Random data will make builds unreproducible and must be avoided.
If random-like input is required, the solution is to use a predetermined value to seed a pseudo-random number generator. This value can be read from some file, a changelog or the version control system.
When Link-Time Optimizations are turned on, GCC users will write random
identifiers to binary objects they create. Using
-frandom-seed can be used for
this particular case. As it will hash arbitrary data, passing the file name
should work in most cases.
Some compilation tools will write intermediate temporary files. This might lead
to reproducibility issues if paths get embedded in the final output. There’s no
general solutions for such cases, better fix the code directly. One way is to
.file assembler directive like it has been done in
Achieve deterministic builds
- Deterministic build systems
- Volatile inputs can disappear
- Stable order for inputs
- Value initialization
- Version information
- Archive metadata
- Stable order for outputs
- Build path
- System images
Define a build environment
- What's in a build environment?
- Recording the build environment
- Definition strategies
- Proprietary operating systems
Distribute the environment
Follow us on Twitter @ReproBuilds, Mastodon @firstname.lastname@example.org & Reddit and please consider making a donation. • Content licensed under CC BY-SA 4.0, style licensed under MIT. Templates and styles based on the Tor Styleguide. Logos and trademarks belong to their respective owners. • Patches welcome via our Git repository (instructions) or via our mailing list. • Full contact info