The checksum of the read byte-stream does not match the expected checksum

phynias · January 8, 2026, 10:15pm

I am trying to do an OS update (not delta) and for some reason can not get it to work. It complains about the checksum mismatch, but I can not figure out where it is getting the ‘calculated’ output from.

# mender-update install /mnt/revel-disk-v0.0.8-20260108.1146-x86_64-mender.mender
Installing artifact...
record_id=1 severity=info time="2026-Jan-08 22:10:42.331851" name="Global" msg="Sending SIGTERM to PID 7791"
record_id=2 severity=info time="2026-Jan-08 22:10:42.332037" name="Global" msg="PID 7791 exited with status 15"
record_id=3 severity=error time="2026-Jan-08 22:10:42.332066" name="Global" msg="Streaming failed: Shasum mismatch error: The checksum of the read byte-stream does not match the expected checksum, (expected): fcf616db0573d3540b7bb73bf1f39ed32004c1bceb64bd61b53fcec9b35ea6b6 (calculated): e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
record_id=4 severity=error time="2026-Jan-08 22:10:42.339857" name="Global" msg="Shasum mismatch error: The checksum of the read byte-stream does not match the expected checksum, (expected): fcf616db0573d3540b7bb73bf1f39ed32004c1bceb64bd61b53fcec9b35ea6b6 (calculated): e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
Streaming failed.
System not modified.
Could not fulfill request: Shasum mismatch error: The checksum of the read byte-stream does not match the expected checksum, (expected): fcf616db0573d3540b7bb73bf1f39ed32004c1bceb64bd61b53fcec9b35ea6b6 (calculated): e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

I took the artifact and dumped the contents to check everything:

fcf616db0573d3540b7bb73bf1f39ed32004c1bceb64bd61b53fcec9b35ea6b6  data/0000/rootfs.img
509fb823a0cfb31f3b0bec6669abdaa78dc7788dd156f672d6502ad5e743f386  header.tar.gz
96bcd965947569404798bcbdb614f103db5a004eb6e364cfc162c146890ea35b  version

# sha256sum data/rootfs.img
fcf616db0573d3540b7bb73bf1f39ed32004c1bceb64bd61b53fcec9b35ea6b6  data/rootfs.img

# sha256sum header.tar.gz
509fb823a0cfb31f3b0bec6669abdaa78dc7788dd156f672d6502ad5e743f386  header.tar.gz

# sha256sum version
96bcd965947569404798bcbdb614f103db5a004eb6e364cfc162c146890ea35b  version

This all shows the rootfs and everything else with the correct sha.

I just have no idea how it is calculating the incorrect e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

phynias · January 9, 2026, 3:45am

just a follow up. we figured out that the calculated sha is of an empty string…

# echo -n "" | sha256sum
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  -

so no idea why mender is taking my artifact and sha nothing.

as shown above when i expand the artifact it has files and the files all look good.

TheYoctoJester · January 9, 2026, 1:21pm

Hi @phynias,

Thanks for reaching out! Yes the payload obviously should not be empty, or considered to be empty. The first obvious questions would be:

which versions of the Mender Client and mender-artifact tools are you using?
how did the artifact get created? Through a Yocto or mender-convert process, or manually? If so, how?
mender-artifact read should be able to give details about the artifact, can you post its output?

Greetz,
Josef

phynias · January 12, 2026, 7:14pm

the version of mender-client that is installed by mender-convert looks like package version 5.1.0 of mender-client4, but the –version of mender-auth and mender-update are 2cae2f4b

artifact is created by installing ubuntu onto a proxmox vm, running ansible against it and then taking the proxmox img and converting it to raw then running mender-convert against it. this provides me with a img.gz that i throw into pxe and can install and boot fine.

mender-artifact version tried. 3.9 and 4.2

mender-artifact read:

Reading Artifact...
.............................................................. - 100 %
Mender artifact:
  Name: v0.0.13
  Format: mender
  Version: 3
  Signature: no signature
  Compatible devices: '[x86_64]'
  Provides group:
  Depends on one of artifact(s): []
  Depends on one of group(s): []
  State scripts:

