build flag -ffile-prefix-map to fix
unreproducibilities caused by __FILE__ and assert() (that before should
have been still fixed by our patched gcc-7 though, so I wouldn't know
why it was unreproducible before without more data).
> > I see dkg submitted a change, https://salsa.debian.org/mariadb-team/galera-3/commit/853d8dc20dbf67e9d8ac76668098a6b3560ab786
> > however, I wonder if that actually works with --build-id=none, given
> > that the debug symbols are placed next to the build-id? (not sure,
> > maybe there is a fallback, I haven't actually checked).
> Well, as the package is now reproducible on r-b infra without any
> changes, I'll revert these experiments we did that are in git but
> never uploaded.
I recommend so, yes. disabling the build id is something that I've
never seen done anywhere, and I wouldn't be confidend nothing will
notice… To me it seems something that random tools could take as a
And as dkg said, I would find it better to figure what causes it to
vary, rather than hide it :)
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the Reproducible-builds