| Message ID | ZyJ1wSX6cPIdnLpN@kernelpanicroom |
|---|---|
| State | New |
| Headers |
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org> X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 0C7ED27BBE9; Wed, 30 Oct 2024 18:08:41 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_BLOCKED, RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE,SPF_HELO_PASS, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id D3CC727BBE2 for <patchwork@mira.cbaines.net>; Wed, 30 Oct 2024 18:08:37 +0000 (GMT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from <guix-patches-bounces@gnu.org>) id 1t6D70-0001OY-SL; Wed, 30 Oct 2024 14:08:07 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1t6D6x-0001OP-UI for guix-patches@gnu.org; Wed, 30 Oct 2024 14:08:03 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1t6D6x-00085V-Ko for guix-patches@gnu.org; Wed, 30 Oct 2024 14:08:03 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:From:Date:To:Subject; bh=jpvUw832ZA0Tp9v8R4a6YAuaOhuLI081hFrE5qu3M6o=; b=NDImiCheXZ8EFeU9HAXBaMn1s2YhOqSz2sIywb5PnuE7s3naKmJ4hwS31aacjJmAX7uzhO+cPuMvaJCRYdg+FQaSRMMsQJYAOlQN7TPZuViTtIsZxwxCs3pmBWxK3GxJmg3dLtZPkDqMq/p6GlLUWJ68k+9WEfBAtUKyI1nHEtzKLuCyeFiwgusdqe6h80o13C5FoRM3l488W7bWGcb9MLLhnzVRVy5VnP3ZCILWjKFPLVY1dahEL3ovRo0mUDq7B2EAWyf+47ZO++reMmvjJkLUVx3uiyBQ83qzCKvRzc7FSSdUP720gCj8Yq0yO92889iNt/5aGDttZ54NE8E6CA==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1t6D6w-0002yi-Dl for guix-patches@gnu.org; Wed, 30 Oct 2024 14:08:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#74112] [PATCH] Fix determinism issue in guix package Resent-From: Jakob Kirsch <jakob.kirsch@web.de> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org> Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 30 Oct 2024 18:08:02 +0000 Resent-Message-ID: <handler.74112.B.173031162511421@debbugs.gnu.org> Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 74112 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 74112@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.173031162511421 (code B ref -1); Wed, 30 Oct 2024 18:08:02 +0000 Received: (at submit) by debbugs.gnu.org; 30 Oct 2024 18:07:05 +0000 Received: from localhost ([127.0.0.1]:36460 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>) id 1t6D61-0002y8-Az for submit@debbugs.gnu.org; Wed, 30 Oct 2024 14:07:05 -0400 Received: from lists.gnu.org ([209.51.188.17]:58166) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <jakob.kirsch@web.de>) id 1t6D5y-0002y1-Pc for submit@debbugs.gnu.org; Wed, 30 Oct 2024 14:07:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <jakob.kirsch@web.de>) id 1t6D5y-0001L6-Jc for guix-patches@gnu.org; Wed, 30 Oct 2024 14:07:02 -0400 Received: from mout.web.de ([217.72.192.78]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <jakob.kirsch@web.de>) id 1t6D5w-00083W-MM for guix-patches@gnu.org; Wed, 30 Oct 2024 14:07:02 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=web.de; s=s29768273; t=1730311617; x=1730916417; i=jakob.kirsch@web.de; bh=jpvUw832ZA0Tp9v8R4a6YAuaOhuLI081hFrE5qu3M6o=; h=X-UI-Sender-Class:Date:From:To:Subject:Message-ID:MIME-Version: Content-Type:cc:content-transfer-encoding:content-type:date:from: message-id:mime-version:reply-to:subject:to; b=a5YQal342vIM4gIN9/a4bKsY0wcP440ygTzrJoMBfoOAH16qW+jrP+yNeIT6nZho kCg8mX5W2Y2Fyd5zc7jmUVnuBULWN9QjZswK2y3+Sis4j0n8AmHvzShKh52B9dKkQ GYKSytnoL33MMjwailXvKfvGf2i03dbqEDQN9c2JMZKuHjmiZhsIxBDlwhNKdy1Ee JlzWk+zhFq7qiJUtogCHpfnlsG+Kh4Sd2GA89OxARn2gCzuwDe6JnmJvvdNbmWOPy MuGGju0YcZnVp/xinnPzXoaC1Aub6d5v3A/WVg3/bYG2CpVIYok9tke3vRf7MOiM0 ynMSMyNp4DUtzHAmSA== X-UI-Sender-Class: 814a7b36-bfc1-4dae-8640-3722d8ec6cd6 Received: from kernelpanicroom ([134.19.29.168]) by smtp.web.de (mrweb105 [213.165.67.124]) with ESMTPSA (Nemesis) id 1MI3tF-1t2a4k0COt-000dUC for <guix-patches@gnu.org>; Wed, 30 Oct 2024 19:06:57 +0100 Date: Wed, 30 Oct 2024 19:06:57 +0100 Message-ID: <ZyJ1wSX6cPIdnLpN@kernelpanicroom> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="qKzgm8cl8F6463sy" Content-Disposition: inline X-Provags-ID: V03:K1:Xc5OPgKKkN7bmTkPhXfjXKiVcCIvsRIMIvMsyJq1Pf7kfW7Z4Zi 7exXz6PjBxPue8JoM/gB6CWN7Ec8fyCAMd1QoaO1AJiq6RFVTZ3Q8i5I30XWs/3PBlHjS4O ysFKFriSGdfseSBpZxhexxQa5Oq4bjmn6Sha3IyE5R1zkTdgINc21J/sWfWXIsDGZsvkZho WDweMrIY4W95rDXxjbiWA== UI-OutboundReport: notjunk:1;M01:P0:4BekegwE4do=;c0Dsr4SHjVdliJLTY/ToG7ftWQj Eapi+CDcN2XiYOdMSIzIbfA25DbCatyVS8NAMjs/iJZXTeKw/GbHsPfbKqtWODV1C+SWbIFwo tS1SYSdz659DttXNEwUfFy0vOhk/6prZMkxuHYuY27EEwIU+Yb90xGlEvX8K2rVjaK7KOEDUK XGUxsKVmZWJynHOLZvEILFVhXrEM0PpCMxy4YIsoxqna2sKeD43Q6+DpGQFe2Z5bBWbK6Fqz2 gGCqHn3cfwEAON5hFlssWPxlWp4bTHjqoBqMlQg6ePDyCW9MjqANbRl2Pm46eW7l44uzSfyou J4/XcO8PKuk947nI+kGewOyfNdVo/9dZn64QxCdp82Y/x2lYDdt9QJpw23JP9NentobaloLgt cxwQt17Xj/mb01l7Xi18n0oatEmrQx63nEz/zUHQQcuVQRvR8V67XKhqewfmDHGFoj/R51NmS I9/SpRaXlff/LF2c1TUXi4Fkx2qa114XIT8NcrdtaBqGtSN9cn8Aa53nMsgwqptnTw5cNt713 /q35Z1Grr0FthTJvB+cW2+J+la3WUtRAl8o3DDm4+kjwMVNOqHdczRMFmf4HlKahgskkyl/qE mDwkBxeJTVdLOUVGOK7IVwDS0ZMQNLI6oKgVwDoPzb7lWwQWMvzfQIdmCq6Dc9yl8j37EiGz2 rGu7RGL0T59x1nRCFOaGqWr+YSgFmTomwx8GWN7fTjgK0vQM3bjiwU7fb2b96ZSEqXIZvMo6t HSy1hbJvI4wup5Gz8A4OLwGibniayYtTTtaUIiPXi+ksEAegQmwpri8RbK4wrGrkzaVWUkuOh WGQyXh6/WAigpljoP9L/+b5g== Received-SPF: pass client-ip=217.72.192.78; envelope-from=jakob.kirsch@web.de; helo=mout.web.de X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: <guix-patches.gnu.org> List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=unsubscribe> List-Archive: <https://lists.gnu.org/archive/html/guix-patches> List-Post: <mailto:guix-patches@gnu.org> List-Help: <mailto:guix-patches-request@gnu.org?subject=help> List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=subscribe> Reply-to: Jakob Kirsch <jakob.kirsch@web.de> X-ACL-Warn: , Jakob Kirsch via Guix-patches <guix-patches@gnu.org> From: Jakob Kirsch via Guix-patches via <guix-patches@gnu.org> Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches |
| Series |
[bug#74112] Fix determinism issue in guix package
|
|
Commit Message
Jakob Kirsch
Oct. 30, 2024, 6:06 p.m. UTC
I've recently noticed that `guix challenge guix` returns different hashes for each substitute server and also every build with `guix build --no-grafts guix` fails.
