Hi! We are working in Debian —and I know other free software projects care— in providing our users with a way to reproduce bit-for-bit identical binary packages from the source and build environment. See <https://wiki.debian.org/ReproducibleBuilds/About> for some rationale and further explanations.
In order to do this, we need to make the build processes deterministic. As you can imagine, gcc is quite involved in producing Debian packages. One issue we encounter in many packages that fail to build reproducibly is the use of the __DATE__, __TIME__ C macros [1], right now we have 456 affected packages that would need patching (either removing the macros, or passing a known date externally). A solution for toolchain packages that embed timestamps during the build process has been proposed for anyone interested and it consists of the following: The build environment can export an environment variable called SOURCE_DATE_EPOCH with a known timestamp in Unix epoch format (In our case, we use the last date of the package's debian changelog). The toolchain package running during the build can check if the exported variable is set and if so, instead of embedding the local date/time, embed the date/time from SOURCE_DATE_EPOCH. It would be very beneficial to our project (and other free software projects working on reproducible builds) if gcc supported this feature. I'm attaching a patch for gcc-5.1.0 that enables this feature: it modifies the behavior of the macros __DATE__ and __TIME__ when SOURCE_DATE_EPOCH is exported. What do you think? Any suggestions or other ideas that help getting reproducible builds are welcomed. I'm willing to extend the documentation if the patch feels appropriate. Thanks for your attention! [1] https://wiki.debian.org/ReproducibleBuilds/TimestampsFromCPPMacros Best regards, Dhole
diff --git a/libcpp/macro.c b/libcpp/macro.c
index 1e0a0b5..a52e3cb 100644
--- a/libcpp/macro.c
+++ b/libcpp/macro.c
@@ -349,14 +349,38 @@ _cpp_builtin_macro_text (cpp_reader *pfile, cpp_hashnode
*node)
slow on some systems. */
time_t tt;
struct tm *tb = NULL;
+ char *source_date_epoch;
- /* (time_t) -1 is a legitimate value for "number of seconds
- since the Epoch", so we have to do a little dance to
- distinguish that from a genuine error. */
- errno = 0;
- tt = time(NULL);
- if (tt != (time_t)-1 || errno == 0)
- tb = localtime (&tt);
+ /* Allow the date and time to be set externally by an exported
+ environment variable to enable reproducible builds. */
+ source_date_epoch = getenv ("SOURCE_DATE_EPOCH");
+ if (source_date_epoch)
+ {
+ errno = 0;
+ tt = (time_t) strtol (source_date_epoch, NULL, 10);
+ if (errno == 0)
+ {
+ tb = gmtime (&tt);
+ if (tb == NULL)
+ cpp_error (pfile, CPP_DL_ERROR,
+ "SOURCE_DATE_EPOCH=\"%s\" is not a valid date",
+ source_date_epoch);
+ }
+ else
+ cpp_error (pfile, CPP_DL_ERROR,
+ "SOURCE_DATE_EPOCH=\"%s\" is not a valid number",
+ source_date_epoch);
+ }
+ else
+ {
+ /* (time_t) -1 is a legitimate value for "number of seconds
+ since the Epoch", so we have to do a little dance to
+ distinguish that from a genuine error. */
+ errno = 0;
+ tt = time(NULL);
+ if (tt != (time_t)-1 || errno == 0)
+ tb = localtime (&tt);
+ }
if (tb)
{
signature.asc
Description: OpenPGP digital signature
