Hi! On Thu, 2016-03-24 at 13:40:00 -0400, Daniel Kahn Gillmor wrote: > Package: dpkg-dev > Version: 1.18.4 > Severity: wishlist > Tags: patch > User: reproducible-bui...@lists.alioth.debian.org > Usertags: buildpath
> Compilers tend to inject the current path of the filesystem into the > debug symbols, so that the debugger can find the sourcecode. But this > isn't actually useful for packages shipped as binaries, because the > path on the build machine isn't relevant on the deployed machine. > > It also causes problems for reproducible builds, because the same > source built in two different locations in the filesystem will result > in two different sets of debug symbols. > > With gcc (and soon clang, see #819185), you can re-map the path stored > in the debug symbols with -fdebug-prefix-map, so it can be used to > normalize the paths stored in the debug symbols. Ah great! And one less way to leak local information. > The attached patch adds a "normalizedebugpath" feature to the > "reproducible" feature set, which appends -fdebug-prefix-map=CWD=. > (where CWD is the actual current working directory) to CFLAGS and > CXXFLAGS. It is off by default. Looks good to me, but shouldn't we try to set more language flags here? Thanks, Guillem
