Differences between revisions 13 and 14
Revision 13 as of 2016-04-28 18:41:18
Size: 3238
Editor: ?EduardSanou
Comment: update gcc patch status :)
Revision 14 as of 2016-05-09 19:27:19
Size: 1046
Editor: Infinity0
Comment: update for GCC S_D_E patch
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:
Line 4: Line 5:
Usage of these macros must simply be removed in order to builds reproducible. Now that GCC has [[https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=e3e8c48c4a494d9da741c1c8ea6c4c0b7c4ff934|accepted]] our patch to support [[SOURCE_DATE_EPOCH|ReproducibleBuilds/TimestampsProposal]], `__DATE__` and `__TIME__` will instead use that deterministic value, and package maintainers shouldn't need to do anything extra to make their builds reproducible.
Line 6: Line 7:
[[https://reproducible.debian.net/userContent/issues/timestamps_from_cpp_macros_issue.html|Known affected packages]] We missed out `__TIMESTAMP__` by mistake, but we will probably send in another patch to GCC to fix that.
Line 8: Line 9:
= Detection =

With the [[ReproducibleBuilds/ExperimentalToolchain|experimental toolchain]], packages properly using `dpkg-buildflags` will fail to build. [[attachment:ucarp_1.5.2-2.rbuild.log|Example build log]].

For those who don't, the `Build Id` will be different. [[attachment:libuninum_2.7-1.1.debbindiff.html|Example debbindiff output]].

According to [[http://codesearch.debian.net/search?q=__%28DATE%7cTIME%7cTIMESTAMP%29__|CodeSearch]], there's quite a few packages using these macros.

= Solution =

The preliminary step is to [[Hardening#dpkg-buildflags|add support for dpkg-buildflags]] if it's not there already.

Remove usage of these macros. [[https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;filename=0001-Stop-displaying-time-of-build-in-online-help.patch;att=1;bug=774342|Example patch]].

Sometimes it may not be desirable to remove the macros from the source code: it may break something or the maintainer may not want it. In that case, a suggested approach is to create a define that can replace `__DATE__` and `__TIME__` if it is set externally (with the desired date), and set it to the latest debian/changelog entry. [[https://bugs.debian.org/cgi-bin/bugreport.cgi?filename=analog.diff.txt;att=1;msg=15;bug=788752|Example patch]].

As a general solution, following the proposed [[ReproducibleBuilds/TimestampsProposal|timestamp standard]] environment variable SOURCE_DATE_EPOCH that would be set by debhelper during the build with the last debian/changelog timestamp, a patch to GCC has been sent supporting this feature; the macros `__DATE__` and `__TIME__` would be replaced by the date/time provided by SOURCE_DATE_EPOCH in case the env var is set. [[https://gcc.gnu.org/ml/gcc-patches/2015-06/msg02210.html|gcc-patches mailing list thread, first attempt]], [[https://gcc.gnu.org/ml/gcc-patches/2015-11/msg01890.html|gcc-patches mailing list thread, second attempt (1)]], [[https://gcc.gnu.org/ml/gcc-patches/2015-12/msg01402.html|gcc-patches mailing list thread, second attempt (2)]], [[https://gcc.gnu.org/ml/gcc-patches/2016-04/msg00838.html|gcc-patches mailing list thread, third attempt]].

The GCC patch has finally been accepted and [[https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=e3e8c48c4a494d9da741c1c8ea6c4c0b7c4ff934|commited into trunk (GCC 7)]].

= Prevention =

`gcc-4.9` [[https://gcc.gnu.org/gcc-4.9/changes.html#languages|introduced]] a new warning `-Wdate-time` which will warn when they are used. This is on by default since [[https://tracker.debian.org/news/736046|dpkg 1.18.4 (2015-12-25 in Unstable]].

dpkg-buildflags from dpkg 1.17.14 or later passes `-Wdate-time` to debian/rules when `DEB_BUILD_MAINT_OPTIONS=reproducible=+timeless` is set. [[https://bugs.debian.org/805872|Old tracking ticket.]]
[[https://reproducible.debian.net/userContent/issues/timestamps_from_cpp_macros_issue.html|Known affected packages]] - this should soon drop in number as we rebuild things with the newer GCC. However there are still some packages using `__TIMESTAMP__` - see [[https://codesearch.debian.net/results/__TIMESTAMP__]].

__DATE__, __TIME__ and __TIMESTAMP are part of the standard predefined macros of the C pre-processor.

Now that GCC has accepted our patch to support ?ReproducibleBuilds/TimestampsProposal, __DATE__ and __TIME__ will instead use that deterministic value, and package maintainers shouldn't need to do anything extra to make their builds reproducible.

We missed out __TIMESTAMP__ by mistake, but we will probably send in another patch to GCC to fix that.

Known affected packages - this should soon drop in number as we rebuild things with the newer GCC. However there are still some packages using __TIMESTAMP__ - see https://codesearch.debian.net/results/__TIMESTAMP__.