Bug 1986987

Summary: nss disables LTO in RHEL 9
Product: Red Hat Enterprise Linux 9 Reporter: Bob Relyea <rrelyea>
Component: nssAssignee: Bob Relyea <rrelyea>
Status: CLOSED ERRATA QA Contact: Ivan Nikolchev <inikolch>
Severity: medium Docs Contact:
Priority: medium    
Version: 9.0CC: crypto-team, dmalcolm, elio.maldonado.batiz, extras-qa, inikolch, kai-engert-fedora, kdudka, mpolacek, rrelyea
Target Milestone: betaKeywords: Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: nss-3.71.0-6.el9 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: 1986627 Environment:
Last Closed: 2022-05-17 12:47:48 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1986627    
Bug Blocks:    

Description Bob Relyea 2021-07-28 16:16:52 UTC 
+++ This bug was initially created as a clone of Bug #1986627 +++

nss opted out of building with LTO in Fedora in 3.55.0-2:
  https://src.fedoraproject.org/rpms/nss/c/d4e86043ee0de880c84f0d6ce5267a5ce16c97ef
with the message:
  # This package fails its testsuite with LTO.  Disable LTO for now
and building it with LTO is currently still disabled in rawhide.

It would be good to either:
(a) enable LTO for nss in Fedora so that nss can benefit from LTO (smaller/faster machine code, deeper analysis for compiler warnings, etc), or
(b) capture what the problem was, in case something needs fixing in nss, or at the toolchain end.

Hence this bug.  What specific issues do you run into if you remove the
  %global _lto_cflags %{nil}
?  Is this being tracked in upstream nss or upstream gcc?  (and do you need help from the toolchain team on this?)

Thanks
Dave

--- Additional comment from Bob Relyea on 2021-07-27 17:08:02 PDT ---

It looks like Daiki turned if off last year. I'll have to see what the actual failure is. I'm currently running an nss rebuild to handle the mass rebuild issue.
Daiki's comments indicated that the nss upstream tests, which are run as part of the the nss build, fails with lto_cflags on.

Looks like there wasn't an upstream bug originally, bug umbutu has one now:
https://bugzilla.mozilla.org/show_bug.cgi?id=1721995

They had problems with s390.

When my current NSS build is complete, I'll do a scratch build to see which tests and platforms fail if I turn lto on.
Comment 6 errata-xmlrpc 2022-05-17 12:47:48 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (new packages: nss), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2022:2398