From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Mark H Weaver Newsgroups: gmane.lisp.guile.devel,gmane.comp.gnu.lightning.general Subject: Re: Bug free programs Date: Wed, 17 Sep 2014 13:29:34 -0400 Message-ID: <87a95yp341.fsf@yeeloong.lan> References: <20140917005748.8CXVB.21497.root@cdptpa-web03> <8738brsz82.fsf@yeeloong.lan> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1410975113 15570 80.91.229.3 (17 Sep 2014 17:31:53 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 17 Sep 2014 17:31:53 +0000 (UTC) Cc: lightning , guile-devel To: Ian Grant Original-X-From: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Wed Sep 17 19:31:47 2014 Return-path: Envelope-to: guile-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XUJ51-0000YY-GV for guile-devel@m.gmane.org; Wed, 17 Sep 2014 19:31:47 +0200 Original-Received: from localhost ([::1]:46506 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XUJ50-0003u5-S8 for guile-devel@m.gmane.org; Wed, 17 Sep 2014 13:31:46 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:58871) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XUJ4t-0003ty-RM for guile-devel@gnu.org; Wed, 17 Sep 2014 13:31:45 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XUJ4j-0000PU-Kd for guile-devel@gnu.org; Wed, 17 Sep 2014 13:31:39 -0400 Original-Received: from world.peace.net ([96.39.62.75]:46782) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XUJ4j-0000P6-G9; Wed, 17 Sep 2014 13:31:29 -0400 Original-Received: from c-24-62-95-23.hsd1.ma.comcast.net ([24.62.95.23] helo=yeeloong.lan) by world.peace.net with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1XUJ4X-0001hJ-KR; Wed, 17 Sep 2014 13:31:17 -0400 In-Reply-To: (Ian Grant's message of "Wed, 17 Sep 2014 09:35:02 -0400") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 96.39.62.75 X-BeenThere: guile-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Developers list for Guile, the GNU extensibility library" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Original-Sender: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.lisp.guile.devel:17471 gmane.comp.gnu.lightning.general:590 Archived-At: Hi Ian, I'm going to try to ignore your gratutious and unfounded insults, because I agree that the problem you are trying to solve is an important one, and believe it or not, you'd be hard pressed to find anyone else in the GNU project who worries about this issue as much as I do. For example, on an internal GNU mailing list, I complained when GCC switched to using C++ because it vastly increases the complexity of the simplest compiler that's able to bootstrap it. The reason is that for a few years now, I've very seriously considered dedicating myself to developing a bootstrap procedure that starts with raw machine code running on bare metal and ends with a working GNU toolchain. I've also considered more practical approaches such as: lock a (preferably older) computer inside a Faraday cage to prevent communication with the outside world, thus limiting the intelligence that any Thompson virus can have, while I write a very simple and novel C compiler that's capable of bootstrapping GCC and the rest of the toolchain, and then printing the result to paper in a form that can be scanned reliably -- a task I have some experience with, since I led the development of the scannable PGP source code books that allowed PGP to be legally exported from the US fo the first time, along with the tools needed to convert the paper books back into electronic form with modest effort. Ian Grant writes: > On Tue, Sep 16, 2014 at 11:27 PM, Mark H Weaver > wrote: > > Ian Grant writes: > > Are you suggesting that we compile our Scheme code to C, include > that > in our distribution, and then users would start by compiling that > (non-source) C code? If so, I'm surprised to hear you suggest > that, > given your concern over Thompson viruses (which I share, > incidentally). > A Thompson virus could be hiding in this intermediate C code that > would > be very hard to audit. > > Tell me, how did you compile your OS kernel and your glibc, ld.so, ld, > as and gcc binaries? Yes, that's a very serious problem, but I don't want to make the problem worse by adding yet another pile of intermediate C code that must be taken on faith to be free of Thompson viruses. > I, for one, am very glad that unlike many self-hosting compilers, > Guile > is bootstrapped entirely from source code, with just one > exception: > psyntax-pp.scm is generated from psyntax.scm, but it's fairly > close to > the source code and quite readable. Incidentally, I put a great > deal of > effort into making sure it was readable. > > I can assure you that Guile is most certainly not bootstrapped > entirely from source code. If you had understood any of the discussion > about the problem you would know that there is not one single line of > GNU source that has ever been bootstrapped from source code. I understand that just fine. It's obvious that to compile Guile, you first need a C toolchain. That's a separate problem, and indeed a very serious one. > > See the thunder.pdf I sent when I first proposed this idea: > > > > > http://lists.gnu.org/archive/html/guile-devel/2014-08/msg00064.html > > If you want me to read it, can you please email it as plain text? > > No: because If you can't read a PDF then you can't read _any_ of the > research papers you need to be able to read in order to stand the > slightest chance of doing a decent job of developing any kind of > software at all. Wow. Did you try telling that to RMS, who made the same suggestion? I read plenty of PDFs. They are inconvenient, but I suffer that inconvenience on a regular basis, when I have reason to believe that I might learn something new from them. So far, not a single person has recommended your paper to me except you, nor have I learned anything I didn't already know from the emails you've written, at least not from the prefixes of those emails that I've read before losing interest. I'm not saying that you don't have something to teach me. Maybe you do, but if so, you must learn the art of capturing the interest of your readers long enough to convince them that they should continue reading. At present, you're in the position of having to convince me that you're ideas are worth studying, not the other way around, and I suspect I'm not alone. It would help to tell me something I didn't already know, in ASCII, as concisely as possible. Mark