Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cmd/go/internal/load: -ldflags should be included in buildinfo when -trimpath is set and CGO_ENABLED=0 #63558

Closed
capnspacehook opened this issue Oct 15, 2023 · 2 comments
Closed

cmd/go/internal/load: -ldflags should be included in buildinfo when -trimpath is set and CGO_ENABLED=0 #63558

capnspacehook opened this issue Oct 15, 2023 · 2 comments

Comments

@capnspacehook
Copy link

capnspacehook commented Oct 15, 2023
edited

What version of Go are you using (go version)?

$ go version
go version go1.21.3 linux/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=''
GOARCH='amd64'
GOBIN=''
GOCACHE='/home/capnspacehook/.cache/go-build'
GOENV='/home/capnspacehook/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMODCACHE='/home/capnspacehook/go/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/home/capnspacehook/go'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.21.1'
GCCGO='gccgo'
GOAMD64='v3'
AR='ar'
CC='gcc'
CXX='g++'
CGO_ENABLED='1'
GOMOD=''
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build3246179384=/tmp/go-build -gno-record-gcc-switches'

What did you do?

Built a binary with CGO_ENABLED=0, -trimpath set and -ldflags="-s -w -X ..." set.

What did you expect to see?

Running go version -m on the output binary would include what I set -ldflags to at build time.

What did you see instead?

-ldflags was not included in the binarie's build information.

This is somewhat of a regression caused from the fix to #52372 here:

go/src/cmd/go/internal/load/pkg.go

Lines 2387 to 2398 in bc9dc8d

if ldflags := BuildLdflags.String(); ldflags != "" {
// https://go.dev/issue/52372: only include ldflags if -trimpath is not set,
// since it can include system paths through various linker flags (notably
// -extar, -extld, and -extldflags).
//
// TODO: since we control cmd/link, in theory we can parse ldflags to
// determine whether they may refer to system paths. If we do that, we can
// redact only those paths from the recorded -ldflags setting and still
// record the system-independent parts of the flags.
if !cfg.BuildTrimpath {
appendSetting("-ldflags", ldflags)
}

While I understand the reason this was done, I think -ldflags values can always safely be included in binary build information without negatively affecting binary reproducibility if CGO_ENABLED=0. In fact it would improve the ease at which others could reproduce pure-Go binaries as more build information would be embedded in binaries when -trimpath is set (which is very often for release binaries).

If CGO isn't used, -extar, -extld, and -extldflags shouldn't be set and so including the values of -ldflags should be safe without affecting binary reproducibility. If this small change is approved I can take care of this myself.
@rittneje
Copy link

Is this a duplicate of #63432?

@capnspacehook
Copy link
Author

Ah I think it is, thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@capnspacehook @rittneje