Date: Wed, 27 Feb 2019 15:48:01 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 236081] [release][reproducibility] ISO images and memstick images are not build reproducible Message-ID: <bug-236081-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=236081 Bug ID: 236081 Summary: [release][reproducibility] ISO images and memstick images are not build reproducible Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: misc Assignee: bugs@FreeBSD.org Reporter: gjb@FreeBSD.org CC: re@FreeBSD.org Recently, it had been discovered that FreeBSD installation medium, ISOs and memory stick images, are not fully reproducible in head, stable/12, and stable/11, and presumably earlier releases. During investigation, one commit in particular had been identified as part of the reproducibility issue, however it had been determined that the issue stems far beyond one change to ISO and memstick image creation tooling. At present, it had been observed that r342283, produces a non-reproducible "hybrid.img" file which contains the PMBR, GPT, and boot code, which is written to the System Area of an ISO. However, it also had been observed that this is one of many reproducibility issues. Steps to recreate a test case are: # make -C /usr/src buildworld buildkernel # make -C /usr/src/release bootonly.iso # mv /usr/obj/usr/src/amd64.amd64/release/bootonly.iso \ /usr/ojb/usr/src/amd64.amd64/release/bootonly.1.iso # make -C /usr/src/release bootonly.iso # mv /usr/obj/usr/src/amd64.amd64/release/bootonly.iso \ /usr/obj/usr/src/amd64.amd64/release/bootonly.2.iso Verifying the SHA512 checksums on bootonly.1.iso and bootonly.2.iso show: # sha512 /usr/ojb/usr/src/amd64.amd64/release/bootonly.?.iso SHA512 (bootonly.1.iso) = 6e585f46d36672a7d77d78b57cef8bb6f41d932a24b9d860274da228bdc55358be11f5896644eb9ca141cbb2192e25ffa10e0cb416c19ba06d94b8d16386c1e2 SHA512 (bootonly.2.iso) = 16bdafff5a6ec60448c77ba4ede5fae17e9288791a03fcc69acae4b572a88bab26c4f41b60a318cc71a09b1ab8b9b4ddee5cc09821e0475d0322bca861534899 Using the diffoscope utility provided by sysutils/py-diffoscope and isoinfo included by sysutils/cdrtools, differences in file/directory access (atime), modification (mtime), and creation (ctime) times are observed. Example ISOs are available at: https://people.freebsd.org/~gjb/repro/bootonly.1.iso https://people.freebsd.org/~gjb/repro/bootonly.2.iso An example report produced with the diffoscope utility can be found at: https://people.freebsd.org/~gjb/repro/diffoscope.html -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-236081-227>