[pacman-dev] [PATCH 1/2] libmakepkg: always remap debug prefix
Sometimes non debug flags still generate debug symbols. So always remap them. diff --git a/scripts/libmakepkg/buildenv/debugflags.sh.in b/scripts/libmakepkg/buildenv/debugflags.sh.in index 60913080..52ff4750 100644 --- a/scripts/libmakepkg/buildenv/debugflags.sh.in +++ b/scripts/libmakepkg/buildenv/debugflags.sh.in @@ -30,9 +30,6 @@ buildenv_functions+=('buildenv_debugflags') buildenv_debugflags() { if check_option "debug" "y"; then - DEBUG_CFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" - DEBUG_CXXFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" - DEBUG_RUSTFLAGS+=" --remap-path-prefix=$srcdir=${DBGSRCDIR:-/usr/src/debug}" CFLAGS+=" $DEBUG_CFLAGS" CXXFLAGS+=" $DEBUG_CXXFLAGS" RUSTFLAGS+=" $DEBUG_RUSTFLAGS" diff --git a/scripts/libmakepkg/buildenv/flags.sh.in b/scripts/libmakepkg/buildenv/flags.sh.in new file mode 100644 index 00000000..d41556d3 --- /dev/null +++ b/scripts/libmakepkg/buildenv/flags.sh.in @@ -0,0 +1,34 @@ +#!/usr/bin/bash +# +# debugflags.sh - Specify default flags for building a package +# +# Copyright (c) 2012-2021 Pacman Development Team <pacman-dev@archlinux.org> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[[ -n "$LIBMAKEPKG_BUILDENV_FLAGS_SH" ]] && return +LIBMAKEPKG_BUILDENV_FLAGS_SH=1 + +LIBRARY=${LIBRARY:-'@libmakepkgdir@'} + +source "$LIBRARY/util/option.sh" + +buildenv_functions+=('buildenv_flags') + +buildenv_flags() { + CFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" + CXXFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" + RUSTFLAGS+=" --remap-path-prefix=$srcdir=${DBGSRCDIR:-/usr/src/debug}" +} diff --git a/scripts/libmakepkg/buildenv/meson.build b/scripts/libmakepkg/buildenv/meson.build index b72d91c0..a69accb7 100644 --- a/scripts/libmakepkg/buildenv/meson.build +++ b/scripts/libmakepkg/buildenv/meson.build @@ -4,6 +4,7 @@ sources = [ 'buildflags.sh.in', 'compiler.sh.in', 'debugflags.sh.in', + 'flags.sh.in', 'lto.sh.in', 'makeflags.sh.in', ] -- 2.31.1
Before, the functions would be run aphabetically. Now we ensure buildflags and makeflags are wiped first, then we apply other options, before copying the buildflags into debugflags. diff --git a/scripts/libmakepkg/buildenv.sh.in b/scripts/libmakepkg/buildenv.sh.in index b75d792a..a4f1c6f5 100644 --- a/scripts/libmakepkg/buildenv.sh.in +++ b/scripts/libmakepkg/buildenv.sh.in @@ -31,6 +31,7 @@ done readonly -a buildenv_functions build_options prepare_buildenv() { +echo ${buildenv_functions[@]} for func in ${buildenv_functions[@]}; do $func done diff --git a/scripts/libmakepkg/buildenv/buildflags.sh.in b/scripts/libmakepkg/buildenv/10-buildflags.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/buildflags.sh.in rename to scripts/libmakepkg/buildenv/10-buildflags.sh.in diff --git a/scripts/libmakepkg/buildenv/makeflags.sh.in b/scripts/libmakepkg/buildenv/20-makeflags.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/makeflags.sh.in rename to scripts/libmakepkg/buildenv/20-makeflags.sh.in diff --git a/scripts/libmakepkg/buildenv/compiler.sh.in b/scripts/libmakepkg/buildenv/30-compiler.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/compiler.sh.in rename to scripts/libmakepkg/buildenv/30-compiler.sh.in diff --git a/scripts/libmakepkg/buildenv/flags.sh.in b/scripts/libmakepkg/buildenv/40-flags.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/flags.sh.in rename to scripts/libmakepkg/buildenv/40-flags.sh.in diff --git a/scripts/libmakepkg/buildenv/lto.sh.in b/scripts/libmakepkg/buildenv/50-lto.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/lto.sh.in rename to scripts/libmakepkg/buildenv/50-lto.sh.in diff --git a/scripts/libmakepkg/buildenv/debugflags.sh.in b/scripts/libmakepkg/buildenv/60-debugflags.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/debugflags.sh.in rename to scripts/libmakepkg/buildenv/60-debugflags.sh.in diff --git a/scripts/libmakepkg/buildenv/meson.build b/scripts/libmakepkg/buildenv/meson.build index a69accb7..8ca2d085 100644 --- a/scripts/libmakepkg/buildenv/meson.build +++ b/scripts/libmakepkg/buildenv/meson.build @@ -1,12 +1,12 @@ libmakepkg_module = 'buildenv' sources = [ - 'buildflags.sh.in', - 'compiler.sh.in', - 'debugflags.sh.in', - 'flags.sh.in', - 'lto.sh.in', - 'makeflags.sh.in', + '10-buildflags.sh.in', + '20-makeflags.sh.in', + '30-compiler.sh.in', + '40-flags.sh.in', + '50-lto.sh.in', + '60-debugflags.sh.in', ] foreach src : sources -- 2.31.1
On 4/21/21 11:43 AM, morganamilo wrote:
Before, the functions would be run aphabetically.
