Here’s what happened in the Reproducible Builds effort between Sunday November 5 and Saturday November 11 2017:
Upcoming events
On November 17th Chris Lamb will present at Open Compliance Summit, Yokohama, Japan on how reproducible builds ensures the long-term sustainability of technology infrastructure.
We plan to hold an assembly at 34C3
- hope to see you there!
LEDE CI tests
Thanks to the work of lynxis, Mattia and h01ger, we’re now testing all LEDE packages in our setup. This is our first result for the ar71xx target: “502 (100.0%) out of 502 built images and 4932 (94.8%) out of 5200 built packages were reproducible in our test setup.” - see below for details how this was achieved.
Bootstrapping and Diverse Double Compilation
As a follow-up of a discussion on bootstrapping compilers we had on the Berlin summit, Bernhard and Ximin worked on a Proof of Concept for Diverse Double Compilation of tinycc (aka tcc).
Ximin Luo did a successful diverse-double compilation of tinycc git HEAD using gcc-7.2.0, clang-4.0.1, icc-18.0.0 and pgcc-17.10-0 (pgcc needs to triple-compile it). More variations are planned for the future, with the eventual aim to reproduce the same binaries cross-distro, and extend it to test GCC itself.
Packages reviewed and fixed, and bugs filed
Patches filed upstream:
- Bernhard M. Wiedemann:
- clang - ASLR affects objective-C binaries.
- Chris Lamb:
- nbsphinx (merged) - Random UUIDs used as element selectors.
- stardicter (merged) -
SOURCE_DATE_EPOCHsupport. - stetl - Build path in documentation.
Patches filed in Debian:
- Bernhard M. Wiedemann:
- Adrian Bunk:
- #881453 filed against primesieve - FTBFS.
- Chris Lamb:
- #881089 filed against stardicter - (merged)
SOURCE_DATE_EPOCH. - #881094 filed against nbsphinx - random UUIDs.
- #881157 filed against designate - build path.
- #881217 filed against python-stetl - build path.
- #881258 filed against sphinx-intl - drop date.
- #881259 filed against soundmodem - build path.
- #881262 filed against node-module-deps - build path.
- #881474 filed against phatch - random memory address.
- #881089 filed against stardicter - (merged)
- Daniel Kahn Gillmor:
Patches filed in openSUSE:
- Bernhard M. Wiedemann:
- i4l-base (merged) - Uninitialized memory written to output.
Reviews of unreproducible packages
73 package reviews have been added, 88 have been updated and 40 have been removed in this week, adding to our knowledge about identified issues.
4 issue types have been updated:
- Add randomness_in_files_generated_by_pinyin_gen_binary_files.
- Add build_path_captured_in_assembly_objects.
- Add timestamps_in_ifo_files_generated_by_python_stardicter.
- Update timestamps_in_source_generated_by_rcc.
Weekly QA work
During our reproducibility testing, FTBFS bugs have been detected and reported by:
- Adrian Bunk (69)
- Andreas Beckmann (3)
- Dmitry Shachnev (1)
- Graham Inggs (1)
diffoscope development
Mattia Rizzolo uploaded version
88~bpo9+1 to stretch-backports.
reprotest development
- Ximin Luo:
- build: add comment that
util-linuxconfirmed bug in nsenter, awaiting fix. - Make
--print-sudoerswork for--env-buildas well.
- build: add comment that
reproducible-website development
- Holger Levsen:
- rws3: add OTF as sponsor
- rws3: add F-Droid, riot-os.org
- Chris Lamb:
- Move the “contribute” page from the Debian wiki to
/contribute/on our main website.
- Move the “contribute” page from the Debian wiki to
- Eitan Adler:
- Fix typo in FreeBSD mailing list.
theunreproduciblepackage development
- Bernhard M. Wiedemann:
tests.reproducible-builds.org in detail
- Mattia Rizzolo:
- reproducible archlinux: enable debugging mode
- reproducible archlinux: don’t use hidden files for the package lists
- reproducible fedora: don’t use hidden files for the package lists
- udd-query: move from public-udd-mirror.xvm.mit.edu to udd-mirror.debian.net
- udd-query: remove the temporary file with a trap in case this script is called with the wrong argument, and in case of failures, etc, the temporary file would be left around otherwise
- reproducible debian: schroot-create: drop the reproducible gpg keyring into /etc/apt/trusted.gpg.d/ instead of using
apt-key add - reproducible debian: setup_pbuilder: drop the reproducible gpg keyring into /etc/apt/trusted.gpg.d/ instead of using
apt-key add - reprodocible debian: setup_pbuilder: stop installing gnupg2 in our chroot, not needed anymore now
- Mattia also merged and deployed some commits from others this week.
- Alexander ‘lynxis’ Couzens
- reproducible_lede: use correct place/variable to save results: Results on remote nodes are expected to be under $TMPDIR, which defined by openwrt_build. RESULTSDIR is undefined on the remote node
- reproducible_lede: enable building all packages again, after it was disabled to improve the debug speed.
- reproducible_lede: correct given path for node_cleanup_tmpdirs & node_save_logs- reproducible_lede: enable CONFIG_BUILDBOT to reduce inodes while building.
- kpcyrd:
- reproducible-archlinux: try porting abs to asp
- reproducible-archlinux: explicitly sync packages
- reproducible-archlinux: use sudo for pacman
- Hans-Christoph Steiner:
- reproducible fdroid: point jenkins to canonical URL
- reproducible_fdroid: separate testsuite into its own job
- reproducible fdroid: sync upstream script names with jenkins.debian.net, make things self-documenting by reusing the same names everywhere.
- reproducible_fdroid_test: make script executable
- Chris Lamb:
- Move some IRC announcements to #debian-reproducible-changes.
- Holger Levsen:
- reproducible LEDE: try to deal gracefully with problems and report
- as usual, Holger merged many of the above commits and deployed them.
Misc.
This week’s edition was written by Ximin Luo, Bernhard M. Wiedemann, Chris Lamb and Holger Levsen & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.
