Old build daemons lead to non-reproducible builds

  • Done
  • quality assurance status badge
Details
4 participants
  • Andreas Enge
  • Leo Famulari
  • Ludovic Courtès
  • Ricardo Wurmus
Owner
unassigned
Submitted by
Ludovic Courtès
Severity
important
L
L
Ludovic Courtès wrote on 24 Nov 2016 14:09
(address . guix-sysadmin@gnu.org)(address . bug-guix@gnu.org)
87d1hl6n35.fsf@gnu.org
Hi!

Old versions of guix-daemon would use /tmp/nix-build-… as the build
directory name instead of /tmp/guix-build-… (commit
7a57c96a1024e6b74359ba561110f19f92b89b06), and versions prior to 0.11.0
could use a different directory prefix (.drv-0, .drv-1, etc.) whereas
current versions systematically use .drv-0 (commit
cb9601029ea164b86bdf997f7160d494c15d344b).

However, some of our build machines run old daemons, which leads to
discrepancies such has:

Toggle snippet (15 lines)
$ wget -O - https://mirror.hydra.gnu.org/nar/3kxg1wvc1dnw9bdnp61pfc6vy14v4ikl-bash-4.4.0-include |bunzip2 |guix archive -x /tmp/foo
[…]
$ diff -ruBb /gnu/store/3kxg1wvc1dnw9bdnp61pfc6vy14v4ikl-bash-4.4.0-include /tmp/foo
diff -ruBb /gnu/store/3kxg1wvc1dnw9bdnp61pfc6vy14v4ikl-bash-4.4.0-include/lib/bash/Makefile.inc /tmp/foo/lib/bash/Makefile.inc
--- /gnu/store/3kxg1wvc1dnw9bdnp61pfc6vy14v4ikl-bash-4.4.0-include/lib/bash/Makefile.inc 1970-01-01 01:00:01.000000000 +0100
+++ /tmp/foo/lib/bash/Makefile.inc 2016-11-24 14:00:26.449665970 +0100
@@ -38,7 +38,7 @@
headersdir = $(includedir)/$(PACKAGE_NAME)
topdir = ../..
-BUILD_DIR = /tmp/guix-build-bash-4.4.0.drv-0/bash-4.4
+BUILD_DIR = /tmp/nix-build-bash-4.4.0.drv-0/bash-4.4
srcdir = .

This can lead to hash mismatches between what the narinfo claims and
what the nar actually contains (due to caching), which annoys users.

We should update all our build machines to a newer daemon.

Ludo’.
L
L
Ludovic Courtès wrote on 3 Dec 2016 00:07
(address . guix-sysadmin@gnu.org)(address . 25016@debbugs.gnu.org)
87mvgedj5f.fsf@gnu.org
ludo@gnu.org (Ludovic Courtès) skribis:

Toggle quote (2 lines)
> We should update all our build machines to a newer daemon.

Today I updated the daemon on hydra.gnunet.org from 0.9 to 0.11ish.

Ludo’.
A
A
Andreas Enge wrote on 4 Jan 2017 12:15
Re: Staging freeze
(name . Ludovic Courtès)(address . ludo@gnu.org)
20170104111500.GA20021@jurong
Hello,

On Wed, Jan 04, 2017 at 12:05:10PM +0100, Ludovic Courtï¿œs wrote:
Toggle quote (7 lines)
> Leo Famulari <leo@famulari.name> skribis:
> > On Thu, Dec 29, 2016 at 05:59:52PM +0100, Ludovic Courtï¿œs wrote:
> >> Mark, Andreas: could you update guix-daemon on the ARM/MIPS machines you
> >> have root access to and notify 25016@debbugs.gnu.org?
> > In case they were updated without notification,
> We never know! :-)

I did update the daemon on redhill, but gave up on making it run with systemd,
I had no patience to investigate why it would not start - the symbolic link
instead of a copied file? So now it is just running in a screen. Please let
me know when there is a problem.

Andreas
L
L
Ludovic Courtès wrote on 4 Jan 2017 16:49
(name . Andreas Enge)(address . andreas@enge.fr)
877f6akepc.fsf@gnu.org
Hi!

Andreas Enge <andreas@enge.fr> skribis:

Toggle quote (13 lines)
> On Wed, Jan 04, 2017 at 12:05:10PM +0100, Ludovic Courtès wrote:
>> Leo Famulari <leo@famulari.name> skribis:
>> > On Thu, Dec 29, 2016 at 05:59:52PM +0100, Ludovic Courtès wrote:
>> >> Mark, Andreas: could you update guix-daemon on the ARM/MIPS machines you
>> >> have root access to and notify 25016@debbugs.gnu.org?
>> > In case they were updated without notification,
>> We never know! :-)
>
> I did update the daemon on redhill, but gave up on making it run with systemd,
> I had no patience to investigate why it would not start - the symbolic link
> instead of a copied file? So now it is just running in a screen. Please let
> me know when there is a problem.

