Re: [Reproducible-builds] Bug#819194: dpkg-buildflags: please add normalizedebugpath to reproducible feature set
Hi, On Wed, Mar 30, 2016 at 02:19:02AM -0400, Daniel Kahn Gillmor wrote: > No one is arguing for dropping the build path from .buildinfo files. ok, cool. Thanks (to you both) for clarifying! -- cheers, Holger signature.asc Description: Digital signature ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
Re: [Reproducible-builds] Bug#819194: dpkg-buildflags: please add normalizedebugpath to reproducible feature set
Hi! On Tue, 2016-03-29 at 21:52:53 -0400, Holger Levsen wrote: > On Tue, Mar 29, 2016 at 09:36:00PM -0400, Daniel Kahn Gillmor wrote: > > This isn't fun-spoiling, it's a useful reality check. But if we were > > required to get all the way to 100% before we made any progress, then > > reproducible builds wouldn't have gotten off the ground at all. > > it's surely progress on the gcc/clang side of things but dropping the > build path from the .buildinfo files would be a huge step *backwards* > for reproducibility… I concur with Daniel, I don't see anyone suggesting to drop the build path from the .buildinfo file just yet. But as long as that field does not leak information I'm ok with having it there. I think eventually it should be dropped because nothing should be recording the build path in the build, and the build should really be independent of that. > > The changes proposed in this bug report are a good step that should > > handle a very large proportion of the debian archive. The fact that > > there will remain corners of the archive that need additional work is > > fine: we can turn our attention to the remaining 20% once we get 80% of > > the buildpaths resolved. > > true. > > my point was: I think we still need the build path in the .buildinfo files. For now probably yes. > Also, c/c++ packages today only make up a small portion of the archive. > Probably this famous someone should do a rebuild of the archive, using > our toolchain (and this patch), using arbitrary build pathes. That's why I mentioned that the other language flages be included so that we get better coverage besides C/C++. Thanks, Guillem ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
Re: [Reproducible-builds] Bug#819194: dpkg-buildflags: please add normalizedebugpath to reproducible feature set
On Tue 2016-03-29 21:52:53 -0400, Holger Levsen wrote: > it's surely progress on the gcc/clang side of things but dropping the > build path from the .buildinfo files would be a huge step *backwards* > for reproducibility… No one is arguing for dropping the build path from .buildinfo files. As we discussed at the reproducible summit, .buildinfo files serve two purposes: 0) they document the environment used during a specific build, to a level of detail that should make it at least possible to reproduce the build. 1) they also document things that should *not* be necessary to reproduce the build, but might be under some circumstances, or for some packages. I think the build path falls into category (1) here. In an ideal scenario, we could have two buildinfo files with variations on the build environment (buildpath, minor versions of build-deps, etc) and *still* have reproducible binary outputs. This would let us know that the variations in question are not things that cause variation in the output. > Also, c/c++ packages today only make up a small portion of the archive. > Probably this famous someone should do a rebuild of the archive, using > our toolchain (and this patch), using arbitrary build pathes. yes, that would be great! --dkg ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
Re: [Reproducible-builds] Bug#819194: dpkg-buildflags: please add normalizedebugpath to reproducible feature set
Hi, On Tue, Mar 29, 2016 at 09:36:00PM -0400, Daniel Kahn Gillmor wrote: > This isn't fun-spoiling, it's a useful reality check. But if we were > required to get all the way to 100% before we made any progress, then > reproducible builds wouldn't have gotten off the ground at all. it's surely progress on the gcc/clang side of things but dropping the build path from the .buildinfo files would be a huge step *backwards* for reproducibility… > The changes proposed in this bug report are a good step that should > handle a very large proportion of the debian archive. The fact that > there will remain corners of the archive that need additional work is > fine: we can turn our attention to the remaining 20% once we get 80% of > the buildpaths resolved. true. my point was: I think we still need the build path in the .buildinfo files. (And btw, this (build path in buildinfo files) is not what *this* bug report is about. but it's related.) Also, c/c++ packages today only make up a small portion of the archive. Probably this famous someone should do a rebuild of the archive, using our toolchain (and this patch), using arbitrary build pathes. -- cheers, Holger signature.asc Description: Digital signature ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
Re: [Reproducible-builds] Bug#819194: dpkg-buildflags: please add normalizedebugpath to reproducible feature set
On Tue 2016-03-29 20:58:32 -0400, Holger Levsen wrote: > not wanting to spoil the fun, but… > > On Mon, Mar 28, 2016 at 06:33:49PM -0400, Daniel Kahn Gillmor wrote: >> > Ah great! And one less way to leak local information. >> yep :) > > I *believe* it's not enough (for reproducible builds in arbitrary > pathes) if gcc+clang can now cope. IIRC there are other compilers that > have the same behaviour, eg ocaml and erlang, but probably others too. > > Someone shoulds to check this and confirm or deny though. This isn't fun-spoiling, it's a useful reality check. But if we were required to get all the way to 100% before we made any progress, then reproducible builds wouldn't have gotten off the ground at all. The changes proposed in this bug report are a good step that should handle a very large proportion of the debian archive. The fact that there will remain corners of the archive that need additional work is fine: we can turn our attention to the remaining 20% once we get 80% of the buildpaths resolved. -dkg ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
Re: [Reproducible-builds] Bug#819194: dpkg-buildflags: please add normalizedebugpath to reproducible feature set
Hi, not wanting to spoil the fun, but… On Mon, Mar 28, 2016 at 06:33:49PM -0400, Daniel Kahn Gillmor wrote: > > Ah great! And one less way to leak local information. > yep :) I *believe* it's not enough (for reproducible builds in arbitrary pathes) if gcc+clang can now cope. IIRC there are other compilers that have the same behaviour, eg ocaml and erlang, but probably others too. Someone shoulds to check this and confirm or deny though. -- cheers, Holger P.S.: besides that, truely nice work! signature.asc Description: Digital signature ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
