From 44f10f000a13fae6baae9c10767c6d300ff689a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= Date: Tue, 27 Feb 2024 13:45:18 +0100 Subject: [PATCH 1/9] flake: Update to NixOS 23.11 About time :) This required disabling `bear` on darwin as it's currently broken (fixed on master, but not yet on 23.11). --- flake.lock | 8 ++++---- flake.nix | 18 +++++------------- package.nix | 2 +- 3 files changed, 10 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index f0efb4036ef..a9022dbdcd3 100644 --- a/flake.lock +++ b/flake.lock @@ -34,16 +34,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1705033721, - "narHash": "sha256-K5eJHmL1/kev6WuqyqqbS1cdNnSidIZ3jeqJ7GbrYnQ=", + "lastModified": 1708971694, + "narHash": "sha256-mBXQ65IrCJbNgTrj0+6xdXpD9/U31AWPKdwGlOufhtI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a1982c92d8980a0114372973cbdfe0a307f1bdea", + "rev": "4dd376f7943c64b522224a548d9cab5627b4d9d6", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.05-small", + "ref": "nixos-23.11-small", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 0bc70768e13..479ec05c028 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { description = "The purely functional package manager"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05-small"; + inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11-small"; inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2"; inputs.flake-compat = { url = "github:edolstra/flake-compat"; flake = false; }; inputs.libgit2 = { url = "github:libgit2/libgit2"; flake = false; }; @@ -10,20 +10,10 @@ let inherit (nixpkgs) lib; - - # Experimental fileset library: https://github.com/NixOS/nixpkgs/pull/222981 - # Not an "idiomatic" flake input because: - # - Propagation to dependent locks: https://github.com/NixOS/nix/issues/7730 - # - Subflake would download redundant and huge parent flake - # - No git tree hash support: https://github.com/NixOS/nix/issues/6044 - inherit (import (builtins.fetchTarball { url = "https://github.com/NixOS/nix/archive/1bdcd7fc8a6a40b2e805bad759b36e64e911036b.tar.gz"; sha256 = "sha256:14ljlpdsp4x7h1fkhbmc4bd3vsqnx8zdql4h3037wh09ad6a0893"; })) - fileset; + inherit (lib) fileset; officialRelease = false; - # Set to true to build the release notes for the next release. - buildUnreleasedNotes = false; - version = lib.fileContents ./.version + versionSuffix; versionSuffix = if officialRelease @@ -405,7 +395,9 @@ XDG_DATA_DIRS+=:$out/share ''; nativeBuildInputs = attrs.nativeBuildInputs or [] - ++ lib.optional stdenv.cc.isClang pkgs.buildPackages.bear + # TODO: Remove the darwin check once + # https://github.com/NixOS/nixpkgs/pull/291814 is available + ++ lib.optional (stdenv.cc.isClang && !stdenv.isDarwin) pkgs.buildPackages.bear ++ lib.optional (stdenv.cc.isClang && stdenv.hostPlatform == stdenv.buildPlatform) pkgs.buildPackages.clang-tools; }); in diff --git a/package.nix b/package.nix index 1f895e3010b..20796a3868b 100644 --- a/package.nix +++ b/package.nix @@ -154,7 +154,7 @@ in { in fileset.toSource { root = ./.; - fileset = fileset.intersect baseFiles (fileset.unions ([ + fileset = fileset.intersection baseFiles (fileset.unions ([ # For configure ./.version ./configure.ac From bbef03872b64da2b65fc7dd2040e1e3f5257bea7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= Date: Tue, 27 Feb 2024 14:40:12 +0100 Subject: [PATCH 2/9] Bump the required daemon version for the impure-env test The required version check was a bit too lenient, and `nixpkgs#nixUnstable` was considered valid while it didn't have the fix. --- tests/functional/impure-env.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/functional/impure-env.sh b/tests/functional/impure-env.sh index d9e4a34a229..cfea4cae9bf 100644 --- a/tests/functional/impure-env.sh +++ b/tests/functional/impure-env.sh @@ -1,7 +1,7 @@ source common.sh # Needs the config option 'impure-env' to work -requireDaemonNewerThan "2.18.0pre20230816" +requireDaemonNewerThan "2.19.0" enableFeatures "configurable-impure-env" restartDaemon From a0cb75d96f76a3be48b9319e26d8ad78ef4e4525 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= Date: Tue, 27 Feb 2024 18:45:51 +0100 Subject: [PATCH 3/9] Disable bear on all the things with darwin as hostPlatform Just `stdenv.isDarwin` isn't enough because it doesn't apply to the build platform, which mean that cross packages building from darwin to another platform will have `isDarwin` set to false. Replace it by `stdenv.buildPlatform.isDarwin`. --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 479ec05c028..baf81007fd7 100644 --- a/flake.nix +++ b/flake.nix @@ -397,7 +397,7 @@ nativeBuildInputs = attrs.nativeBuildInputs or [] # TODO: Remove the darwin check once # https://github.com/NixOS/nixpkgs/pull/291814 is available - ++ lib.optional (stdenv.cc.isClang && !stdenv.isDarwin) pkgs.buildPackages.bear + ++ lib.optional (stdenv.cc.isClang && !stdenv.buildPlatform.isDarwin) pkgs.buildPackages.bear ++ lib.optional (stdenv.cc.isClang && stdenv.hostPlatform == stdenv.buildPlatform) pkgs.buildPackages.clang-tools; }); in From cf3ef060ff7623c006e09ff51ba0f6d4e7bba704 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= Date: Tue, 27 Feb 2024 19:24:31 +0100 Subject: [PATCH 4/9] =?UTF-8?q?Disable=20the=20=E2=80=9Cstatic=E2=80=9D=20?