Your message dated Wed, 21 Jun 2023 21:45:19 -0400
with message-id
<CAD+GYvx=p_un0gmo9c9etzr0amkdnh40kigu9inuptpbnnp...@mail.gmail.com>
and subject line Re: imx-code-signing-tool: ftbfs with LTO (link time
optimization) enabled
has caused the Debian Bug report #1015427,
regarding imx-code-signing-tool: ftbfs with LTO (link time optimization) enabled
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1015427: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015427
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: src:imx-code-signing-tool
Version: 3.3.1+dfsg-2
Severity: minor
Tags: sid bookworm
User: [email protected]
Usertags: ftbfs-lto
This package currently fails to build (at least on the amd64
architecture) with link time optimizations enabled. For a background
for LTO please see
https://wiki.debian.org/ToolChain/LTO
The goal is to enable this optimization by default in an upcoming
Debian release in dpkg-buildflags for 64bit architectures. The goal
is to get this package to build with link time optimizations, or to
explicitly disable link time optimizations for this package build.
To reproduce the build failure, enable the lto optimization in
testing/unstable by adding "optimize=+lto" to DEB_BUILD_MAINT_OPTIONS
in the debian/rules file, or if this macro is unset, just set it:
export DEB_BUILD_MAINT_OPTIONS = optimize=+lto
Please try to fix the build with lto enabled, fixing the packaging or
forwarding the issue upstream. If the issue cannot be fixed,
explicitly disallow building the package with lto by adding to your
rules file:
export DEB_BUILD_MAINT_OPTIONS = optimize=-lto
or adding that string to your existing setting of DEB_BUILD_MAINT_OPTIONS.
The full build log can be found at:
http://qa-logs.debian.net/2022/06/09/dpkglto/imx-code-signing-tool_3.3.1+dfsg-2_unstable_dpkglto.log
The last lines of the build log are at the end of this report.
[...]
In file included from ../../code/back_end/hdr/ssl_wrapper.h:42,
from ../../code/back_end/src/adapt_layer_openssl.c:50:
/usr/include/openssl/evp.h:1372:25: note: declared here
1372 | const struct ec_key_st *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey);
| ^~~~~~~~~~~~~~~~~~~~
../../code/back_end/src/adapt_layer_openssl.c:573:9: warning: ‘ECDSA_sign’ is
deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
573 | if (0 == ECDSA_sign(0 /* ignored */, hash, hash_bytes, sign,
&sign_bytes, EVP_PKEY_get0_EC_KEY(key))) {
| ^~
In file included from /usr/include/openssl/x509.h:33,
from ../../code/back_end/src/adapt_layer_openssl.c:53:
/usr/include/openssl/ec.h:1414:27: note: declared here
1414 | OSSL_DEPRECATEDIN_3_0 int ECDSA_sign(int type, const unsigned char
*dgst,
| ^~~~~~~~~~
../../code/back_end/src/adapt_layer_openssl.c:573:9: warning:
‘EVP_PKEY_get0_EC_KEY’ is deprecated: Since OpenSSL 3.0
[-Wdeprecated-declarations]
573 | if (0 == ECDSA_sign(0 /* ignored */, hash, hash_bytes, sign,
&sign_bytes, EVP_PKEY_get0_EC_KEY(key))) {
| ^~
In file included from ../../code/back_end/hdr/ssl_wrapper.h:42,
from ../../code/back_end/src/adapt_layer_openssl.c:50:
/usr/include/openssl/evp.h:1372:25: note: declared here
1372 | const struct ec_key_st *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey);
| ^~~~~~~~~~~~~~~~~~~~
../../code/back_end/src/adapt_layer_openssl.c:573:83: warning: passing argument
6 of ‘ECDSA_sign’ discards ‘const’ qualifier from pointer target type
[-Wdiscarded-qualifiers]
573 | if (0 == ECDSA_sign(0 /* ignored */, hash, hash_bytes, sign,
&sign_bytes, EVP_PKEY_get0_EC_KEY(key))) {
|
^~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/x509.h:33,
from ../../code/back_end/src/adapt_layer_openssl.c:53:
/usr/include/openssl/ec.h:1416:68: note: expected ‘EC_KEY *’ {aka ‘struct
