{"title":"ConstBin: A Tool for Automatic Fixing of Unreproducible Builds","authors":"Hongjun He, Jicheng Cao, Lesheng Du, Hao Li, Shi-Chao Wang, Shengyu Cheng","doi":"10.1109/ISSREW51248.2020.00044","DOIUrl":null,"url":null,"abstract":"Compiling a software package multiple times may result in different artifacts. This problem is called unreproducible builds, which affect the credibility of the software. Researchers mainly focus on how to automatically locate the causes for unre-producible builds. However, automatic fixing is rarely studied. In this paper, we propose ConstBin, an automated tool that helps to generate consistent artifacts. It captures unreproducible commands in a build process and automatically replace them with their fixing operations based on an extensible rules set. As far as we know, ConstBin is the first tool that fixes inconsistencies during build processes. We have evaluated this tool on 348 open source packages whose original builds are unreproducible. The results of the evaluation show that 83.91% of these builds have successfully generated consistent artifacts with the application of ConstBin.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISSREW51248.2020.00044","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Compiling a software package multiple times may result in different artifacts. This problem is called unreproducible builds, which affect the credibility of the software. Researchers mainly focus on how to automatically locate the causes for unre-producible builds. However, automatic fixing is rarely studied. In this paper, we propose ConstBin, an automated tool that helps to generate consistent artifacts. It captures unreproducible commands in a build process and automatically replace them with their fixing operations based on an extensible rules set. As far as we know, ConstBin is the first tool that fixes inconsistencies during build processes. We have evaluated this tool on 348 open source packages whose original builds are unreproducible. The results of the evaluation show that 83.91% of these builds have successfully generated consistent artifacts with the application of ConstBin.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
