mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-01-18 19:03:28 +00:00
3cd8ce3bce
Naive concatenation of $LD_LIBRARY_PATH can result in an empty colon-delimited segment; this tells glibc to load libraries from the current directory, which is definitely wrong, and may be a security vulnerability if the current directory is untrusted. (See #67234, for example.) Fix this throughout the tree. Signed-off-by: Anders Kaseorg <andersk@mit.edu>
178 lines
5.4 KiB
Nix
178 lines
5.4 KiB
Nix
{ stdenv
|
|
, fetch
|
|
, fetchpatch
|
|
, cmake
|
|
, python3
|
|
, libffi
|
|
, libbfd
|
|
, libxml2
|
|
, ncurses
|
|
, version
|
|
, release_version
|
|
, zlib
|
|
, debugVersion ? false
|
|
, enableManpages ? false
|
|
, enableSharedLibraries ? !enableManpages
|
|
}:
|
|
|
|
let
|
|
# Used when creating a versioned symlinks of libLLVM.dylib
|
|
versionSuffixes = with stdenv.lib;
|
|
let parts = splitVersion release_version; in
|
|
imap (i: _: concatStringsSep "." (take i parts)) parts;
|
|
in
|
|
|
|
stdenv.mkDerivation ({
|
|
pname = "llvm";
|
|
inherit version;
|
|
|
|
src = fetch "llvm" "0g1bbj2n6xv4p1n6hh17vj3vpvg56wacipc81dgwga9mg2lys8nm";
|
|
|
|
unpackPhase = ''
|
|
unpackFile $src
|
|
mv llvm-${version}* llvm
|
|
sourceRoot=$PWD/llvm
|
|
'';
|
|
|
|
outputs = [ "out" "python" ]
|
|
++ stdenv.lib.optional enableSharedLibraries "lib";
|
|
|
|
nativeBuildInputs = [ cmake python3 ]
|
|
++ stdenv.lib.optional enableManpages python3.pkgs.sphinx;
|
|
|
|
buildInputs = [ libxml2 libffi ];
|
|
|
|
propagatedBuildInputs = [ ncurses zlib ];
|
|
|
|
patches = [
|
|
(fetchpatch {
|
|
url = "https://bugzilla.redhat.com/attachment.cgi?id=1389687";
|
|
name = "llvm-gcc8-type-mismatch.patch";
|
|
sha256 = "0ga2123aclq3x9w72d0rm0az12m8c1i4r1106vh701hf4cghgbch";
|
|
})
|
|
./fix-gcc9.patch
|
|
#(fetchpatch {
|
|
# name = "llvm-fix-gcc9.patch";
|
|
# url = "https://reviews.llvm.org/file/data/zs3ck5ryvc5n672fd2kw/PHID-FILE-byoqefzwmkd7qnlip4v2/file";
|
|
# sha256 = "0injj1hqgrbcbihhwp2nbal88jfykad30r54f2cdcx7gws2fcy8i";
|
|
# stripLen = 1;
|
|
#})
|
|
];
|
|
postPatch = stdenv.lib.optionalString stdenv.isDarwin ''
|
|
substituteInPlace cmake/modules/AddLLVM.cmake \
|
|
--replace 'set(_install_name_dir INSTALL_NAME_DIR "@rpath")' "set(_install_name_dir)" \
|
|
--replace 'set(_install_rpath "@loader_path/../lib" ''${extra_libdir})' ""
|
|
''
