On Fri, Sep 26, 2025 at 11:11:08AM +0200, Helmut Grohne wrote:
On Thu, Sep 25, 2025 at 01:56:21PM +0200, Marc Haber wrote:
I reaffirm that. Should the TC decline to give formal advice (which I would
be fine with), I would go ahead to disable -fcf-protection for i386 builds
(and verify that the amd64 and arm64 binary stay identical) and build
packages for trixie and bookworm, submit both of them for the next point
release.
Please bear in mind that these flags are architecture-specific. The
arm64 compiler does not understand -fcf-protection at all (and this is a
recurring problem for cross builds when people mix build/host compiler
flags with host/build compilers). For arm64 you should be seeing
-mbranch-protection=standard since trixie. Likewise, an amd64 compiler
will fail on encountering -mbranch-protection=standard.
I would consider a failed built a non-identical result. Am I being naive
here?
Anyway, thanks for the hint, appreciated.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
