Commit Graph

359 Commits

Author SHA1 Message Date
Vladimír Čunát
5b5843e2b2
Merge #151983: wrapper: Fortran: disable stackprotector
...hardening on darwin aarch64 (merge into staging)
2022-07-29 19:27:34 +02:00
Semion Nadezhdin
b060076e21 cc-wrapper: broaden explicit libc++abi linking for LLVM stdenv 2022-07-13 21:19:12 +03:00
Dmitry Bogatov
6eb689d490
cc-wrapper: fix typo in shell script
Noticed this bug when was trying to bootstrap m4 on darwin. That fixes

	line 163: no such file or directory error

That does not solve all problems staging has on darwin.
2022-06-17 20:25:27 -04:00
John Ericson
e23e71f9e4
Merge pull request #176152 from mmlb/cc-wrapper-allow-target-override
cc-wrapper: Allow user to override -target for clang
2022-06-15 15:09:27 -04:00
Manuel Mendez
0fdc72b7e9 cc-wrapper: Add clang specific options to clang specific file
This way gcc doesn't need to be rebuilt because of clang. This also avoids
rebuilding clang when only the wrapper needs to be tweaked.
2022-06-15 11:34:53 -04:00
Manuel Mendez
19b6ccd9ac cc-wrapper: Allow for override of -target for clang/clang++
This enables users to make use of clang's multi-platform/target support
without having to go through full cross system setup. This is especially useful
for generating bpf object files, I'm not even usre what would a no-userland
cross compile system tuple even look like to even try going that route.

Fixes #176128
2022-06-09 16:57:15 -04:00
Manuel Mendez
e91b5670e3 cc-wrapper: Use case statements instead of bunch of if/elif checks
Makes for easier to read code imo, case-in-point there was a duplicate test for
`$p = -E` before. While doing this little bit of refactor I changed rest ->
kept because that makes more sense, rest sounds like its the rest of params
while kept says these are the params that we've kept.

I tested for no change in behavior using the following bash script:

```
reset() {
	cInclude=1
	cxxInclude=1
	cxxLibrary=1
	dontLink=0
	isCxx=0
	nonFlagArgs=0
	params=()
}

parseParams() {
	declare -i n=0
	nParams=${#params[@]}
	while (("$n" < "$nParams")); do
		p=${params[n]}
		p2=${params[n + 1]:-} # handle `p` being last one

		case "$p" in
		-[cSEM] | -MM) dontLink=1 ;;
		-cc1) cc1=1 ;;
		-nostdinc) cInclude=0 cxxInclude=0 ;;
		-nostdinc++) cxxInclude=0 ;;
		-nostdlib) cxxLibrary=0 ;;
		-x)
			case "$p2" in
			*-header) dontLink=1 ;;
			c++*) isCxx=1 ;;
			esac
			;;
		-?*) ;;
		*) nonFlagArgs=1 ;; # Includes a solitary dash (`-`) which signifies standard input; it is not a flag
		esac
		n+=1
	done
}

for p in c S E M MM; do
	reset
	params=-$p
	parseParams
	[[ $dontLink != 1 ]] && echo "expected dontLink=1 for params:${params[@]}" >&2 && exit 1
done

reset
params=(-x foo-header)
parseParams
[[ $dontLink != 1 ]] && echo "expected dontLink=1 for params:${params[@]}" >&2 && exit 1

reset
params=(-x c++-foo)
parseParams
[[ $isCxx != 1 ]] && echo "expected isCxx=1 for params:${params[@]}" >&2 && exit 1

reset
params=-nostdlib
parseParams
[[ $cxxLibrary != 0 ]] && echo "expected cxxLibrary=0 for params:${params[@]}" >&2 && exit 1

reset
params=-nostdinc
parseParams
[[ $cInclude != 0 ]] && echo "expected cInclude=0 for params:${params[@]}" >&2 && exit 1
[[ $cxxInclude != 0 ]] && echo "expected cxxInclude=0 for params:${params[@]}" >&2 && exit 1

reset
params=-nostdinc++
parseParams
[[ $cxxInclude != 0 ]] && echo "expected cxxInclude=0 for params:${params[@]}" >&2 && exit 1

reset
params=-cc1
parseParams
[[ $cc1 != 1 ]] && echo "expected cc1=1 for params:${params[@]}" >&2 && exit 1

reset
params=-
parseParams
[[ $nonFlagArgs != 1 ]] && echo "expected nonFlagArgs=1 for params:${params[@]}" >&2 && exit 1

reset
params=bleh
parseParams
[[ $nonFlagArgs != 1 ]] && echo "expected nonFlagArgs=1 for params:${params[@]}" >&2 && exit 1

reset
params=-?
parseParams
[[ $nonFlagArgs != 0 ]] && echo "expected nonFlagArgs=0 for params:${params[@]}" >&2 && exit 1

exit 0
```
2022-06-09 16:57:15 -04:00
FliegendeWurst
7b185e04a9 cc-wrapper: Fortran: disable format hardening
Otherwise, these warnings are emitted:
command-line option '-Wformat=1' is valid for C/C++/ObjC/ObjC++ but not for Fortran
command-line option '-Wformat-security' is valid for C/C++/ObjC/ObjC++ but not for Fortran
'-Werror=' argument '-Werror=format-security' is not valid for Fortran