Now we ensure buildflags and makeflags are wiped first, then we apply other options, before copying the buildflags into debugflags.
What's the practical effect you're trying to accomplish here? (It does not matter when we unset MAKEFLAGS, and to a lesser extent it does not matter whether we append to CFLAGS before or after unsetting it, since it will not be exported if it is unset.) How does this fit into people providing their own dropins? This is, in general, the same problem as https://bugs.archlinux.org/task/53770 And the same unsatisfying proposed solution too. If ordering matters, you can't assume sane ordering of the Arabic numerals and you definitely can't assume alphanumeric ordering is stable.
diff --git a/scripts/libmakepkg/buildenv.sh.in b/scripts/libmakepkg/buildenv.sh.in index b75d792a..a4f1c6f5 100644 --- a/scripts/libmakepkg/buildenv.sh.in +++ b/scripts/libmakepkg/buildenv.sh.in @@ -31,6 +31,7 @@ done readonly -a buildenv_functions build_options
prepare_buildenv() { +echo ${buildenv_functions[@]}
Debug print.
for func in ${buildenv_functions[@]}; do $func done diff --git a/scripts/libmakepkg/buildenv/buildflags.sh.in b/scripts/libmakepkg/buildenv/10-buildflags.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/buildflags.sh.in rename to scripts/libmakepkg/buildenv/10-buildflags.sh.in diff --git a/scripts/libmakepkg/buildenv/makeflags.sh.in b/scripts/libmakepkg/buildenv/20-makeflags.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/makeflags.sh.in rename to scripts/libmakepkg/buildenv/20-makeflags.sh.in diff --git a/scripts/libmakepkg/buildenv/compiler.sh.in b/scripts/libmakepkg/buildenv/30-compiler.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/compiler.sh.in rename to scripts/libmakepkg/buildenv/30-compiler.sh.in diff --git a/scripts/libmakepkg/buildenv/flags.sh.in b/scripts/libmakepkg/buildenv/40-flags.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/flags.sh.in rename to scripts/libmakepkg/buildenv/40-flags.sh.in diff --git a/scripts/libmakepkg/buildenv/lto.sh.in b/scripts/libmakepkg/buildenv/50-lto.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/lto.sh.in rename to scripts/libmakepkg/buildenv/50-lto.sh.in diff --git a/scripts/libmakepkg/buildenv/debugflags.sh.in b/scripts/libmakepkg/buildenv/60-debugflags.sh.in similarity index 100% rename from scripts/libmakepkg/buildenv/debugflags.sh.in rename to scripts/libmakepkg/buildenv/60-debugflags.sh.in diff --git a/scripts/libmakepkg/buildenv/meson.build b/scripts/libmakepkg/buildenv/meson.build index a69accb7..8ca2d085 100644 --- a/scripts/libmakepkg/buildenv/meson.build +++ b/scripts/libmakepkg/buildenv/meson.build @@ -1,12 +1,12 @@ libmakepkg_module = 'buildenv'
sources = [ - 'buildflags.sh.in', - 'compiler.sh.in', - 'debugflags.sh.in', - 'flags.sh.in', - 'lto.sh.in', - 'makeflags.sh.in', + '10-buildflags.sh.in', + '20-makeflags.sh.in', + '30-compiler.sh.in', + '40-flags.sh.in', + '50-lto.sh.in', + '60-debugflags.sh.in', ]
foreach src : sources
-- Eli Schwartz Bug Wrangler and Trusted User
On 4/21/21 11:43 AM, morganamilo wrote:
Sometimes non debug flags still generate debug symbols. So always remap them.
