From mboxrd@z Thu Jan  1 00:00:00 1970
From: Chris Marusich <cmmarusich@gmail.com>
Subject: Re: Removing compilers that cannot be bootstrapped
Date: Fri, 25 Mar 2016 23:55:44 -0700
Message-ID: <87egaxbudr.fsf@gmail.com>
References: <CAJ=RwfYrKDCbPLtQz7xrm9og7zE0BpTZ+jeX=hMvEpT4LW+hUQ@mail.gmail.com>
	<87twjz4fcn.fsf@gnu.org> <87h9fyw3j8.fsf@dustycloud.org>
	<87bn64u9mc.fsf@gnu.org> <87lh58izcy.fsf@dustycloud.org>
	<20160324031126.GA22569@jasmine> <87d1qi40me.fsf@gnu.org>
	<20160326002235.GA3676@jasmine> <87io09bv2s.fsf@gmail.com>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha256; protocol="application/pgp-signature"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:47302)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <cmmarusich@gmail.com>) id 1aji8Z-0001pj-Ob
	for guix-devel@gnu.org; Sat, 26 Mar 2016 02:55:56 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <cmmarusich@gmail.com>) id 1aji8V-0004lm-Nb
	for guix-devel@gnu.org; Sat, 26 Mar 2016 02:55:55 -0400
In-Reply-To: <87io09bv2s.fsf@gmail.com> (Chris Marusich's message of "Fri, 25
	Mar 2016 23:40:43 -0700")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: Leo Famulari <leo@famulari.name>
Cc: guix-devel <guix-devel@gnu.org>

--=-=-=
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Chris Marusich <cmmarusich@gmail.com> writes:

> Leo Famulari <leo@famulari.name> writes:
>
>> `wget https://blob` doesn't count as reproducible :)
>
> Very true.
>
> Self-hosting compilers are a cute trick, but they're a far cry from
> being reproducible.  They're just inscrutable binary blobs.  If we want
> true reproducibility from the bottom up, then it seems like the only way
> to do it is via a strategy like the following:
>
> 1) Write the simplest possible program (or collection of programs) in
> the simplest possible machine code.  This program serves only one
> purpose: to enable you to write more code at a higher level of
> abstraction.  It is effectively a compiler for a very primitive
> language, but the language it compiles will be one layer of abstraction
> above machine code, which is a step in the right direction.  This first
> program must be a "binary blob", since we cannot rely on any existing
> tools to build it.  It must be simple enough that someone can read and
> understand it using e.g. a hex editor, provided that they have access to
> the right reference materials.  Since this program exists only as
> machine code, it must be documented thoroughly to make it easier to
> understand.
>
> 2) Write source code which, when compiled using the compiler/toolchain
> From the previous step, produces a new compiler/toolchain that will
> allow you to write more expressive source code at a higher layer of
> abstraction.
>
> 3) Repeat step (2) as many times as necessary to produce a compiler that
> is capable of compiling GCC from source.
>
> 4) Use the compiler from (3) to compile GCC from source.
>
> 5) Use the GCC from (4) to compile the rest of the world from source.
>
> If we want to free ourselves from reliance on inscrutable binary blobs,
> isn't something like that the only way?

Sorry for replying to my own post, but I couldn't help myself.  If
anyone thinks the above sounds too paranoid, remember the Ken Thompson
hack:

http://www.c2.com/cgi/wiki?TheKenThompsonHack

Chilling!

=2D-=20
Chris

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJW9jJyAAoJEN1AmhXYIkadkg4QAMcpvu5DE2T2fxl8yabtSe3X
H/26Hbk09GM1yh5ETsxHZzdE3kS3J19kBgvq5mEpItWDUwvg1a74O5eL9pmkfbXU
qv+N75pnw/bYlosfWi+kQKj6j8dtuyRbWlhqN43pIEFqRk3JtvsaxGOqn5Qwee8X
zqipKzP6zz8jrcZM4Xd0Qh/5WfcP25G6LqhcbsJ1DrPAyXH4LQtMaJU1Pb7CbEQu
SipTuoElUTS+Ew6ZxitljF12AcP8gEdzPvrgCSZbZwAdGxTeJFQhBV4DunPFQ5Mk
DmGe3R8sXnaPA4Wr2zzLVNBaxMZtRrerDkpiji8hGMvxbKV52qy4gkScz7yDuRNn
99Q3xn0LPcjqBR5NX1rLRKRbFAFVe9++T0RzagbPP8Or2XaF0AzrpDogZdM1io1s
jQq0Fklgr5/FZh1epJw1kImSNfMcx3GADsKLz7YmJaYsLkVteQonrfkV7fU/lvjy
lRqJzunImnSZuXrkPKPjRRWcreG4j3/2iB4Cass3VMWU89gm+3637W25Ajb7V0jO
kgOpT8aT34sRLHQFmU24SoPeVgu/8ZzTfM++RJtcjvov3dEni8/8f4qqTeephnz4
rZdSsGizqtZpchEJfZpXe2zVDPU7+UZIrFahSisy/Gh169xwVJRTNtldXMfqXC3C
zBhlyIO0n56ViugnBNIX
=Bcvn
-----END PGP SIGNATURE-----
--=-=-=--