Running `guix build --no-grafts guix --cores=1` seems to reliably produce the same hash though. As someone pointed out on XMPP, Guile seems to have issues with parallel builds so this patch disables them for the guix package.
I think this has high importance because the main guix package should be reproducible in order to trust the whole chain of packages.
From 0f3df56dd0c430c09ba2839c9e2d5b32948201ae Mon Sep 17 00:00:00 2001
Message-ID: <0f3df56dd0c430c09ba2839c9e2d5b32948201ae.1730311414.git.jakob.kirsch@web.de>
From: Jakob Kirsch <jakob.kirsch@web.de>
Date: Wed, 30 Oct 2024 19:02:15 +0100
Subject: [PATCH v1] gnu: guix: Fix determinism issue
* gnu/packages/package-management.scm (guix): Fix determinism issue by disabling parallel build.
Change-Id: Ie28e16ed1f15cbc0da0c0d70b2c461e2baa3ff0a
---
gnu/packages/package-management.scm | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
base-commit: d6f775c30c6f47e174f6110d1089edc6315600e4
--
2.46.0
Comments
Hi Jakob, On Tue, 05 Nov 2024 02:38:34 +0800, Jakob Kirsch via Bug reports for GNU Guix wrote: > > I've recently noticed that `guix challenge guix` fails since guix isn't > reproducible at the moment. As someone pointed out on XMPP, this is due to > parallelism issues with Guile so running `guix build guix --no-grafts > --cores=1 --check` reliably produces the same output. > > I've sent a simple patch in #74112 to address this and I think this is > important since the main guix package should definitely be reproducible so it > can be trusted. I can confirm the reproducibility issue. I have two x86_64-linux machines building guix to verify the fix, I'll apply your patch once they produce matching outputs. Thanks for reporting!
Hello again, On Tue, 05 Nov 2024 18:31:04 +0800, Hilton Chain via Guix-patches via wrote: > > Hi Jakob, > > On Tue, 05 Nov 2024 02:38:34 +0800, > Jakob Kirsch via Bug reports for GNU Guix wrote: > > > > I've recently noticed that `guix challenge guix` fails since guix isn't > > reproducible at the moment. As someone pointed out on XMPP, this is due to > > parallelism issues with Guile so running `guix build guix --no-grafts > > --cores=1 --check` reliably produces the same output. > > > > I've sent a simple patch in #74112 to address this and I think this is > > important since the main guix package should definitely be reproducible so it > > can be trusted. > > I can confirm the reproducibility issue. > > I have two x86_64-linux machines building guix to verify the fix, I'll apply > your patch once they produce matching outputs. Took me quite a while to build 5 rounds. :) --8<---------------cut here---------------start------------->8--- $ guix hash --serializer=nar /gnu/store/fs7x07jfn7igpkwv3alrs9by21q70y13-guix-1.4.0-26.5ab3c4c 0kh87wb4qn97kwzrf4igal71cjvv143j6jr2y3dwfzcy1madj1ll --8<---------------cut here---------------end--------------->8--- Applied #74112 as 4c56d0cccdc44e12484b26332715f54768738c5f, thanks!