Fixes part of #27218
2022-05-26 12:29:35 +02:00
Artturin
1d44ac176c treewide: add enableParallelBuilding's to bootstrap packages so hashes stay the same
when enableParallelBuildingByDefault is enabled

verified with
`nix-diff $(nix eval ".#gcc-unwrapped.drvPath") $(nix eval --expr 'with import ./. { config = { enableParallelBuildingByDefault = true; }; }; gcc-unwrapped.drvPath' --impure)`
2022-05-25 16:03:14 +03:00
Janne Heß
c911240e9c
Revert "Add mingwW64-llvm cross-system." 2022-05-18 13:50:23 +02:00
Shea Levy
0f68ed163c
Merge branch 'mingwW64-clang' into staging 2022-05-18 06:30:21 -04:00
Shea Levy
078a07708a
libunwind: Fix build against compiler-rt-using clang 2022-05-09 10:05:47 -04:00
Shea Levy
4b503b2a58
cc-wrapper: clang doesn't support -fPIC on Windows 2022-05-06 10:54:52 -04:00
Emery Hemingway
89a0dd2414 wrapCCWith: structured argument for wrapper flags
Take a "nixSupport" argument that is an attrset of lists to append
to "$out/nix-support/${name}" where name is the name of the
attribute. This attrset is available from the passthru of the
wrapped compiler.

This is an alternative to imperatively issuing flags with
extraBuildCommands and makes it possible to append or filter
flags with an override.
2022-04-30 21:21:41 -05:00
Doron Behar
2cc754a7ba cc-wrapper: Fortran: disable stackprotector hardening on darwin aarch64 2022-04-16 11:11:26 +03:00
Sergei Trofimovich
649ebfbed6 cc-wrapper: change cflags order from cc/crt1/libc to crt1/libc/cc
In https://github.com/NixOS/nixpkgs/issues/158042 I noticed order
mismatch as a bootstrap build failure when building x86_64-linux
against glibc-2.35 in nixpkgs (bootstrap libs has glibc-2.27):

    expand-response-params> ld: /nix/store/p4s4jf7aq6v6z9iazll1aiqwb34aqxq9-bootstrap-tools/lib/crt1.o: in function `_start':
    expand-response-params> /build/glibc-2.27/csu/../sysdeps/x86_64/start.S:101: undefined reference to `__libc_csu_fini'
    expand-response-params> ld: /build/glibc-2.27/csu/../sysdeps/x86_64/start.S:102: undefined reference to `__libc_csu_init'
    expand-response-params> collect2: error: ld returned 1 exit status

Here crt1.o from glibc-2.27 links against libc.so.6 from glibc-2.35.

This happens because ordering of `-L` (influences `libc.so` lookup) and
`-B` (influences `crt1.o` lookup) flags differs:

    expand-response-params>   -B/...-bootstrap-tools/lib
    expand-response-params>   -B/...-glibc-2.35/lib/
    ...
    expand-response-params>   -L/...-glibc-2.35/lib
    expand-response-params>   -L/...-bootstrap-tools/lib

