mirror of
https://github.com/LBRYFoundation/LBRY-Vault.git
synced 2025-08-28 07:51:27 +00:00
570c0aeca3
see bitcoin/bitcoin@217208a36d ----- A lot of time was wasted on this... over the years actually... Some notes and rant here, for future reference. During the initial effort to try to make binaries reproducible, out of the three windows binaries being distributed (standalone, portable, setup), only the first two were successfully made deterministic. Later, we started to use Docker-based builds. At that point ThomasV and I could reproducibly build the same setup/nsis exe but Travis kept building a different one. Recently I have noticed that if I do two subsequent builds of the setup exe on the same machine, adding a new file in contrib/build-wine/ between the builds, then I get different binaries. Playing around with this a bit, it seems: - other files that are in the same folder as contrib/build-wine/electrum.nsi affect the binary - only files that are in exactly the same folder matter (not recursively) - only filenames matter (not permission, owner, timestamps, or file contents) To see the difference in the binaries, use vbindiff, and disable the compression done by nsis (SetCompress off). There is a ~48 byte diff near the very beginning of the "Uninstaller" section. I am only guessing it is the uninstaller section based on the sizes of the sections printed by nsis during the build. I have downloaded the binary built by Travis, and the diff is consistent with this (i.e. it's the same kind of diff that manifests if I change the filename of one of the supposedly unrelated files). Commenting out the "WriteUninstaller" line in .nsi fixes the issue. i.e. if no uninstaller is created then the binary becomes deterministic. Commenting out the "!define MUI_ICON" line in .nsi also fixes the issue. At this point I remembered the above referenced commit by bluematt; which I had thought we had already followed up on... Replacing the .ico file fixes the issue. Note that it's not actually clear what the exact requirements for the .ico file are. Removing any of the layers in the image seems to introduce non-determinicity. The new .ico file has layers with resolutions and properties the bitcoin.ico file has. I guess NSIS must have strict requirements for the icon size, and if a given size icon is missing it might be creating it itself?? And during the downscaling it uses a non-deterministic algorithm that initialises some RNG from the directory listing (bauerj's guess somewhat adapted :D). Just crazy. |
||
|---|---|---|
| .. | ||
| icons | ||
| kivy | ||
| qt | ||
| __init__.py | ||
| stdio.py | ||
| text.py | ||