Holger Levsen:
> On Samstag, 7. Februar 2015, Jérémy Bobbio wrote:
> > Build ID differs because the content of the binary
> > on which it has been calculated differs [1]. It's only random if there is
> > randomness in the content.
> ah!
> > Just writing “randomness_in_gnu_build_id” is equivalent to “something is
> > different” between the compiled binaries. Not a good categorization.
> Yes, but https://reproducible.debian.net/dbd/encfs_1.7.4-5.debbindiff.html 
> doesn't show any other difference, same for bacula. So is this a bug / 
> missing 
> feature in debbindiff?

No, it has nothing to do with debbindiff. You can't see what differs in
debbindiff output because what lands in the package is not the original
binary. What lands in the package has gone through strip.

This is actually mentioned in

Comparing packages built with `DEB_BUILD_OPTIONS=nostrip` can help.

For encfs, I assume the source of the problem is `-flto`, as set in

`-flto` will make GCC link to .o with random file names. The name gets
written in debug sections. To solve this, a patch to GCC will probably
be needed to make it output stable file names.

> Maybe the issue title is not helpful, but to me it still seems like a 
> trackworthy category even or maybe especially as we dont know yet what it 
> is...
> So maybe rename randomness_in_gnu_build_id to undefined_randomness_in_binary? 
> or ..._elf_binary?

I think it really is not helpful. It's like having a category

Lunar                                .''`. 
lu...@debian.org                    : :Ⓐ  :  # apt-get install anarchism
                                    `. `'` 

Attachment: signature.asc
Description: Digital signature

Reproducible-builds mailing list

Reply via email to