Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[1.1.0] disable boringssl debug symbols on release builds; restore reproducible builds in CI #1165

Merged
merged 1 commit into from
Feb 13, 2025
Merged

[1.1.0] disable boringssl debug symbols on release builds; restore reproducible builds in CI #1165

merged 1 commit into from
Feb 13, 2025

Conversation

spoonincode
Copy link
Member

boringssl's upstream cmake file always adds -ggdb to the compile which damages our reproducibility due to a path difference. We might want to rectify the path difference if possible and/or masquerade the difference via compiler options, but disabling the debug symbol generation is far easier by negating the -ggdb with -g0

@spoonincode spoonincode linked an issue Feb 13, 2025 that may be closed by this pull request
1.1.0-rc1 reproducible build in CI didn't verify against developer builds #1144
Closed
spoonincode
spoonincode commented Feb 13, 2025
View reviewed changes
libraries/libfc/libraries/boringssl/CMakeLists.txt
@@ -3,6 +3,13 @@ target_compile_options(fipsmodule PRIVATE -Wno-error)
target_compile_options(crypto PRIVATE -Wno-error)
target_compile_options(decrepit PRIVATE -Wno-error)

# boringssl's forced-on debug symbols interfere with reproducibility due to path differences; disable on Release builds
if(CMAKE_BUILD_TYPE STREQUAL "Release")
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checking CMAKE_BUILD_TYPE like this isn't ideal at all and maybe even borderline anti-pattern. But I'm not really sure what other indicator to use of "no thanks I don't want debug symbols"

@spoonincode spoonincode merged commit 7bf7dfd into release/1.1 Feb 13, 2025
36 checks passed
@spoonincode spoonincode deleted the bssl_no_dsym branch February 13, 2025 17:53
@spoonincode spoonincode mentioned this pull request Feb 13, 2025
Merged
@ericpassmore
Copy link
Contributor

Note:start
category: Chores
component: Internal
summary: Disable boringssl debug symbols on release builds.
Note:end

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@greg7mdp greg7mdp greg7mdp approved these changes

@heifner heifner heifner approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

1.1.0-rc1 reproducible build in CI didn't verify against developer builds
4 participants
@spoonincode @ericpassmore @greg7mdp @heifner