ec_key_st *’} but argument is of type ‘const struct ec_key_st *’
1416 | unsigned int *siglen, EC_KEY
*eckey);
| ~~~~~~~~^~~~~
../../code/back_end/src/adapt_layer_openssl.c: In function
‘calculate_sig_buf_size’:
../../code/back_end/src/adapt_layer_openssl.c:672:5: warning:
‘EVP_PKEY_get1_RSA’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
672 | rsa_key = EVP_PKEY_get1_RSA(public_key);
| ^~~~~~~
x86_64-linux-gnu-gcc -MM -I../../code/common/hdr -I../../code/back_end/hdr
-I../../code/srktool/hdr -I../../code/front_end/hdr -I../../code/convlb/hdr
-I/include -std=c99 -D_POSIX_C_SOURCE=200809L -fPIC -Wdate-time
-D_FORTIFY_SOURCE=2 -g -O2
-ffile-prefix-map=/<<PKGBUILDDIR>>/code/cst/code/obj.linux64=. -flto=auto
-ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -c
cst_lexer.c -o cst_lexer.d
In file included from ../../code/back_end/hdr/ssl_wrapper.h:42,
from ../../code/back_end/src/adapt_layer_openssl.c:50:
/usr/include/openssl/evp.h:1348:16: note: declared here
1348 | struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
| ^~~~~~~~~~~~~~~~~
../../code/back_end/src/adapt_layer_openssl.c:673:5: warning: ‘RSA_size’ is
deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
673 | key_length = RSA_size(rsa_key);
| ^~~~~~~~~~
In file included from /usr/include/openssl/x509.h:36,
from ../../code/back_end/src/adapt_layer_openssl.c:53:
/usr/include/openssl/rsa.h:204:27: note: declared here
204 | OSSL_DEPRECATEDIN_3_0 int RSA_size(const RSA *rsa);
| ^~~~~~~~
# compile
x86_64-linux-gnu-gcc -I../../code/common/hdr -I../../code/back_end/hdr
-I../../code/srktool/hdr -I../../code/front_end/hdr -I../../code/convlb/hdr
-I/include -std=c99 -D_POSIX_C_SOURCE=200809L -fPIC -Wdate-time
-D_FORTIFY_SOURCE=2 -g -O2
-ffile-prefix-map=/<<PKGBUILDDIR>>/code/cst/code/obj.linux64=. -flto=auto
-ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security
-DFILE_cst_parser -c cst_parser.c -o cst_parser.o
# compile
x86_64-linux-gnu-gcc -I../../code/common/hdr -I../../code/back_end/hdr
-I../../code/srktool/hdr -I../../code/front_end/hdr -I../../code/convlb/hdr
-I/include -std=c99 -D_POSIX_C_SOURCE=200809L -fPIC -Wdate-time
-D_FORTIFY_SOURCE=2 -g -O2
-ffile-prefix-map=/<<PKGBUILDDIR>>/code/cst/code/obj.linux64=. -flto=auto
-ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security
-DFILE_cst_lexer -c cst_lexer.c -o cst_lexer.o
Create archive libbackend.a
x86_64-linux-gnu-ar -rc libbackend.a adapt_layer_openssl.o pkey.o ssl_wrapper.o
x86_64-linux-gnu-objcopy --weaken libbackend.a
Create archive libfrontend.a
x86_64-linux-gnu-ar -rc libfrontend.a openssl_helper.o srk_helper.o
misc_helper.o err.o csf_cmd_aut_dat.o csf_cmd_ins_key.o csf_cmd_misc.o cst.o
acst.o cst_parser.o cst_lexer.o
x86_64-linux-gnu-objcopy --weaken libfrontend.a
Link cst
x86_64-linux-gnu-gcc cst.o libfrontend.a libbackend.a -L -flto=auto
-ffat-lto-objects -Wl,-z,relro -lcrypto -o cst
/usr/bin/ld: misc_helper.o (symbol from plugin): in function `read_file':
(.text+0x0): multiple definition of `err_msg'; acst.o (symbol from
plugin):(.text+0x0): first defined here
collect2: error: ld returned 1 exit status
make[2]: *** [../build/make/rules.mk:23: cst] Error 1
rm cst_lexer.c cst_parser.c
make[2]: Leaving directory '/<<PKGBUILDDIR>>/code/cst/code/obj.linux64'
make[1]: *** [Makefile:8: build] Error 2
make[1]: Leaving directory '/<<PKGBUILDDIR>>'
dh_auto_build: error: make -j8 "INSTALL=install --strip-program=true" returned
exit code 2
make: *** [debian/rules:4: binary] Error 25
dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2
--- End Message ---
--- Begin Message ---
Version: 3.3.1+dfsg-3
Actually, imx-code-signing-tool appears to build with LTO now
https://launchpad.net/ubuntu/+source/imx-code-signing-tool/3.3.1+dfsg-3
Thank you,
Jeremy Bícha
--- End Message ---
