Commit Graph

2877 Commits

Author SHA1 Message Date
Sergei Trofimovich
075597b340 stdenv: don't discard string context from ContentAddressed derivations
Without the change build for packages that use `disallowedReferences`
fails in `contentAddressedByDefault = true` mode:

    $ nix build -f. ruby_3_1 --arg config '{ contentAddressedByDefault = true; }'
    ...
    error: derivation contains an illegal reference specifier '/0j3hif3ni7zl5zhlzzr5q2q23z66136mnzp75pyiqp5c72q14im2'
    error: 1 dependencies of derivation '/nix/store/39ji7qp225pxvrm8cgvzmyjqsyis2n0h-ruby-3.1.2.drv' failed to build

Original intent of https://github.com/NixOS/nixpkgs/pull/211783 was to
avoid pulling in actual derivation for reference scanning purposes.

Unfortunately CA derivations's outputPath are placeholders until they
are instantiated.

Let's restore string context for CA derivations for now.
2024-11-25 20:12:19 +00:00
Randy Eckenrode
484eca6cec
llvmPackages.llvm-manpages: fix eval on Darwin
Darwin prevents curl from being used in the Darwin bootstrap. The man
pages are built for darwin.binutils-unwrapped, but overrides are applied
only there, leaving plain llvmPackages.llvm-manpages broken.

The fix is to move the override to the llvmPackages package set.
2024-11-20 18:27:53 -05:00
Audrey Dutcher
2ca435a540 freebsd stdenv: be more principled about portioning out bootstrap libraries 2024-11-17 09:36:15 -07:00
github-actions[bot]
b4d4509dd5
Merge master into staging-next 2024-11-12 12:06:14 +00:00
Jörg Thalheim
a70c75fb77
pkgs/stdenv/freebsd: update x86_64-unknown-freebsd bootstrap-files (#353692) 2024-11-12 08:53:51 +01:00
github-actions[bot]
3533282a88
Merge master into staging-next 2024-11-07 20:49:24 +00:00
Emily
38835c8256 stdenv/darwin: add darwin.{libutil,copyfile} to SDK packages 2024-11-07 19:08:52 +00:00
Emily
ad625dd172 stdenv/darwin: fix SDK overlays for macOS SDK < 11
Quite impressive that this worked up until now.

Co-authored-by: Lily Foster <lily@lily.flowers>
2024-11-07 17:58:57 +00:00
Reno Dakota
52bf1163fa
treewide: use getLib when accessing clang / libclang / stdenv.cc.cc
In preparation to eliminate the lib output for the unwrapped clang, use
`lib.getLib` to access the `lib` output.
2024-11-07 10:27:41 +00:00
Jörg Thalheim
0a4aaa9d9a pkgs/stdenv/freebsd: update x86_64-unknown-freebsd bootstrap-files
sha256sum of files to be uploaded:

$ sha256sum /nix/store/yy36y5s9i4wl768imwfn112sb7w3pyk8-build/on-server/*
a072dd769596c1efe2c58b9fde141f986ac6ba2c45dfe1bc1c29be07b8370b36  /nix/store/yy36y5s9i4wl768imwfn112sb7w3pyk8-build/on-server/bootstrap-tools.tar.xz
71ff3ba54f0741355948f403db95f2c54ae3b69dd39f991fdad17ae5ab623a77  /nix/store/yy36y5s9i4wl768imwfn112sb7w3pyk8-build/on-server/unpack.nar.xz

Suggested commands to upload files to 'tarballs.nixos.org':

    $ nix-store --realize /nix/store/yy36y5s9i4wl768imwfn112sb7w3pyk8-build
    $ aws s3 cp --recursive --acl public-read /nix/store/yy36y5s9i4wl768imwfn112sb7w3pyk8-build/on-server/ s3://nixpkgs-tarballs/stdenv/x86_64-unknown-freebsd/b92edf1104c47016385e85c87c2d953cf5cd2f98
    $ aws s3 cp --recursive s3://nixpkgs-tarballs/stdenv/x86_64-unknown-freebsd/b92edf1104c47016385e85c87c2d953cf5cd2f98 ./
    $ sha256sum bootstrap-tools.tar.xz unpack.nar.xz
    $ sha256sum /nix/store/yy36y5s9i4wl768imwfn112sb7w3pyk8-build/on-server/*
2024-11-04 20:24:05 +01:00
github-actions[bot]
fe71abdc48
Merge staging-next into staging 2024-11-04 12:06:38 +00:00
Guillaume Girol
ad751c9e58 pkgs/stdenv/linux: update armv7l-unknown-linux-gnueabihf bootstrap-files
sha256sum of files to be uploaded:

