Recently, it had been discovered that FreeBSD installation medium, ISOs and memory stick images, are not fully reproducible in head, stable/12, and stable/11, and presumably earlier releases. During investigation, one commit in particular had been identified as part of the reproducibility issue, however it had been determined that the issue stems far beyond one change to ISO and memstick image creation tooling. At present, it had been observed that r342283, produces a non-reproducible "hybrid.img" file which contains the PMBR, GPT, and boot code, which is written to the System Area of an ISO. However, it also had been observed that this is one of many reproducibility issues. Steps to recreate a test case are: # make -C /usr/src buildworld buildkernel # make -C /usr/src/release bootonly.iso # mv /usr/obj/usr/src/amd64.amd64/release/bootonly.iso \ /usr/ojb/usr/src/amd64.amd64/release/bootonly.1.iso # make -C /usr/src/release bootonly.iso # mv /usr/obj/usr/src/amd64.amd64/release/bootonly.iso \ /usr/obj/usr/src/amd64.amd64/release/bootonly.2.iso Verifying the SHA512 checksums on bootonly.1.iso and bootonly.2.iso show: # sha512 /usr/ojb/usr/src/amd64.amd64/release/bootonly.?.iso SHA512 (bootonly.1.iso) = 6e585f46d36672a7d77d78b57cef8bb6f41d932a24b9d860274da228bdc55358be11f5896644eb9ca141cbb2192e25ffa10e0cb416c19ba06d94b8d16386c1e2 SHA512 (bootonly.2.iso) = 16bdafff5a6ec60448c77ba4ede5fae17e9288791a03fcc69acae4b572a88bab26c4f41b60a318cc71a09b1ab8b9b4ddee5cc09821e0475d0322bca861534899 Using the diffoscope utility provided by sysutils/py-diffoscope and isoinfo included by sysutils/cdrtools, differences in file/directory access (atime), modification (mtime), and creation (ctime) times are observed. Example ISOs are available at: https://people.freebsd.org/~gjb/repro/bootonly.1.iso https://people.freebsd.org/~gjb/repro/bootonly.2.iso An example report produced with the diffoscope utility can be found at: https://people.freebsd.org/~gjb/repro/diffoscope.html