The purpose of debug prefix mapping is to point to the sources we install, which in this case we do not install -- and oftentimes we will strip. What problem is this patch trying to solve?
diff --git a/scripts/libmakepkg/buildenv/debugflags.sh.in b/scripts/libmakepkg/buildenv/debugflags.sh.in index 60913080..52ff4750 100644 --- a/scripts/libmakepkg/buildenv/debugflags.sh.in +++ b/scripts/libmakepkg/buildenv/debugflags.sh.in @@ -30,9 +30,6 @@ buildenv_functions+=('buildenv_debugflags')
buildenv_debugflags() { if check_option "debug" "y"; then - DEBUG_CFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" - DEBUG_CXXFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" - DEBUG_RUSTFLAGS+=" --remap-path-prefix=$srcdir=${DBGSRCDIR:-/usr/src/debug}" CFLAGS+=" $DEBUG_CFLAGS" CXXFLAGS+=" $DEBUG_CXXFLAGS" RUSTFLAGS+=" $DEBUG_RUSTFLAGS" diff --git a/scripts/libmakepkg/buildenv/flags.sh.in b/scripts/libmakepkg/buildenv/flags.sh.in new file mode 100644 index 00000000..d41556d3 --- /dev/null +++ b/scripts/libmakepkg/buildenv/flags.sh.in @@ -0,0 +1,34 @@ +#!/usr/bin/bash +# +# debugflags.sh - Specify default flags for building a package +# +# Copyright (c) 2012-2021 Pacman Development Team <pacman-dev@archlinux.org> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[[ -n "$LIBMAKEPKG_BUILDENV_FLAGS_SH" ]] && return +LIBMAKEPKG_BUILDENV_FLAGS_SH=1 + +LIBRARY=${LIBRARY:-'@libmakepkgdir@'} + +source "$LIBRARY/util/option.sh" + +buildenv_functions+=('buildenv_flags') + +buildenv_flags() { + CFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" + CXXFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" + RUSTFLAGS+=" --remap-path-prefix=$srcdir=${DBGSRCDIR:-/usr/src/debug}" +} diff --git a/scripts/libmakepkg/buildenv/meson.build b/scripts/libmakepkg/buildenv/meson.build index b72d91c0..a69accb7 100644 --- a/scripts/libmakepkg/buildenv/meson.build +++ b/scripts/libmakepkg/buildenv/meson.build @@ -4,6 +4,7 @@ sources = [ 'buildflags.sh.in', 'compiler.sh.in', 'debugflags.sh.in', + 'flags.sh.in', 'lto.sh.in', 'makeflags.sh.in', ]
-- Eli Schwartz Bug Wrangler and Trusted User
On 22/04/2021 21:54, Eli Schwartz wrote:
On 4/21/21 11:43 AM, morganamilo wrote:
Sometimes non debug flags still generate debug symbols. So always remap them.
The purpose of debug prefix mapping is to point to the sources we install, which in this case we do not install -- and oftentimes we will strip.
What problem is this patch trying to solve?
diff --git a/scripts/libmakepkg/buildenv/debugflags.sh.in b/scripts/libmakepkg/buildenv/debugflags.sh.in index 60913080..52ff4750 100644 --- a/scripts/libmakepkg/buildenv/debugflags.sh.in +++ b/scripts/libmakepkg/buildenv/debugflags.sh.in @@ -30,9 +30,6 @@ buildenv_functions+=('buildenv_debugflags')
buildenv_debugflags() { if check_option "debug" "y"; then - DEBUG_CFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" - DEBUG_CXXFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" - DEBUG_RUSTFLAGS+=" --remap-path-prefix=$srcdir=${DBGSRCDIR:-/usr/src/debug}" CFLAGS+=" $DEBUG_CFLAGS" CXXFLAGS+=" $DEBUG_CXXFLAGS" RUSTFLAGS+=" $DEBUG_RUSTFLAGS" diff --git a/scripts/libmakepkg/buildenv/flags.sh.in b/scripts/libmakepkg/buildenv/flags.sh.in new file mode 100644 index 00000000..d41556d3 --- /dev/null +++ b/scripts/libmakepkg/buildenv/flags.sh.in @@ -0,0 +1,34 @@ +#!/usr/bin/bash +# +# debugflags.sh - Specify default flags for building a package +# +# Copyright (c) 2012-2021 Pacman Development Team <pacman-dev@archlinux.org> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +[[ -n "$LIBMAKEPKG_BUILDENV_FLAGS_SH" ]] && return +LIBMAKEPKG_BUILDENV_FLAGS_SH=1 + +LIBRARY=${LIBRARY:-'@libmakepkgdir@'} + +source "$LIBRARY/util/option.sh" + +buildenv_functions+=('buildenv_flags') + +buildenv_flags() { + CFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" + CXXFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}" + RUSTFLAGS+=" --remap-path-prefix=$srcdir=${DBGSRCDIR:-/usr/src/debug}" +} diff --git a/scripts/libmakepkg/buildenv/meson.build b/scripts/libmakepkg/buildenv/meson.build index b72d91c0..a69accb7 100644 --- a/scripts/libmakepkg/buildenv/meson.build +++ b/scripts/libmakepkg/buildenv/meson.build @@ -4,6 +4,7 @@ sources = [ 'buildflags.sh.in', 'compiler.sh.in', 'debugflags.sh.in', + 'flags.sh.in', 'lto.sh.in', 'makeflags.sh.in', ]
Rust emits some debugging info even in release mode. This info includes the paths where the files were built. So you end up with "WARNING: Package contains reference to $srcdir`". Plus if you're not building in a chroot then the package will contain your homedir and hence username which can be a privacy issue.