$ sha256sum /nix/store/y2xac60x8qkli271qn4dz78lzm2sqiv8-stdenv-bootstrap-tools-armv7l-unknown-linux-gnueabihf/on-server/*
1690549cc236d25e0b55db663e968658fe7e579d99a6f007d4998790ea858422  /nix/store/y2xac60x8qkli271qn4dz78lzm2sqiv8-stdenv-bootstrap-tools-armv7l-unknown-linux-gnueabihf/on-server/bootstrap-tools.tar.xz
b2e5843ed6738c28d9cbbe02a82478ad1462ffad5aad0e02e38aa10983eac637  /nix/store/y2xac60x8qkli271qn4dz78lzm2sqiv8-stdenv-bootstrap-tools-armv7l-unknown-linux-gnueabihf/on-server/busybox

Suggested commands to upload files to 'tarballs.nixos.org':

    $ nix-store --realize /nix/store/y2xac60x8qkli271qn4dz78lzm2sqiv8-stdenv-bootstrap-tools-armv7l-unknown-linux-gnueabihf
    $ aws s3 cp --recursive --acl public-read /nix/store/y2xac60x8qkli271qn4dz78lzm2sqiv8-stdenv-bootstrap-tools-armv7l-unknown-linux-gnueabihf/on-server/ s3://nixpkgs-tarballs/stdenv/armv7l-unknown-linux-gnueabihf/b92edf1104c47016385e85c87c2d953cf5cd2f98
    $ aws s3 cp --recursive s3://nixpkgs-tarballs/stdenv/armv7l-unknown-linux-gnueabihf/b92edf1104c47016385e85c87c2d953cf5cd2f98 ./
    $ sha256sum bootstrap-tools.tar.xz busybox
    $ sha256sum /nix/store/y2xac60x8qkli271qn4dz78lzm2sqiv8-stdenv-bootstrap-tools-armv7l-unknown-linux-gnueabihf/on-server/*
2024-11-03 17:15:44 +01:00
Philip Taron
a3071731e9
stdenv: fix custom hardening settings when using __structuredAttrs = true; (#353142) 2024-11-03 05:12:38 -08:00
Emily
5248318e58
darwin stdenv fixes needed for llvm_19 (#353229) 2024-11-03 03:35:11 +00:00
Reno Dakota
0fc9787683
darwin.stdenv: add file to early stdenv stages
file is part of the final stdenv and llvm_19 requires it for tests. add
file to the path to the early stage stdenv's for the upcoming switch to
llvm_19
2024-11-02 19:00:00 -07:00
Maximilian Bosch
aaeeef5b6c
stdenv: fix custom hardening settings when using __structuredAttrs = true;
Replaces / Closes #353131

A while ago `postgresql` switched to using structured attrs[1]. In the
PR it was reported that this made postgresql notably slower when
importing SQL dumps[2].

After a bit of debugging it turned out that the hardening was entirely
missing and the following combination of settings was the culprit:

    hardeningEnable = [ "pie" ];
    __structuredAttrs = true;

I.e. the combination of custom hardening settings and structured attrs.

What happened here is that internally the default and enabled hardening
flags get written into `NIX_HARDENING_ENABLE`. However, the value is a list
and the setting is not in the `env` section. This means that in the
structured-attrs case we get something like

    declare -ax NIX_HARDENING_ENABLE=([0]="bindnow" [1]="format" [2]="fortify" [3]="fortify3" [4]="pic" [5]="relro" [6]="stackprotector" [7]="strictoverflow" [8]="zerocallusedregs" [9]="pie")

i.e. an actual array rather than a string with all hardening flags being
space-separated which is what the hardening code of the cc-wrapper
expects[3].

This only happens if `hardeningEnable` or `hardeningDisable` are
explicitly set by a derivation: if none of those are set,
`NIX_HARDENING_ENABLE` won't be set by `stdenv.mkDerivation` and the
default hardening flags are configured by the setup hook of the
cc-wrapper[4].

In other words, this _only_ applies to derivations that have both custom
hardening settings _and_ `__structuredAttrs = true;`.

All values of `NIX_HARDENING_ENABLE` are well-known, so we don't have to
worry about escaping issues. Just forcing it to a string by
concatenating the list everytime solves the issue without additional
issues like eval errors when inheriting `env` from a structuredAttrs
derivation[5]. The price we're paying is a full rebuild.

