Bug 1211765

Summary: python310 unreproducible pyc
Product: [openSUSE] openSUSE Tumbleweed Reporter: Bernhard Wiedemann <bwiedemann>
Component: OtherAssignee: Matej Cepl <mcepl>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: mcepl
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: All   
Whiteboard:
Found By: Development Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Bernhard Wiedemann 2023-05-27 10:54:58 UTC 
Steps To Reproduce:
echo "lext = {'png', 'gif', 'jpg', 'pcx', 'pnm', 'tif', 'xpm'}" > test.py
for i in $(seq 10) ; do setarch -R python3.10 -m py_compile test.py ; md5sum __pycache__/test.cpython-310.pyc ;   done|sort -u|wc -l


Expected results is like what we get with 3.11:
for i in $(seq 10) ; do setarch -R python3.11 -m py_compile test.py ; md5sum __pycache__/test.cpython-311.pyc ;   done|sort -u|wc -l
1
Comment 1 Matej Cepl 2023-05-27 11:01:02 UTC 
setarch -R is actually not required:

 $ for i in $(seq 10) ; do rm -rf __pycache__ ; python3.11 -m py_compile test.py ; md5sum __pycache__/test.cpython-311.pyc ; done |sort -u|wc -l
1
 $ for i in $(seq 10) ; do rm -rf __pycache__ ; python3.10 -m py_compile test.py ; md5sum __pycache__/test.cpython-310.pyc ; done |sort -u|wc -l
10
 $
Comment 2 Bernhard Wiedemann 2023-06-19 12:47:43 UTC 
I used git bisect to find the commit that fixed this in 3.11:

commit 33d95c6facdfda3c8c0feffa7a99184e4abc2f63
Author: Brandt Bucher <brandt@python.org>
Date:   Wed Aug 25 04:14:34 2021 -0700

    bpo-37596: Make `set` and `frozenset` marshalling deterministic (GH-27926)
Comment 3 OBSbugzilla Bot 2023-06-20 23:45:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1211765) was mentioned in
https://build.opensuse.org/request/show/1094243 Factory / python310
Comment 4 Matej Cepl 2023-06-26 14:19:12 UTC 
This is probably it. It will bubble up to SLE with next CVE fix.
Comment 7 Maintenance Automation 2023-07-19 16:30:18 UTC 
SUSE-SU-2023:2884-1: An update that solves two vulnerabilities and has one fix can now be installed.

Category: security (important)
Bug References: 1203750, 1208471, 1211765
CVE References: CVE-2007-4559, CVE-2023-24329
Sources used:
openSUSE Leap 15.5 (src): python310-3.10.12-150400.4.30.1, python310-documentation-3.10.12-150400.4.30.1, python310-core-3.10.12-150400.4.30.1
Python 3 Module 15-SP4 (src): python310-3.10.12-150400.4.30.1, python310-core-3.10.12-150400.4.30.1
openSUSE Leap 15.4 (src): python310-3.10.12-150400.4.30.1, python310-documentation-3.10.12-150400.4.30.1, python310-core-3.10.12-150400.4.30.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 OBSbugzilla Bot 2023-07-29 22:15:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1211765) was mentioned in
https://build.opensuse.org/request/show/1101338 Factory / python39
Comment 13 Maintenance Automation 2023-09-20 16:30:01 UTC 
SUSE-SU-2023:3708-1: An update that solves one vulnerability and has two security fixes can now be installed.

Category: security (important)
Bug References: 1211765, 1213463, 1214692
CVE References: CVE-2023-40217
Sources used:
openSUSE Leap 15.4 (src): python39-documentation-3.9.18-150300.4.33.1, python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
openSUSE Leap 15.5 (src): python39-documentation-3.9.18-150300.4.33.1, python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Manager Proxy 4.2 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Manager Retail Branch Server 4.2 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Manager Server 4.2 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Enterprise Storage 7.1 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.