GNU Mes rebuild is definitely an application of DDC!

Vagrant Cascadian vagrant at
Mon Oct 12 23:28:17 UTC 2020

On 2020-10-12, David A. Wheeler wrote:
> In the discussion today I was pointed to this awesome post about
> creating a reproducible bootstrap of the GNU Mes C compiler:
> I was asked if this counted as an application of Diverse
> Double-Compiling (DDC). Unless I’m grossly misunderstanding something,
> that is *definitely* an application of DDC! Different compilers are
> being used with the same source code in a special way to verify that
> the results are bit-for-bit identical. That’s what DDC is all
> about.


> The compilers being used in the DDC process aren’t as diverse
> as one might like, so there are limits to the result (as discussed in
> section 6 of my dissertation).


> But that’s definitely the real deal. In fact, it shows how DDC &
> reproducible builds can work together to provide a very strong
> countermeasure against the trusting trust attack & other kinds of
> maliciously subverted executables.


> I wrote a summary explaining it here:

That sums it up very nicely, thanks!

> If I missed anything, or if anything is wrong, let me know.

Some minor typos:

  s/GNU MeS/GNU Mes/
  s/distributions GNU Guix, Nix and Debian)/distributions (GNU Guix, Nix and Debian)/

> But I think it’s worth noting that this really is an application of
> DDC to gain confidence in a reproducible bootstrap.


Thanks for following up and the good conversation on IRC.

Now we need to step up our compiler diversity and OS diversity for for
future tests!

live well,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the rb-general mailing list