[1] https://github.com/NixOS/nixpkgs/pull/294504
[2] https://github.com/NixOS/nixpkgs/pull/294504#issuecomment-2451482522
[3] cf3e5d3744/pkgs/build-support/cc-wrapper/add-hardening.sh (L9)
[4] cf3e5d3744/pkgs/build-support/cc-wrapper/setup-hook.sh (L114)
[5] 1e84a7fb95
2024-11-02 22:30:01 +01:00
Philip Taron
f2b00cb5ef
pkgs/stdenv/generic/setup.sh: lint with ShellCheck (#351849) 2024-11-01 08:52:44 -07:00
Maximilian Bosch
e125bec252
Merge: stdenv/setup: make substituteInPlace require actual files (#350216) 2024-10-30 20:49:36 +01:00
Yueh-Shun Li
34ebbd650c pkgs/stdenv/generic/setup.sh: lint with ShellCheck
The behaviour of [[ -n/-z "${FOO[@]}" ]] is unspecified.
Use [[ -n/-z "${FOO[*]-}" ]] instead
2024-10-28 22:25:30 +08:00
Emily
c5040d558c
darwin.stdenv: avoid building a second Python just for locales (#351501) 2024-10-26 19:37:05 +01:00
Randy Eckenrode
53765b0fb3
darwin.stdenv: avoid building a second Python just for locales 2024-10-26 14:28:00 -04:00
Emily
b75c70282f ld64: search standard library locations
This is basically harmless for the same reason as it is for Clang, and
lets us avoid doing wrapper hacks to fix things like the .NET build.

This reverts commit 4340a5addb.
2024-10-24 18:11:34 +01:00
Emily
514b00cf08 clang: skip the -nostdlibinc patch on Darwin 2024-10-24 17:55:27 +01:00
Linus Heckemann
9767bb9bf1 stdenv/setup: make substituteInPlace require actual files
I've often run into substituteInPlace doing nothing when I invoked it
wrong, like:

substituteInPlace --replace-fail from to file.txt

The substitute function would pass file.txt on to substituteStream,
which complain about the extraneous argument. However, if no files are
passed, substitute is never called and substituteInPlace silently does
nothing.

It would be more annoying to make substituteInPlace accept file
arguments anywhere (since it would need to understand the arguments to
substituteStream), so let's error on this incorrect usage instead.

Change-Id: Ib2daad6f49bbe516a273a35d7f2a31fc42fd053c
2024-10-21 13:13:42 +02:00
Randy Eckenrode
22885f81c5
freshBootstrapTools.bootstrapTools: update for new SDK pattern
- Drop libSystem. It’s no longer needed. The SDK can be downloaded and
  built with existing tools.
- Add jq and tapi. Adding these allows the stdenv bootstrap to stop
  special-casing stage 0.
- Update tests for updated ld64. It handles code-signing properly, so
  the signatures aren’t broken.
2024-10-11 18:40:58 -04:00
Randy Eckenrode
840a4f7771
darwin.stdenv: propagate bmake from stage 1 (for darwin.locale) 2024-10-11 17:58:38 -04:00
Randy Eckenrode
1d030c0ad7
darwin.stdenv: propagate darwin.locale as a no-CC package 2024-10-11 17:58:21 -04:00
Randy Eckenrode
092b50a92c
python3: fix stdenv bootstrap on x86_64-darwin
The bootstrap tools linker sometimes crashes when trying to link the
sqlite3 tests, which causes the bootstrap Python not to have the sqlite3
module. This causes the freezegun module to fail to build later in the
bootstrap. Using the 11.0 SDK fixes the problem.

Upstream Python supports building with a newer SDK and back-deploying,
so this change should not negatively affect users on pre-11.0 releases.
2024-10-10 16:23:09 -04:00
Randy Eckenrode
0e61488c5b
overrideSDK: update for the new SDK
Change the adapter to add the requested SDK to the target’s build
inputs. Note that only the “11.0” (i.e., 11.3) and 12.3 SDKs are
supported. This adapter is retained for compatibility. The preferred way
to override the SDK is to add it to the appropriate inputs directly.
2024-10-10 16:23:08 -04:00
Randy Eckenrode
1c26a2fabc
makeStaticDarwin: handle when env.NIX_CFLAGS_LINK is set 2024-10-10 16:23:08 -04:00
Randy Eckenrode
66fcbb94e7
makeStaticDarwin: drop darwin-portable-libSystem-hook
`${stdenv.cc.libc}/lib/libSystem.B.dylib` does not exist and not existed
for as long as I have used nixpkgs. Since `/usr/lib/libSystem.B.dylib`
is already linked via text-based stubs, continue relying on those.
2024-10-10 16:23:08 -04:00
Randy Eckenrode
b7442b9066
darwin.stdenv: provide an SDK when cross-compiling
Static can rely on the standard cross-SDK because it will be a static
SDK when building for static targets.
2024-10-10 16:23:04 -04:00
Randy Eckenrode
9c004ef367
darwin.stdenv: use xarMinimal
Using xarMinimal avoids pulling e2fsprogs and (eventually) macfuse-stubs
into the Darwin stdenv bootstrap.
2024-10-10 16:23:03 -04:00
Randy Eckenrode
76a5ef680e
darwin.stdenv: rework for the new SDK
While it would be nice if this could be split, there are too many
changes as part of the cleanup and improvements, including:

- Refactoring all propagated packages into functions that can be used to
  ensure that packages are propagated only at the expected stages;
- Using a sanity-checking merge function to ensure that packages are
  only propagated by one of the above functions;
- Reducing the number of Python builds during the bootstrap to one;
- Removing the extra sysctl stage;
- Using the LLVM bootstrap to build LLVM, clang, libc++, etc;
- Propagating llvmPackages_<version> in the final stdenv, so that
  packages needing that version specifically don’t have to rebuild it;
- Bootstrapping with the new Darwin SDK; and
- Reducing the overall number of paths build during a bootstrap by ~33%.
2024-10-10 16:23:03 -04:00
Stig Palmquist
c49774ff46
perl540: fix build in stage1, add C locale patch
- Add patch from Perl upstream fixing build if only C locale is
  available

- Change back from `perl538` to `perl` (perl540) in bootstrap-stage-1
2024-09-25 18:38:27 +02:00
Simon Hauser
8cd3989e4d
gawk: 5.2.2 -> 5.3.1
Changelog:
- https://lists.gnu.org/archive/html/info-gnu/2023-11/msg00000.html
- https://mail.gnu.org/archive/html/info-gnu/2024-09/msg00008.html
2024-09-23 19:04:39 +02:00
github-actions[bot]
7fc19ff961
Merge staging-next into staging 2024-09-20 18:05:01 +00:00
Johannes Kirschbauer
e2dd770370
Doc: clarify mkDerivation argument handling (#343247) 2024-09-20 16:01:49 +02:00
github-actions[bot]
33e2cbc61f
Merge staging-next into staging 2024-09-20 12:05:56 +00:00
Johannes Kirschbauer
f14a171413
Doc: init stdenv.mkDerivation doc-comment 2024-09-20 12:13:43 +02:00
github-actions[bot]
1c3463dc7a
Merge staging-next into staging 2024-09-16 12:06:19 +00:00
Yueh-Shun Li
30809ccecd stdenv.mkDerivation: simplify overrideAttrs with extends and toOverlay 2024-09-14 20:56:49 +08:00
Philip Taron
e630216c6b
[staging] perl: 5.38.2 -> 5.40.0 (#333286)
After discussing on Matrix in the [#staging](https://matrix.to/#/#staging:nixos.org) room, I'm merging this as-is without waiting for changes to the `enableParallelBuilding = false;` line.

There are several in-the-wings PRs (one from @emilazy) that attempt to bring load-limit, which is a more sensible accounting of the work that a derivation is doing, into Nix itself. If and when that lands, we'll be able to just set `enableParallelBuilding = true;` again, without any specific casing around the `NIX_BUILD_CORES` stdenv variable.
2024-09-12 16:22:26 -07:00
Philip Taron
05e5a56f04
auto-patchelf: refactor structuredAttrs support (#340858) 2024-09-12 15:13:20 -07:00
Wolfgang Walther
bc0395ee6f
auto-patchelf: refactor structuredAttrs support
stdenv now provides better tooling to support structuredAttrs without
depending on $__structuredAttrs itself.
2024-09-11 19:29:39 +02:00
Philip Taron
f4cd623ed3
stdenv: bump required Bash version from 4 to 5 (#340765) 2024-09-11 07:32:57 -07:00
Aleksana
cda49c202f
stdenv/freebsd: don't inherit curl from previous stage (#340913) 2024-09-11 09:12:33 +08:00
Audrey Dutcher
5da4fa1dd6 stdenv/freebsd: don't inherit curl from previous stage
This was adding dependencies on the bootstrap files for longer than
necessary.
2024-09-09 19:40:56 -07:00
Ivan Trubach
799d0c8a7d stdenv: bump required Bash version from 4 to 5
Currently stdenv requires Bash 4.x that was released in 2009. This
change bumps the required version to Bash 5.x (2019, 5 years ago).

See https://mywiki.wooledge.org/BashFAQ/061 for more details.

Using a relatively modern Bash version allows us to rely on newer
features (e.g. ${var@a}) and remove workarounds for older quirks (e.g.
https://stackoverflow.com/a/7577209, “old bash empty array problem”).
Note that many setup hooks are using features added after 4.0 version,
e.g. makeWrapper uses ${var@Q} from 4.4, but some even require >5.0,
e.g. cargoBuildHook uses ${var@U} from 5.1.
2024-09-09 15:22:11 +03:00
github-actions[bot]
90a93f92bb
Merge master into staging-next 2024-09-09 12:05:58 +00:00