From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: How to reduce our vulnerability from self-hosted compilers
Date: Fri, 27 Feb 2015 11:49:30 +0100
Message-ID: <87r3tbsk79.fsf@gnu.org>
References: <87385s8di2.fsf@netris.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:49595)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1YRIUF-0003Qx-VI
	for guix-devel@gnu.org; Fri, 27 Feb 2015 05:49:40 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1YRIUA-0000dh-Vl
	for guix-devel@gnu.org; Fri, 27 Feb 2015 05:49:39 -0500
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:50536)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1YRIUA-0000dd-TO
	for guix-devel@gnu.org; Fri, 27 Feb 2015 05:49:34 -0500
In-Reply-To: <87385s8di2.fsf@netris.org> (Mark H. Weaver's message of "Thu, 26
	Feb 2015 18:22:13 -0500")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: Mark H Weaver <mhw@netris.org>
Cc: guix-devel@gnu.org

Mark H Weaver <mhw@netris.org> skribis:

> Instead, I would prefer to do something closer to what we do in our core
> bootstrap.  We should produce our own bootstrap binaries for each of
> these self-hosted compilers.  Like our GCC bootstrap binaries, these
> binaries should be updated very rarely.  Then, we should use our own
> bootstrap binaries to build the latest version of any self-hosted
> compiler.  In some cases, if the bootstrap binaries are too old to build
> the latest compiler, this might involve multiple steps.
>
> Just as we have recipes to produce bootstrap gcc and binutils, we should
> have recipes to build bootstrap binaries for each self-hosted compiler
> in our system.  Each time we produce an updated bootstrap compiler from
> an earlier one, it should be done with our deterministic package such
> that this update step can be independently verified by anyone who wishes
> to do so.
>
> What do you think?

It think it=E2=80=99s a good idea, but I wonder if it is generally applicab=
le.

For instance, ISTR that GHC can be built with a couple of older versions
whereas MIT Scheme may well require itself.  What exactly is possible is
not always well-documented and sometimes only known to few people.

Maybe we should try to apply it to some of the cases that we have, and
see how well that works?

Thanks,
Ludo=E2=80=99.