Awesome, thanks!

Ludo’.
L
L
Leo Famulari wrote on 4 Jan 2017 20:44
(name . Andreas Enge)(address . andreas@enge.fr)
20170104194457.GB7042@jasmine
On Wed, Jan 04, 2017 at 12:15:00PM +0100, Andreas Enge wrote:
Toggle quote (15 lines)
> Hello,
>
> On Wed, Jan 04, 2017 at 12:05:10PM +0100, Ludovic Courtès wrote:
> > Leo Famulari <leo@famulari.name> skribis:
> > > On Thu, Dec 29, 2016 at 05:59:52PM +0100, Ludovic Courtès wrote:
> > >> Mark, Andreas: could you update guix-daemon on the ARM/MIPS machines you
> > >> have root access to and notify 25016@debbugs.gnu.org?
> > > In case they were updated without notification,
> > We never know! :-)
>
> I did update the daemon on redhill, but gave up on making it run with systemd,
> I had no patience to investigate why it would not start - the symbolic link
> instead of a copied file? So now it is just running in a screen. Please let
> me know when there is a problem.

Okay, thank you!

If you are around after FOSDEM, I'm happy to take a look at these
systems with you to make them use systemd. I think it's more reliable...
if it works :)
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlhtULgACgkQJkb6MLrK
fwhInRAAjjjAlFvJtCaJntTqsINSWQ3t5kkXg0wKTz5vTZiW6X3ojdhbHtxMkNo0
NVGe5I9FL7jiOeHnVNnBKziV1bV4HMz8/uNo4WpVTI0gIdP8lHX2iZGRh8E3YInt
xYVRdn+orA5rkwe5HzcoW6PiYYKcqqm3w+CE9ck60EB4KxVwfCxPmOtjyCSfk0o2
8+vQcQVvQbYbX9uFZREGUgKMTx6IplnNOjg5pp+susicGx79eCmmkiuTCj5cVg6k
DpcfemvILmu2s+TkKZpJCxzIfNeZBfB8kFywJPPoRJxmW50+ZABM1u5bxAXqshDl
O1/AqflA7kqjccCvhyatBppmNjo5BS/1DOIIgbCZZoP+u2qNKR4yWUXsYtX8SrHQ
5fIfKvbZ+UkG7cVg04vjx0mSKlB7TsAuPvUbTodYPZRwprPCWKg8MCtet3JDwQj0
EWdR/exGsmWwt1tFeMk8Wr7eFvw3EhHuLhsmRZonHTc5tHtn96O+lcao6xfgATqx
AK/chV0LElZODGEJzJv9mVVOJUsUhFXfg68gKXd9WhGiMmKzrcFNgmU4I1MjPARK
S/e3JX7+vUpApGjkFynSGcUSrXVJWnY8tlfgMVRsw2OR1c/CtqFa7Z8lal/4tGdm
PpgoGucw1EXaNeiM7aeQ9wfDQQvCzlpXQw22alPyPMXO7+Jstys=
=VXmv
-----END PGP SIGNATURE-----


L
L
Ludovic Courtès wrote on 4 May 2017 23:22
control message for bug #25016
(address . control@debbugs.gnu.org)
87shkk8ggy.fsf@gnu.org
severity 25016 important
L
L
Ludovic Courtès wrote on 4 May 2017 23:51
Re: bug#25016: Old build daemons lead to non-reproducible builds
(address . guix-sysadmin@gnu.org)(address . 25016@debbugs.gnu.org)
87inlg8f4s.fsf@gnu.org
ludo@gnu.org (Ludovic Courtès) skribis:

Toggle quote (2 lines)
> We should update all our build machines to a newer daemon.

I’ve updated guix.sjd.se from 0.8.3 (!) to 0.12.0-9.25a4, which should
fix the “/tmp/nix-build” issue that was showing up for packages such as

Ludo’.
R
R
Ricardo Wurmus wrote on 5 May 2017 08:53
(name . Ludovic Courtès)(address . ludo@gnu.org)
87y3ub4wwk.fsf@elephly.net
Ludovic Courtès <ludo@gnu.org> writes:

Toggle quote (8 lines)
> ludo@gnu.org (Ludovic Courtès) skribis:
>
>> We should update all our build machines to a newer daemon.
>
> I’ve updated guix.sjd.se from 0.8.3 (!) to 0.12.0-9.25a4, which should
> fix the “/tmp/nix-build” issue that was showing up for packages such as
> cunit at <https://gnu.org/s/guix/packages/reproducibility.html>.

Wow, that’s quite a jump!

--
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC
L
L
Ludovic Courtès wrote on 16 Jun 2017 10:52
control message for bug #25016
(address . control@debbugs.gnu.org)
87r2ykgvre.fsf@gnu.org
tags 25016 fixed
close 25016
?
Your comment

This issue is archived.

To comment on this conversation send an email to 25016@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 25016
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch