diff mbox series

[bug#44337,squid] Reproducibility bug in squid package

Message ID 87wnz7ph4h.fsf@m4x.org
State Accepted
Headers show
Series [bug#44337,squid] Reproducibility bug in squid package | expand

Checks

Context Check Description
cbaines/submitting builds success
cbaines/issue success View issue
cbaines/comparison success View comparision
cbaines/git branch success View Git branch
cbaines/applying patch fail View Laminar job

Commit Message

Jean-Baptiste Note Oct. 30, 2020, 8:56 p.m. UTC 
Dear,

The squid package as provided from substitute servers currently crashes
on my (admittedly old) Core 2 Duo server.  Though generally observed in
a different context (virtualization), this is an FAQ from SQUID -- see:

https://wiki.squid-cache.org/KnowledgeBase/IllegalInstructionError

I think the fix of disabling -march=native should actually be applied.
In the current state, not only does the package not work on some x86_64
machines, but the outcome of the build depends on the builder machine
and thus defeats reproducibility.

Please find attached a patch implementing the fix from the FAQ, which
yields a SQUID usable on my home server, and reproducible from the two
build machines at my disposal.

NB: maybe a more general fix could be envisionned for these kind of
-march=native issues; this is admittedly a pretty local fix.

Kind regards,
Jean-Baptiste

Comments

Ludovic Courtès Nov. 2, 2020, 1:38 p.m. UTC | #1 
Hi Jean-Baptiste,

Jean-Baptiste Note <jean-baptiste.note@m4x.org> skribis:

> The squid package as provided from substitute servers currently crashes
> on my (admittedly old) Core 2 Duo server.  Though generally observed in
> a different context (virtualization), this is an FAQ from SQUID -- see:
>
> https://wiki.squid-cache.org/KnowledgeBase/IllegalInstructionError
>
> I think the fix of disabling -march=native should actually be applied.
> In the current state, not only does the package not work on some x86_64
> machines, but the outcome of the build depends on the builder machine
> and thus defeats reproducibility.

Indeed.  Our goal is to provide “generic” binaries, so disabling
‘-march=native’ is the right thing anyway.

> NB: maybe a more general fix could be envisionned for these kind of
> -march=native issues; this is admittedly a pretty local fix.

In practice it seems that packages rarely do that by default (with
linear algebra software being an exception), though I don’t have hard
figures.

>>From 199ca1036197064d609a8f76a7eb46b6e72996fb Mon Sep 17 00:00:00 2001
> From: Jean-Baptiste Note <jean-baptiste.note@m4x.org>
> Date: Wed, 28 Oct 2020 11:22:39 -0400
> Subject: [PATCH] gnu: squid: Fix build reproducibility issue.
>
> * gnu/packages/networking.scm (squid): Add --disable-arch-native configure
> flag.

Applied, thanks!

Ludo’.
diff mbox series

Patch

From 199ca1036197064d609a8f76a7eb46b6e72996fb Mon Sep 17 00:00:00 2001
From: Jean-Baptiste Note <jean-baptiste.note@m4x.org>
Date: Wed, 28 Oct 2020 11:22:39 -0400
Subject: [PATCH] gnu: squid: Fix build reproducibility issue.

* gnu/packages/networking.scm (squid): Add --disable-arch-native configure
flag.
---
 gnu/packages/networking.scm | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
index 4f506b4bbf..3f4e1e639b 100644
--- a/gnu/packages/networking.scm
+++ b/gnu/packages/networking.scm
@@ -1559,7 +1559,11 @@  TCP connection, TLS handshake and so on) in the terminal.")
         (base32 "1q1ywpic6s7dfjj3cwzcfgscc4zq0aih462gyas7j1z683ss14b8"))))
     (build-system gnu-build-system)
     (arguments
-     '(#:phases
+     '(#:configure-flags
+       ;; disable -march=native in build for reproducibility; see
+       ;; https://wiki.squid-cache.org/KnowledgeBase/IllegalInstructionError
+       (list "--disable-arch-native")
+       #:phases
        (modify-phases %standard-phases
          (add-before 'build 'fix-true-path
            (lambda* (#:key inputs #:allow-other-keys)
-- 
2.28.0