Most of FreeBSD builds "reproducibly" (aka. with two builds producing identical binaries) but there are a few deviations from this. It would be great if these could be eliminated.

Reproducible Builds

The Reproducible Builds website has more information on the Reproducible Builds initiative, including the Reproducible Builds Definition.

Known problem files in the base system

/boot/{loader, pxeboot, userboot.so, zfsloader}

Contain build time/date. Option to disable added in r310268.

/boot/kernel/kernel

Contains time/date, user, and host. See https://reviews.freebsd.org/D4347. Beginning of fix in r310112. Option to disable added in r310128.

Kernel modules with full paths (in non-debug sections)

Reported by the Debian GNU/kFreeBSD folks. Specifying .PATH: $(.CURDIR)/foo/bar in a Makefile expands ${.CURDIR} to an absolute path. Debian used relative paths instead: .PATH foo/bar. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757629

From the Debian report,

* modules are built with -DKLD_MODULE
* KLD_MODULE causes LOCK_DEBUG to be defined (sys/lock.h)
* LOCK_DEBUG causes mtx_assert() to use __FILE__ in debug messages (sys/mutex.h)

Triage required

The build option survey (from phk@, recently resurrected by bz@) demonstrated possible non-reproducibility in a number of files unrelated to the option being tested - for example:

                usr/lib/debug/boot/kernel/aacraid.ko.debug file size=429288
                usr/lib/debug/boot/kernel/aacraid.ko.debug file size=429280
                usr/lib/debug/boot/kernel/acpi_asus.ko.debug file size=72032
                usr/lib/debug/boot/kernel/acpi_asus.ko.debug file size=72024

Failures appear to be a variety of different kernel module .debug files.

Different version of yacc used in build

Perhaps a build race?

--- obj-repro.a/sparc64.sparc64/scratch/tmp/emaste/freebsd/tmp/scratch/tmp/emaste/freebsd/usr.sbin/config/y.tab.c       2016-12-20 14:13:03.000000000 -0500
+++ obj-repro.b/sparc64.sparc64/scratch/tmp/emaste/freebsd/tmp/scratch/tmp/emaste/freebsd/usr.sbin/config/y.tab.c       2016-12-21 07:56:10.000000000 -0500
@@ -5,7 +5,7 @@
 #define YYBYACC 1
 #define YYMAJOR 1
 #define YYMINOR 9
-#define YYPATCH 20161202
+#define YYPATCH 20160324
 
 #define YYEMPTY        (-1)
 #define yyclearin      (yychar = YYEMPTY)
...

Resolved issues

File

Issue

Fix Revision

/usr/include/osreldate.h

copyright year; now derived from src/COPYRIGHT (Previously the build year was placed in the Copyright statement. This isn't even valid since the passage of time doesn't create new copyrightable work.)

r274458

/usr/sbin/amd

Build host and user (still contains the build OS name and version)

r264374

/usr/sbin/bhyve

build date/time

r267949

/etc/mail/*.cf

contains the user and host names from the build

r277787

/usr/bin/svnlite

weird things happening here, even after time stamps were removed in r257129.

Fixed in an unknown revision.

/usr/share/doc/psd/13.rcs/paper.ascii.gz

contains the build date

r295702

/var/db/mergemaster.mtree

contains user and host names, and the build time

r301584

/usr/share/man/man1/eqn.1.gz etc.

groff man pages, contain source checkout date

r306740

/usr/share/man/mandoc.db, /usr/share/openssl/man/mandoc.db

ordering determined by inode number used as hash key

r307003

tests/sys/geom/class/uzip

generated geom_uzip filesystem images are now in svn

r307625

Ports tree

A diffoscope comparison of two poudriere runs is available. About 80% of the ports tree is reproducible.

ReproducibleBuilds (last edited 2017-10-30 20:30:51 by EdMaste)