MantisBT - Doomseeker |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0003255 | Doomseeker | [All Projects] Suggestion | public | 2017-09-07 21:21 | 2018-10-06 11:51 |
|
| Reporter | WubTheCaptain | |
| Assigned To | | |
| Priority | low | Severity | feature | Reproducibility | N/A |
| Status | confirmed | Resolution | open | |
| Platform | | OS | | OS Version | |
| Product Version | | |
| Target Version | | Fixed in Version | | |
|
| Summary | 0003255: Support reproducible, deterministic builds |
| Description | This is a parent report for all reports concerning reproducibility. |
| Steps To Reproduce | On the high level:
Build from source a first time.
Perform as many changes to the environment as possible.
Build from source a second time.
'https://reproducible-builds.org/docs/test-bench/ [^]' |
| Additional Information |
- https://reproducible-builds.org/
- Debian Policy Manual v4.1.0.0 (and later versions), section 4.15.
|
| Tags | No tags attached. |
| Relationships | | parent of | 0003256 | feedback | Pol M | Failure to reproduce builds with variations in build path | | related to | 0003538 | closed | Zalewa | The preferred form of IP2C database for modifications (CSV) is not currently distributed | | child of | 0003246 | acknowledged | | Debian packaging | | Not all the children of this issue are yet resolved or closed. |
|
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2017-09-07 21:21 | WubTheCaptain | New Issue | |
| 2017-09-07 21:59 | WubTheCaptain | Note Added: 0018240 | |
| 2017-09-07 22:07 | DrinkyBird | Note Added: 0018242 | |
| 2017-09-08 01:53 | Blzut3 | Relationship added | parent of 0003256 |
| 2017-09-08 01:53 | Blzut3 | Note Deleted: 0018242 | |
| 2017-09-08 02:01 | WubTheCaptain | Note Added: 0018246 | |
| 2017-09-11 16:58 | Zalewa | Relationship added | child of 0003246 |
| 2017-09-18 07:38 | Zalewa | Note Added: 0018309 | |
| 2017-09-18 19:40 | WubTheCaptain | Note Added: 0018328 | |
| 2017-09-19 09:29 | WubTheCaptain | Note Added: 0018342 | |
| 2017-09-20 20:54 | Zalewa | Note Added: 0018352 | |
| 2017-09-20 21:57 | WubTheCaptain | Note Added: 0018354 | |
| 2017-09-20 22:02 | WubTheCaptain | Note Edited: 0018354 | bug_revision_view_page.php?bugnote_id=18354#r10984 |
| 2017-09-20 22:12 | WubTheCaptain | Note Edited: 0018354 | bug_revision_view_page.php?bugnote_id=18354#r10985 |
| 2017-10-05 01:50 | WubTheCaptain | Status | new => confirmed |
| 2018-10-05 07:40 | WubTheCaptain | Priority | normal => low |
| 2018-10-06 11:51 | WubTheCaptain | Relationship added | related to 0003538 |
|
Notes |
|
|
|
|
Build path tested so far, bug 0003256. I've not yet tested other changes in environment. |
|
|
|
|
|
Build ID differs as a result of other issues. |
|
|
|
(0018309)
|
|
Zalewa
|
|
2017-09-18 07:38
|
|
|
I gather that to solve this it will be sufficient to put a description in COMPILE.txt explaining how to achieve deterministic build? |
|
|
|
|
To solve this, I think one should first test many (all) of the possible variations and find what changes in the build. Fix or define whatever comes up differently.
Then the build should be as close to deterministic by default, or defined how to reproduce. |
|
|
|
|
|
|
|
(0018352)
|
|
Zalewa
|
|
2017-09-20 20:54
|
|
I identified some problems that prevented reproducible builds and described how to overcome them:
'https://bitbucket.org/Doomseeker/doomseeker/commits/e9bad5fe6b574be2423b5ca45c2d3ea1bace3595 [^]'
When followed, sha256sum for all binaries is produced the same regardless of build time, build path and locale.
Building in Docker still produces different results than building in Ubuntu 16.04, though I would assume that this is caused by different Qt version (5.2.1 vs 5.5.1). |
|
|
|
(0018354)
|
|
WubTheCaptain
|
2017-09-20 21:57
(edited on: 2017-09-20 22:12) |
|
QT_HASH_SEED may not need to be touched? The behavior of binary doesn't need to be deterministic; only the build system needs to produce bit-to-bit identical binaries, and the build environment should be recorded or pre-defined. Else I think (at least) Debian GNU/Linux already does all that deterministically, since I had no issue reproducing without touching QT_HASH_SEED.
Documenting RPATH skipping addresses 0003256 mostly, until a way is found to address 0003239.
SHA256 hashing is a good way of verifying the output matches. Of course different Qt versions will have an effect, so somewhere on the doomseeker.drdteam.org website the Qt versions (build environment) should be defined later.
|
|