The change makes consistent ordering of `-L`/`-B` and allows getting to
stage4 for `glibc-2.35` target.
2022-02-20 10:45:45 +00:00
Moritz Angermann
14996789a1
Check link type based on expanded parameters
So far we've ignored response files in arguments, and did not
check linkType against expanded parameters.  This means if
we have `-static` in a @reponse-file, linkType will not be
set to `-static` as we never check against the expanded arguments
from response files.
2022-01-01 20:30:56 +08:00
r-burns
16728283c3
Merge pull request #135619 from r-burns/fpie-musl-fixes
[staging] {cc,binutils}-wrapper: fixes for PIE hardening
2021-09-23 17:55:08 -07:00
Ryan Burns
37d089c1af {cc,binutils}-wrapper: match leading/trailing arguments
fixes e.g.:
pkgsMusl.libfsm
pkgsMusl.libiscsi
pkgsMusl.nsjail
pkgsMusl.pv

match strings have whitespace on either side, which wasn't
matching leading/trailing arguments previously
2021-09-20 17:24:04 -07:00
Ryan Burns
bd8258a389 cc-wrapper: ensure PIE flags precede PIC flags
fixes:
pkgsMusl.bulletml
pkgsMusl.proot
pkgsMusl.python3

Debian explains this issue well in the dpkg-buildflags manpage:

-fPIE
    Can be linked into any program, but not a shared library (recommended).
-fPIC
    Can be linked into any program and shared library.

On projects that build both programs and shared libraries you might need to
make sure that when building the shared libraries -fPIC is always passed last
(so that it overrides any previous -PIE) to compilation flags such as CFLAGS.

(from https://manpages.debian.org/bullseye/dpkg-dev/dpkg-buildflags.1.en.html#hardening)
2021-09-20 11:03:42 -07:00
John Ericson
d3407f1a3b cc-wrapper: Add support for -mthumb / -marm 2021-09-17 17:12:54 +00:00
Shea Levy
9ecfbe0c5b
mingw: Disalbe FORTIFY_SOURCE by default.
In newer versions of mingw, programs compiled with FORTIFY_SOURCE need
to link to libssp or they will have link-time errors.

gmp has been broken since @pstn updated mingw-64 in c60a0b0447
2021-08-11 05:07:42 -04:00
sternenseemann
c3c4ef859a gprbuild, xmlada: init at 21.0.0
GPRbuild is a multi language build system developed by AdaCore which
is mostly used for build Ada-related projects using GNAT.

Since GPRbuild is used to build itself and its dependency library
XML/Ada we first build a bootstrap version of it using the provided
bash build script bootstrap.sh as the gprbuild-boot derivation.
gprbuild-boot is then used to build xmlada and the proper gprbuild
derivation.

GPRbuild has its own search path mechanism via GPR_PROJECT_PATH which
we address via a setupHook. It currently works quite similar to the
pkg-config one: It accumulates all inputs into GPR_PROJECT_PATH,
GPR_PROJECT_PATH_FOR_BUILD etc. However this is quite limited at the
moment as we don't have a gprbuild wrapper yet which understands the
_FOR_BUILD suffix. However, we'll need to address this in the future
as it is currently basically impossible to test since the distinction
only affects cross-compilation, but it is not possible to build a GNAT
cross-compiler in nixpkgs at the moment (I'm working on changing that,
however).

Another issue we had to solve was GPRbuild not finding the right GNAT
via its gprconfig tool: GPRbuild has a knowledge base with compiler
definitions which run some checks and collect info about binaries
which are in PATH. In the end the first compiler in PATH that supports
the desired language is selected.

We want GPRbuild to discover our wrapped GNAT since the unwrapped one
is incapable of producing working binaries since it won't find the
crt*.o objects distributed with libc. GPRbuild however needs to find
the Ada runtime distributed with GNAT which is not part of the wrapper
derivation, so it will skip the wrapper and select the unwrapped GNAT.
Symlinking the unwrapped's lib directory into the wrapper fixes this
problem, but breaks linking in some cases (e. g. when linking against
OMP from gcc, the runtime variant will shadow the problem dynamic lib
from buildInputs). Additionally it uses gnatls as an indicator it has
found GNAT which is not part of the wrapper.

The solution we opted to adopt here is to install a custom compiler
description into gprbuild's knowledge base which properly detects the
nixpkgs GNAT wrapper: It uses gnatmake to detect GNAT instead of
gnatls and discovers the runtime via a symlink we add to
`$out/nix-support`. This additional definition is enough to properly
detect GNAT, since the plain wrapped gcc detection works out of the
box. It may, however, be necessary to add special definitions for
other languages in the future where gprbuild also needs to discover
the runtime.

