Make __DATE__/__TIME__ deterministic when NIX_ENFORCE_PURITY=1

[rht]

Extracted from 3dba999.

See #2281. This is the gcc stuff in the list made by @Ekleog in #2281 (comment), excluding the PGO commit.

Motivation for this change

Things done

• Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
• Built on platform(s)
  • NixOS
  • macOS
  • other Linux distributions
• Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
• Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
• Tested execution of all binary files (usually in ./result/bin/)
• Determined the impact on package closure size (by running nix path-info -S before and after)
• Assured whether relevant documentation is up to date
• Fits CONTRIBUTING.md.

---

[Mic92]

Did you mean?

Suggested change

	extraAfter=(-D__DATE__=\"???-??-????\"
	extraAfter=(-D__DATE__=\"??-??-????\"

[Mic92]

Do you know what debian is doing here?

[rht]

It appears that there has been a patch to gcc (since 2016) to allow using SOURCE_DATE_EPOCH https://wiki.debian.org/ReproducibleBuilds/TimestampsFromCPPMacros.

[rht]

Some packages (e.g. pycrypto) do already have SOURCE_DATE_EPOCH defined, though it would be preferable to do this globally.

[rht]

There is

nixpkgs/pkgs/stdenv/generic/setup.sh

Lines 244 to 249 in 33b9aa4

	# Set a fallback default value for SOURCE_DATE_EPOCH, used by some
	# build tools to provide a deterministic substitute for the "current"
	# time. Note that 1 = 1970-01-01 00:00:01. We don't use 0 because it
	# confuses some applications.
	export SOURCE_DATE_EPOCH
	: ${SOURCE_DATE_EPOCH:=1}

, but not used by all packages built with gcc.

[Mic92]

But why we need these macros then, when the environment variable is already exported?

[Mic92]

If a packages ignores environment variables, we are likely detecting this because cc wrapper will also not find libraries and headers.

[rht]

I suppose since the SOURCE_DATE_EPOCH is only supported for gcc >=7.x, but not so for earlier versions, and so I have to modify it to be enabled only for early gcc's.

[Mic92]

mhm. Can this hit us somewhere else?

[edolstra]

I don't think setting an invalid date is the right thing to do. We should use SOURCE_DATE_EPOCH (which stdenv already sets anyway, see pkgs/build-support/setup-hooks/set-source-date-epoch-to-latest.sh) instead.

[rht]

SOURCE_DATE_EPOCH applies only for gcc >= 7, what about the early versions?

[rht]

Wait, the early versions have already been patched as well, so this fix is obsolete:

pkgs/development/compilers/gcc/5/default.nix
56:      [ ../use-source-date-epoch.patch ]

pkgs/development/compilers/gcc/4.9/default.nix
58:      [ ../use-source-date-epoch.patch ../parallel-bconfig.patch ./parallel-strsignal.patch ]

pkgs/development/compilers/gcc/6/default.nix
56:      [ ../use-source-date-epoch.patch ]

[Ekleog]

@rht I have updated my comment to reflect your investigation in this PR, thank you :)