Hi, On Tue, 05 Nov 2024 at 23:25, Hilton Chain via Bug reports for GNU Guix <bug-guix@gnu.org> wrote: >> I can confirm the reproducibility issue. >> >> I have two x86_64-linux machines building guix to verify the fix, I'll apply >> your patch once they produce matching outputs. > > Took me quite a while to build 5 rounds. :) > > --8<---------------cut here---------------start------------->8--- > $ guix hash --serializer=nar /gnu/store/fs7x07jfn7igpkwv3alrs9by21q70y13-guix-1.4.0-26.5ab3c4c > 0kh87wb4qn97kwzrf4igal71cjvv143j6jr2y3dwfzcy1madj1ll > --8<---------------cut here---------------end--------------->8--- > > Applied #74112 as 4c56d0cccdc44e12484b26332715f54768738c5f, thanks! Maybe I am missing something. To my knowledge, .go files produced by Guile are not always reproducible, see bug#20272 [1]. And, from my understanding, Guix cannot be reproducible until this bug had been fixed. Therefore, I am not convinced that this patch is worth under this frame considering the build-time penalty it brings. That’s said, maybe it’s better than nothing and the package ’guix’ is barely built after all. I do not know. What people think? Cheers, simon 1: https://issues.guix.gnu.org/issue/20272
Hi Simon, Simon Tournier <zimon.toutoune@gmail.com> writes: > Hi, > > On Tue, 05 Nov 2024 at 23:25, Hilton Chain via Bug reports for GNU Guix <bug-guix@gnu.org> wrote: > >>> I can confirm the reproducibility issue. >>> >>> I have two x86_64-linux machines building guix to verify the fix, I'll apply >>> your patch once they produce matching outputs. >> >> Took me quite a while to build 5 rounds. :) >> >> --8<---------------cut here---------------start------------->8--- >> $ guix hash --serializer=nar /gnu/store/fs7x07jfn7igpkwv3alrs9by21q70y13-guix-1.4.0-26.5ab3c4c >> 0kh87wb4qn97kwzrf4igal71cjvv143j6jr2y3dwfzcy1madj1ll >> --8<---------------cut here---------------end--------------->8--- >> >> Applied #74112 as 4c56d0cccdc44e12484b26332715f54768738c5f, thanks! > > Maybe I am missing something. To my knowledge, .go files produced by > Guile are not always reproducible, see bug#20272 [1]. And, from my > understanding, Guix cannot be reproducible until this bug had been > fixed. Therefore, I am not convinced that this patch is worth under > this frame considering the build-time penalty it brings. > > That’s said, maybe it’s better than nothing and the package ’guix’ is > barely built after all. I do not know. > > What people think? Perhaps we should set the default parallel-build? to #f in the guile-build-system at least in the meantime, with a prominent comment as to why and a reference to the upstream issue? Many Guile packages use the gnu-build-system so that wouldn't cover all of them like 'guix'... I'm not sure. It'd be nicer to fix the underlying guile issue (again?), but I doubt many people are up to this.
Hi, Maxim Cournoyer <maxim.cournoyer@gmail.com> skribis: > Simon Tournier <zimon.toutoune@gmail.com> writes: [...] >> Maybe I am missing something. To my knowledge, .go files produced by >> Guile are not always reproducible, see bug#20272 [1]. And, from my >> understanding, Guix cannot be reproducible until this bug had been >> fixed. Therefore, I am not convinced that this patch is worth under >> this frame considering the build-time penalty it brings. >> >> That’s said, maybe it’s better than nothing and the package ’guix’ is >> barely built after all. I do not know. >> >> What people think? > > Perhaps we should set the default parallel-build? to #f in the > guile-build-system at least in the meantime, with a prominent comment as > to why and a reference to the upstream issue? Many Guile packages use > the gnu-build-system so that wouldn't cover all of them like > 'guix'... I'm not sure. Sounds good to me: packages using ‘guile-build-system’ are usually relatively small so the impact is negligible. ‘guix’ is a little different because it takes so much time to build sequentially… Ludo’.
diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index 1763d2d59f..478a74385b 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -199,7 +199,8 @@ (define-public guix (file-name (string-append "guix-" version "-checkout")))) (build-system gnu-build-system) (arguments - `(#:configure-flags (list + `(#:parallel-build? #false ; for reproducibility + #:configure-flags (list ;; Provide channel metadata for 'guix describe'. ;; Don't pass '--with-channel-url' and