One future improvement would be to install libgpr into a separate
output or split it into a separate derivation (which would require to
link gprbuild statically always since otherwise we end up with a
cyclical dependency).
2021-08-03 14:58:49 +02:00
Jörg Thalheim
166948d479 cc-wrapper: don't set rpath on static-pie executables 2021-05-23 17:38:17 +00:00
John Ericson
18c38f8aee treewide: All the linker to be chosen independently
This will begin the process of breaking up the `useLLVM` monolith. That
is good in general, but I hope will be good for NetBSD and Darwin in
particular.

Co-authored-by: sterni <sternenseemann@systemli.org>
2021-05-14 21:29:51 +00:00
John Ericson
912c8262b4
Merge pull request #117591 from s1341/android_non_prebuilt
treewide: Support aarch64-android using minimal prebuilt components
2021-05-11 12:49:53 -04:00
s1341
1e1d29c2af treewide: Support aarch64-android using minimal prebuilt components
This PR adds a new aarch64 android toolchain, which leverages the
existing crossSystem infrastructure and LLVM builders to generate a
working toolchain with minimal prebuilt components.

The only thing that is prebuilt is the bionic libc. This is because it
is practically impossible to compile bionic outside of an AOSP tree. I
tried and failed, braver souls may prevail. For now I just grab the
relevant binaries from https://android.googlesource.com/.

I also grab the msm kernel sources from there to generate headers. I've
included a minor patch to the existing kernel-headers derivation in
order to expose an internal function.

Everything else, from binutils up, is using stock code. Many thanks to
@Ericson2314 for his help on this, and for building such a powerful
system in the first place!

One motivation for this is to be able to build a toolchain which will
work on an aarch64 linux machine. To my knowledge, there is no existing
toolchain for an aarch64-linux builder and an aarch64-android target.
2021-05-11 15:39:08 +00:00
Vladimír Čunát
8eabe2ecc5
Merge #115235: gcc: native aarch64-darwin support 2021-05-11 12:12:04 +02:00
Ivan Babrou
4aa95e3312 gcc: native aarch64-darwin support 2021-05-10 19:07:30 -07:00
Dmitry Kalinkin
11b744b59c
cc-wrapper.sh: make -nostdlib disable the standard C++ library, but not its includes
Should be the correct fix for #111970
2021-05-02 14:07:00 -04:00
Dmitry Kalinkin
d9bad0eae6
cc-wrapper.sh: rename variables cpp -> cxx
CPP is the C PreProcessor
CXX is C++
2021-05-02 14:03:51 -04:00
Dmitry Kalinkin
96bbe339d4
Revert "cc-wrapper: -nostdlib does not imply -nostdinc++"
This made C++ standard headers passed to be passed when C compiler is
executed, which is not a correct fix.

This reverts commit 54c7a0f422.
2021-05-02 14:00:37 -04:00
Andrew Childs
7869d16545 llvmPackages: Multuple outputs for everythting
Also begin to start work on cross compilation, though that will have to
be finished later.

The patches are based on the first version of
https://reviews.llvm.org/D99484. It's very annoying to do the
back-porting but the review has uncovered nothing super major so I'm
fine sticking with what I've got.

Beyond making the outputs work, I also strove to re-sync the packages,
as they have been drifting pointlessly apart for some time.

----

Other misc notes, highly incomplete

- lvm-config-native and llvm-config are put in `dev` because they are
  tools just for build time.

- Clang no longer has an lld dep. That was introduced in
  db29857eb3, but if clang needs help
  finding lld when it is used we should just pass it flags / put in the
  resource dir. Providing it at build time increases critical path
  length for no good reason.

----

A note on `nativeCC`:

`stdenv` takes tools from the previous stage, so:

1. `pkgsBuildBuild`: `(?1, x, x)`
2. `pkgsBuildBuild.stdenv.cc`: `(?0, ?1, x)`

while:

1. `pkgsBuildBuild`: `(?1, x, x)`
2. `pkgsBuildBuild.targetPackages`: `(x, x, ?2)`
3. `pkgsBuildBuild.targetPackages.stdenv.cc`: `(?1, x, x)`
2021-04-30 05:41:00 +00:00
Luke Granger-Brown
08b22e605b Merge remote-tracking branch 'upstream/staging-next' into down-integrate-staging 2021-04-12 18:49:01 +00:00
Andrew Childs
6c4ce7960e bintools-wrapper, cc-wrapper: parameterize darwin min version variable
These variables are the ones that the standard toolchain uses, so we
should use those and not always use MACOSX_DEPLOYMENT_TARGET.

