Highly mystifying and extremely frustrating experience: MD5SUM changes all the time

jozmak · 10-04-2014, 08:23 PM

Quote:

Originally Posted by howzer

I couldn't put this in my first comment, but I learned this a while back from

http://www.cyberciti.biz/tips/howto-...ory-check.html

Basically, if a small portion of you ram is bad, you probably won't have problems with most tasks, but if you're working with larger files, you're more likely to hit that bad spot, and if the file is the same size as your RAM, you'd be guaranteed to hit it.

Hi howzer,

I did the memtest86 and it found no error.

I did the test you recommanded in the link. That one also came out fine: Here is the result.

Code:

mak@debian:~$ free
             total       used       free     shared    buffers     cached
Mem:       6126944    1250816    4876128      10660      43644     432764
-/+ buffers/cache:     774408    5352536
Swap:      2097148          0    2097148
mak@debian:~$ dd if=/dev/urandom bs=6126944 of=/tmp/memtest count=1050
1050+0 records in
1050+0 records out
6433291200 bytes (6.4 GB) copied, 538.335 s, 12.0 MB/s
mak@debian:~$ md5sum /tmp/memtest; md5sum /tmp/memtest; md5sum /tmp/memtest
bc214db3275d230e67ec1f29a01343d3  /tmp/memtest
bc214db3275d230e67ec1f29a01343d3  /tmp/memtest
bc214db3275d230e67ec1f29a01343d3  /tmp/memtest
mak@debian:~$

Therefore, the memory can't be the source of the problem.

bstaletic · 10-06-2014, 01:47 PM

At this point I'd assume malware is causing touble.

You eliminated storage and memory, only software is left. Backup data, format everything and make a fresh install.

jozmak · 10-06-2014, 07:58 PM

Quote:

Originally Posted by bstaletic

At this point I'd assume malware is causing touble.

You eliminated storage and memory, only software is left. Backup data, format everything and make a fresh install.

You mean reinstall all distros?

On the SSD drive I have four partitions with four linux versions installed.

On the regular harddrive I have 8 partitions with 8 linux versions installed.

I tested the md5sum on several versions - new ones and older ones - and the mulfunction happened on each one.

My most recent install is Debian jessie, I installed it 3 weeks ago the problem persists.

I also have archlinux enlightenment and lxqt on two different partitions, installed 3 months ago and the problem persists there too.

Isn't it possible that this is a BIOS related problem?

In dmesg I found a few suspicious lines. I don't know these messages have anything to do with the problem. I paste them here anyway:

Code:

[    0.000000] ACPI BIOS Warning (bug): 32/64X length mismatch in FADT/Pm1aEventBlock: 32/8 (20131218/tbfadt-603)
[    0.000000] ACPI BIOS Warning (bug): 32/64X length mismatch in FADT/Pm1aControlBlock: 16/8 (20131218/tbfadt-603)
[    0.000000] ACPI BIOS Warning (bug): 32/64X length mismatch in FADT/PmTimerBlock: 32/8 (20131218/tbfadt-603)
[    0.000000] ACPI BIOS Warning (bug): 32/64X length mismatch in FADT/Gpe0Block: 64/8 (20131218/tbfadt-603)
[    0.000000] ACPI BIOS Warning (bug): Invalid length for FADT/Pm1aEventBlock: 8, using default 32 (20131218/tbfadt-684)
[    0.000000] ACPI BIOS Warning (bug): Invalid length for FADT/Pm1aControlBlock: 8, using default 16 (20131218/tbfadt-684)
[    0.000000] ACPI BIOS Warning (bug): Invalid length for FADT/PmTimerBlock: 8, using default 32 (20131218/tbfadt-684)


[    0.000000] Your BIOS doesn't leave a aperture memory hole
[    0.000000] Please enable the IOMMU option in the BIOS setup
[    0.000000] This costs you 64 MB of RAM


[    0.859092] ACPI: [Package] has zero elements (ffff8801a7865140)
[    0.859143] ACPI: Invalid passive threshold


[    8.844641] EDAC amd64: DRAM ECC disabled.
[    8.844648] EDAC amd64: ECC disabled in the BIOS or no ECC capability, module will not load.
[    8.844648]  Either enable ECC checking or force module loading by setting 'ecc_enable_override'.
[    8.844648]  (Note that use of the override may cause unknown side effects.)

AnanthaP · 10-07-2014, 02:11 AM

I don't get it.

Usually you check the md5 sum (or other check sum) against what is attached to or sent along with the downloaded file. (The purpose is to check whether what is published for download is what you got).

As for the problem of the checksum changing, I can only assume that the dd command isn't completed. If my assumption is correct, then the post reboot checksum will be correct (matches what is on the download site).

try `sync; sync` before running the checksum command.

OK

jozmak · 10-07-2014, 12:51 PM

Quote:

Originally Posted by AnanthaP

I don't get it.

Usually you check the md5 sum (or other check sum) against what is attached to or sent along with the downloaded file. (The purpose is to check whether what is published for download is what you got).

As for the problem of the checksum changing, I can only assume that the dd command isn't completed. If my assumption is correct, then the post reboot checksum will be correct (matches what is on the download site).

try `sync; sync` before running the checksum command.

OK

AnanthaP,

The md5sum changes even if I don't copy it into a medium.

Simply rebooting the machine changes the md5sum.

bstaletic · 10-07-2014, 01:49 PM

Yes I meant to reformat everything. I know it can be tiresome, and in your case of 10+ distros it would take a day or two. Unfortunately I see no other way. As I see it the malware freely spreads among partitions so reinstalling one at a time is pointless. Good luck!

jefro · 10-07-2014, 05:16 PM

I meant that only filesystem permissions to have on that file would be read only for all or at least deny or no ability to write by your group or user.

command ls -l to show

command chmod to change.

Not sure of any good reason a md5 should/could change. It is a mechanism that is supposed to verify data.