|
|
# Patch llvm-config to return correct library path based on --link-{shared,static}.
|
|
+ stdenv.lib.optionalString (enableSharedLibraries) ''
|
|
substitute '${./llvm-outputs.patch}' ./llvm-outputs.patch --subst-var lib
|
|
patch -p1 < ./llvm-outputs.patch
|
|
'' + ''
|
|
# FileSystem permissions tests fail with various special bits
|
|
substituteInPlace unittests/Support/CMakeLists.txt \
|
|
--replace "Path.cpp" ""
|
|
rm unittests/Support/Path.cpp
|
|
'' + stdenv.lib.optionalString stdenv.isAarch64 ''
|
|
patch -p0 < ${../aarch64.patch}
|
|
'' + stdenv.lib.optionalString stdenv.hostPlatform.isMusl ''
|
|
patch -p1 -i ${../TLI-musl.patch}
|
|
substituteInPlace unittests/Support/CMakeLists.txt \
|
|
--replace "add_subdirectory(DynamicLibrary)" ""
|
|
rm unittests/Support/DynamicLibrary/DynamicLibraryTest.cpp
|
|
'';
|
|
|
|
# hacky fix: created binaries need to be run before installation
|
|
preBuild = ''
|
|
mkdir -p $out/
|
|
ln -sv $PWD/lib $out
|
|
'';
|
|
|
|
cmakeFlags = with stdenv; [
|
|
"-DCMAKE_BUILD_TYPE=${if debugVersion then "Debug" else "Release"}"
|
|
"-DLLVM_INSTALL_UTILS=ON" # Needed by rustc
|
|
"-DLLVM_BUILD_TESTS=ON"
|
|
"-DLLVM_ENABLE_FFI=ON"
|
|
"-DLLVM_ENABLE_RTTI=ON"
|
|
|
|
"-DLLVM_HOST_TRIPLE=${stdenv.hostPlatform.config}"
|
|
"-DLLVM_DEFAULT_TARGET_TRIPLE=${stdenv.hostPlatform.config}"
|
|
"-DTARGET_TRIPLE=${stdenv.hostPlatform.config}"
|
|
]
|
|
++ stdenv.lib.optional enableSharedLibraries
|
|
"-DLLVM_LINK_LLVM_DYLIB=ON"
|
|
++ stdenv.lib.optionals enableManpages [
|
|
"-DLLVM_BUILD_DOCS=ON"
|
|
"-DLLVM_ENABLE_SPHINX=ON"
|
|
"-DSPHINX_OUTPUT_MAN=ON"
|
|
"-DSPHINX_OUTPUT_HTML=OFF"
|
|
"-DSPHINX_WARNINGS_AS_ERRORS=OFF"
|
|
]
|
|
++ stdenv.lib.optional (!isDarwin)
|
|
"-DLLVM_BINUTILS_INCDIR=${libbfd.dev}/include"
|
|
++ stdenv.lib.optionals (isDarwin) [
|
|
"-DLLVM_ENABLE_LIBCXX=ON"
|
|
"-DCAN_TARGET_i386=false"
|
|
];
|
|
|
|
postBuild = ''
|
|
rm -fR $out
|
|
'';
|
|
|
|
preCheck = ''
|
|
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$PWD/lib
|
|
'';
|
|
|
|
postInstall = ''
|
|
mkdir -p $python/share
|
|
mv $out/share/opt-viewer $python/share/opt-viewer
|
|
''
|
|
+ stdenv.lib.optionalString enableSharedLibraries ''
|
|
moveToOutput "lib/libLLVM-*" "$lib"
|
|
moveToOutput "lib/libLLVM${stdenv.hostPlatform.extensions.sharedLibrary}" "$lib"
|
|
moveToOutput "lib/libLTO${stdenv.hostPlatform.extensions.sharedLibrary}" "$lib"
|
|
substituteInPlace "$out/lib/cmake/llvm/LLVMExports-${if debugVersion then "debug" else "release"}.cmake" \
|
|
--replace "\''${_IMPORT_PREFIX}/lib/libLLVM-" "$lib/lib/libLLVM-"
|
|
''
|
|
+ stdenv.lib.optionalString (stdenv.isDarwin && enableSharedLibraries) ''
|
|
substituteInPlace "$out/lib/cmake/llvm/LLVMExports-${if debugVersion then "debug" else "release"}.cmake" \
|
|
--replace "\''${_IMPORT_PREFIX}/lib/libLLVM.dylib" "$lib/lib/libLLVM.dylib" \
|
|
--replace "\''${_IMPORT_PREFIX}/lib/libLTO.dylib" "$lib/lib/libLTO.dylib"
|
|
${stdenv.lib.concatMapStringsSep "\n" (v: ''
|
|
ln -s $lib/lib/libLLVM.dylib $lib/lib/libLLVM-${v}.dylib
|
|
'') versionSuffixes}
|
|
'';
|
|
|
|
doCheck = stdenv.isLinux && (!stdenv.isi686);
|
|
|
|
checkTarget = "check-all";
|
|
|
|
enableParallelBuilding = true;
|
|
|
|
requiredSystemFeatures = [ "big-parallel" ];
|
|
meta = {
|
|
description = "Collection of modular and reusable compiler and toolchain technologies";
|
|
homepage = http://llvm.org/;
|
|
license = stdenv.lib.licenses.ncsa;
|
|
maintainers = with stdenv.lib.maintainers; [ lovek323 raskin dtzWill ];
|
|
platforms = stdenv.lib.platforms.all;
|
|
};
|
|
} // stdenv.lib.optionalAttrs enableManpages {
|
|
pname = "llvm-manpages";
|
|
|
|
buildPhase = ''
|
|
make docs-llvm-man
|
|
'';
|
|
|
|
propagatedBuildInputs = [];
|
|
|
|
installPhase = ''
|
|
make -C docs install
|
|
'';
|
|
|
|
outputs = [ "out" ];
|
|
|
|
doCheck = false;
|
|
|
|
meta.description = "man pages for LLVM ${version}";
|
|
})
|