See 236a426c12/cctools/ld64/src/ld/PlatformSupport.cpp (L54-L55)
2021-04-11 09:47:10 +09:00
Andrew Childs
2a9b3b4943 cc-wrapper, bintools-wrapper: support MACOSX_DEPLOYMENT_TARGET with roles
In a typical build environment the toolchain will use the value of the
MACOSX_DEPLOYMENT_TARGET environment variable to determine the version
of macOS to support. When cross compiling there are two distinct
toolchains, but they will look at this single environment variable. To
avoid contamination, we always set the equivalent command line flag
which effectively disables the toolchain's internal handling.

Prior to this change, the MACOSX_DEPLOYMENT_TARGET variable was
ignored, and the toolchains always used the Nix platform
definition (`darwinMinVersion`) unless overridden with command line
arguments.

This change restores support for MACOSX_DEPLOYMENT_TARGET, and adds
nix-specific MACOSX_DEPLOYMENT_TARGET_FOR_BUILD and
MACOSX_DEPLOYMENT_TARGET_FOR_TARGET for cross compilation.
2021-04-11 09:47:10 +09:00
Andrew Childs
8b59d52ca3 cc-wrapper: use legacy -mmacosx-version-min for gcc
See https://github.com/NixOS/nixpkgs/pull/105026#discussion_r587169144
2021-04-11 09:47:10 +09:00
Andrew Childs
362cb82b75 cc-wrapper: specify default -mmacos-version-min
This avoids contamination via MACSOX_DEPLOYMENT_TARGET when cross
compiling.
2021-04-11 09:47:10 +09:00
arcnmx
2f1131cff7 cc-wrapper: match useGccForLibs conditional order
This breaks an evaluation cycle between `cc` and `gccForLibs` for cross
builds, fixing an infinite recursion error.
2021-04-10 10:39:07 -07:00
Thomas Tuegel
54c7a0f422 cc-wrapper: -nostdlib does not imply -nostdinc++
The check for including the C++ standard library headers was nested inside the
check for linking with the C++ standard library. As a result, the `-nostdlib`
flag incorrectly implied `-nostdinc++`, which made it virtually impossible to
partially link C++ objects.
2021-03-20 09:26:04 +01:00
Andrew Childs
86e962a41a cc-wrapper: remove quoting of response file
Fixes build failures with clang:

    clang-7: error: unknown argument: '-fPIC                -target'
    clang-7: error: no such file or directory: '@<(printf %qn        -O2'
    clang-7: error: no such file or directory: 'x86_64-apple-darwin'

Introduced by 60c5cf9cea in #112449
2021-03-09 14:01:34 +09:00
John Ericson
6979a72840
Merge pull request #112449 from angerman/angerman/response-files
Add response file support when compiling with clang
2021-03-06 11:24:32 -05:00
Jan Tojnar
6d1958ad2d
Merge branch 'staging-next' into staging 2021-03-04 22:16:45 +01:00
s1341
aee60bef7a android_prebuilt: Fix eval 2021-03-04 18:17:39 +00:00
Andrew Childs
fc0456bed1 cc-wrapper: set -arch on darwin 2021-03-02 17:21:08 +09:00
Moritz Angermann
60c5cf9cea
Update pkgs/build-support/cc-wrapper/cc-wrapper.sh
Co-authored-by: Matthew Bauer <mjbauer95@gmail.com>
2021-02-26 10:07:27 +08:00
Walter Franzini
eabb56ac6c identify musl32 using x86_32 instead of i686 2021-02-12 21:11:16 +01:00
Walter Franzini
87e35291a5 disable stackprotector on target platform musl32 2021-02-12 11:06:29 +01:00
Moritz Angermann
11b4d6c633
responsie file logic 2021-02-09 09:46:47 +08:00
Ben Siraphob
aa8868c7cc pkgs/build-support: stdenv.lib -> lib 2021-01-24 19:07:54 -08:00