Updates:
    0:
    Type:   rootfs-image
    Provides:
	rootfs-image.checksum: 6fd522a985bcc17542a270cd26217e7bff78f50fdd8ccd135194cb6a1019bfb3
	rootfs-image.version: v0.0.13
    Depends: Nothing
    Clears Provides: ["artifact_group", "rootfs_image_checksum", "rootfs-image.*"]
    Metadata: Nothing
    Files:
      name:     rootfs.img
      size:     12951595008
      modified: 2026-01-12 19:00:24 +0000 UTC
      checksum: 6fd522a985bcc17542a270cd26217e7bff78f50fdd8ccd135194cb6a1019bfb3

phynias · January 12, 2026, 8:10pm

I also decided to create an artifact with MENDER_ARTIFACT_COMPRESSION=none and the error changed to this:

Installing artifact…
record_id=1 severity=error time=“2026-Jan-12 20:08:37.766869” name=“Global” msg=“Failed to initialize the Archive handle: Failed to read from the archive stream: ‘Unrecognized archive format’ error code: 84”
record_id=2 severity=info time=“2026-Jan-12 20:08:37.801552” name=“Global” msg=“Sending SIGTERM to PID 341661”
record_id=3 severity=info time=“2026-Jan-12 20:08:37.801695” name=“Global” msg=“PID 341661 exited with status 15”
record_id=4 severity=error time=“2026-Jan-12 20:08:37.801774” name=“Global” msg=“Streaming failed: Parse error: archive_read_next failed in LibArchive. Error code: -30 Error message: Unrecognized archive format”
record_id=5 severity=error time=“2026-Jan-12 20:08:37.810241” name=“Global” msg=“Parse error: archive_read_next failed in LibArchive. Error code: -30 Error message: Unrecognized archive format”
Streaming failed.
System not modified.
Could not fulfill request: Parse error: archive_read_next failed in LibArchive. Error code: -30 Error message: Unrecognized archive format

Reading Artifact...
.............................................................. - 100 %
Mender Artifact:
  Name: v0.0.13
  Format: mender
  Version: 3
  Signature: no signature
  Compatible devices: [x86_64]
  Provides group:
  Depends on one of artifact(s): []
  Depends on one of group(s): []
  State scripts: []

Updates:
  - Type: rootfs-image
    Provides:
      rootfs-image.checksum: 4dccd622fef069435729dfe9341b6fdb1f68350d7e5c2fcae222f1e9cb456a66
      rootfs-image.version: v0.0.13
    Depends: {}
    Clears Provides: [artifact_group, rootfs_image_checksum, rootfs-image.*]
    Metadata: {}
    Files:
      - checksum: 4dccd622fef069435729dfe9341b6fdb1f68350d7e5c2fcae222f1e9cb456a66
        modified: 2026-01-12 20:00:56 +0000 UTC
        name: rootfs.img
        size: 12951595008

phynias · January 12, 2026, 10:31pm

another small update. i took the rootfs from the .mender and i dd it to the rootfsb on the machine and then set

sudo grub-editenv /boot/grub/grubenv set mender_boot_part=3
sudo grub-editenv /boot/grub/grubenv set mender_boot_part_hex=3

and rebooted and it booted fine into the new part.

Topic		Replies	Views
Mender declining artifact from file system, accepting from http General Discussions	4	447	May 25, 2022
Delta updates checksum mismatch General Discussions tegra , xavier	9	1361	March 17, 2021
Invalid Checksum while uploading artifact General Discussions mender-artifact , hosted-mender	4	614	August 23, 2022
Race Condition verifying header.tar.gz in manifest with single-file update General Discussions	7	496	October 25, 2021
Delta apply fail with "xdelta3: target window checksum mismatch: XD3_INVALID_INPUT" General Discussions	14	11801	June 26, 2020

The checksum of the read byte-stream does not match the expected checksum

Related topics