On 4/22/21 4:57 PM, Morgan Adamiec wrote:
Rust emits some debugging info even in release mode. This info includes the paths where the files were built. So you end up with "WARNING: Package contains reference to $srcdir`".
The references are only included if you don't strip the package, I guess... I'm not even sure what the utility of options=(!debug !strip) is, because what people actually want, I think, is a tristate: - no-debug-strip-it-if-its-there - debug - debug but strip it into detached symbols This patch only affects: - no-debug-but-keep-it-if-its-there The general srcdir warning is really only there to suggest that the software might be buggy and trying to do something at runtime with a path that won't exist on other people's machines. It's a false positive here (only with !strip though), but so is package.json in nodejs land. Not sure what the solution is, maybe we could remap it to the empty string? Or just strip the package. :p
Plus if you're not building in a chroot then the package will contain your homedir and hence username which can be a privacy issue.
This is an invalid argument; the $srcdir is also stored in the .BUILDINFO file, by design, and therefore also contains the same string you're trying to redact here. -- Eli Schwartz Bug Wrangler and Trusted User
On 22/04/2021 22:18, Eli Schwartz wrote:
On 4/22/21 4:57 PM, Morgan Adamiec wrote:
Rust emits some debugging info even in release mode. This info includes the paths where the files were built. So you end up with "WARNING: Package contains reference to $srcdir`".
The references are only included if you don't strip the package, I guess... I'm not even sure what the utility of options=(!debug !strip) is, because what people actually want, I think, is a tristate:
- no-debug-strip-it-if-its-there - debug - debug but strip it into detached symbols
This patch only affects:
- no-debug-but-keep-it-if-its-there
The general srcdir warning is really only there to suggest that the software might be buggy and trying to do something at runtime with a path that won't exist on other people's machines.
It's a false positive here (only with !strip though), but so is package.json in nodejs land.
Not sure what the solution is, maybe we could remap it to the empty string? Or just strip the package. :p
Even when stripped the binary still contains the filepaths. If you're prefer to predix it with "" that works.
Plus if you're not building in a chroot then the package will contain your homedir and hence username which can be a privacy issue.
This is an invalid argument; the $srcdir is also stored in the .BUILDINFO file, by design, and therefore also contains the same string you're trying to redact here.
Fair enough, I didn't think of that.
On 4/22/21 5:32 PM, Morgan Adamiec wrote:
Even when stripped the binary still contains the filepaths. If you're prefer to predix it with "" that works.
Per discussion on IRC, the issue at hand is that in non-debug parts of the binary, rust is using macros pointing to the source code, for e.g. panics. In the same style as __FILE__ macros in C. Which we do not try to handle here. Basically, gcc has: -fdebug-prefix-map == rewrite file paths pointing to source code for the debugger to step through -fmacro-prefix-map == rewrite __FILE__ macros. The rust option does both and there is no rust option to only do one or the other. ... IMO rewriting macros is out of scope for the debugflags option, and *if* we want to do anything with them we should make them relative paths (remap to "") while at the same time making debug references remapped to the debug sources directory. -fdebug-prefix-map=$srcdir=$debugdir -fmacro-prefix-map=$srcdir= (But, I'm not convinced we should do anything with them.) Rust does not offer this granularity, apparently. So, enabling debug builds has the side effect of also making runtime, end-user macro output change. -- Eli Schwartz Bug Wrangler and Trusted User
participants (3)
-
Eli Schwartz
-
Morgan Adamiec
-
morganamilo