Bug#900593: diffoscope: GNU tar xattrs result in: libarchive: Ignoring malformed pax extended attribute

Tianon Gravi tianon at debian.org
Mon Jun 11 21:43:14 BST 2018

On Mon, 11 Jun 2018 at 01:29, Chris Lamb <lamby at debian.org> wrote:
> Chris Lamb wrote:
> > Glad I could resolve your use-case. However, I assume there is still a
> > diffoscope bug here?
> >
> > ie. We certainly shouldn't be emitting "Ignoring malformed pax
> > extended attribute" to stderr and — as a possible improvement — we
> > should be emitting that as part of the "proper" output?
> Gentle ping on this Tianon? :-)

Apologies!  Yes, IMO there's definitely a diffoscope bug here.  The
_ideal_ case would be that it shows me useful data about the PaX
headers that don't match (so that I can narrow down why my tarballs
aren't reproducible).

For some slight context, I reach for diffoscope when I have two binary
objects that I expect to be the same and aren't because it's really
good at taking all that binary noise and converting it to something I
can make some sense out of with an eventual fallback to something like
"diff <(hexdump) <(hexdump)" if it can't find any useful signal in the
noise (or doesn't have the necessary tools installed).

In the case of these PaX headers, we get this misleading warning a few
times, then the "file(1)" diff output ("-POSIX tar archive" / "+POSIX
tar archive (GNU)") -- not even a note about how diffoscope couldn't
find any more meaningful differences between the two objects, so I
think this is at least a wishlist bug for diffoscope and possibly a
minor/normal issue depending on how important you think tar files
containing capabilities / extended attributes are. :)

- Tianon
  4096R / B42F 6819 007F 00F8 8E36  4FD4 036A 9C25 BF35 7DD4

More information about the Reproducible-builds mailing list