Russ Allbery wrote: > Josselin Mouette <j...@debian.org> writes: >> If we use build IDs (and this has quite some advantages, like being able >> to do more than just dump the ddebs on a repository), this can lead to >> having the same detached debugging symbols in two binary packages, since >> sometimes a binary is built twice the same exact way and put in two >> different binary packages. > > Hm, really? The toolchains that I'm familiar with basically never produce > the same binary twice; something is always slightly different from > timestamp information. Could you give an example of such a case in the > archive right now where identical binaries are in multiple packages so > that I can better understand how this happens?
There are things the linker takes into account for calculating the build id. The timestamp isn't one of them. E.g.: emi...@saturno:/tmp$ echo "main(){}" > a.c; cp a.c b.c; gcc -o a a.c; gcc -o b b.c; eu-readelf -n a b | grep Build Build ID: c164b7f24a18b665601cd1d1b9fa0af6afb728bb Build ID: c164b7f24a18b665601cd1d1b9fa0af6afb728bb So in cases where you build a package twice with different configure flags, it's be possible that those don't affect some binaries, getting the same build ids. E.g., after a build of evince/2.26.1-2 from testing (the package in unstable has been changed to ship the backends in the library package so this is no longer the case, but to show this happens): r...@saturno:~/evince-2.26.1# eu-readelf -n debian/evince/usr/lib/evince/1/backends/*so debian/evince-gtk/usr/lib/evince/1/backends/*so | grep Build | sort | uniq -c 2 Build ID: 0232654930d90461896f3d58fe08178082a217df 2 Build ID: 08de63310c0ff98c5aac6392d95c7bd6fc502c8b 2 Build ID: 71b914ea23bb199d9d98de2a15a9d07e982a3ae0 2 Build ID: 7a40178124bf7698de230b2298378f08795ddbe5 2 Build ID: 8de5ebfcb2bfceb9ed19a57d6bbc918392e152ec 2 Build ID: c0b63d2ecd7432f0a01441e0794306651c88f5f7 2 Build ID: c3b7f89bda6381e5849819032f842e6870e184b5 2 Build ID: dffdcca3f7a89b4b9da333d7cc638a96ed8b1bc8 Cheers, Emilio
signature.asc
Description: OpenPGP digital signature