= =?UTF-8?q?darwin=20stdenvs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Don't evaluate, and probably not really useful (if at all) --- flake.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index baf81007fd7..ceb572c0b93 100644 --- a/flake.nix +++ b/flake.nix @@ -409,8 +409,9 @@ (forAllStdenvs (stdenvName: makeShell pkgs pkgs.${stdenvName})); in (makeShells "native" nixpkgsFor.${system}.native) // - (makeShells "static" nixpkgsFor.${system}.static) // - (lib.genAttrs shellCrossSystems (crossSystem: let pkgs = nixpkgsFor.${system}.cross.${crossSystem}; in makeShell pkgs pkgs.stdenv)) // + (lib.optionalAttrs (!nixpkgsFor.${system}.native.stdenv.isDarwin) + (makeShells "static" nixpkgsFor.${system}.static)) // + (lib.genAttrs shellCrossSystems (crossSystem: let pkgs = nixpkgsFor.${system}.cross.${crossSystem}; in makeShell pkgs pkgs.stdenv)) // { default = self.devShells.${system}.native-stdenvPackages; } From 945940f2efe273084319790f72a61b6b446d2882 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 28 Feb 2024 02:31:19 +0100 Subject: [PATCH 5/9] nixpkgs: nixos-23.11-small -> release-23.11 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/4dd376f7943c64b522224a548d9cab5627b4d9d6' (2024-02-26) → 'github:NixOS/nixpkgs/b550fe4b4776908ac2a861124307045f8e717c8e' (2024-02-28) --- flake.lock | 9 +++++---- flake.nix | 4 +++- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index a9022dbdcd3..3070b4a4599 100644 --- a/flake.lock +++ b/flake.lock @@ -34,16 +34,17 @@ }, "nixpkgs": { "locked": { - "lastModified": 1708971694, - "narHash": "sha256-mBXQ65IrCJbNgTrj0+6xdXpD9/U31AWPKdwGlOufhtI=", + "lastModified": 1709083642, + "narHash": "sha256-7kkJQd4rZ+vFrzWu8sTRtta5D1kBG0LSRYAfhtmMlSo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4dd376f7943c64b522224a548d9cab5627b4d9d6", + "rev": "b550fe4b4776908ac2a861124307045f8e717c8e", + "treeHash": "74223e48f0b0e94ecf419d793c67068cdfdf5ea0", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.11-small", + "ref": "release-23.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index ceb572c0b93..58d17bf0092 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,9 @@ { description = "The purely functional package manager"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11-small"; + # TODO switch to nixos-23.11-small + # https://nixpk.gs/pr-tracker.html?pr=291954 + inputs.nixpkgs.url = "github:NixOS/nixpkgs/release-23.11"; inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2"; inputs.flake-compat = { url = "github:edolstra/flake-compat"; flake = false; }; inputs.libgit2 = { url = "github:libgit2/libgit2"; flake = false; }; From 8dc4b41c7f748d1615dbcf2c3438d1a76a5cb295 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 28 Feb 2024 02:34:43 +0100 Subject: [PATCH 6/9] flake.lock: Strip out treeHash. Too soon... I hate this. We should have it, but for now we can't. --- flake.lock | 1 - 1 file changed, 1 deletion(-) diff --git a/flake.lock b/flake.lock index 3070b4a4599..bb2e400c0a9 100644 --- a/flake.lock +++ b/flake.lock @@ -39,7 +39,6 @@ "owner": "NixOS", "repo": "nixpkgs", "rev": "b550fe4b4776908ac2a861124307045f8e717c8e", - "treeHash": "74223e48f0b0e94ecf419d793c67068cdfdf5ea0", "type": "github" }, "original": { From 6147d27afb7200b972338abf1be1523740773df9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= Date: Wed, 28 Feb 2024 07:10:53 +0100 Subject: [PATCH 7/9] Bump the required daemon version for the git hashing tests The required version check was a bit too lenient, and `nixpkgs#nixUnstable` was considered valid while it didn't have the fix. --- tests/functional/git-hashing/common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/functional/git-hashing/common.sh b/tests/functional/git-hashing/common.sh index 5de96e74f16..572cea43818 100644 --- a/tests/functional/git-hashing/common.sh +++ b/tests/functional/git-hashing/common.sh @@ -4,7 +4,7 @@ clearStore clearCache # Need backend to support git-hashing too -requireDaemonNewerThan "2.18.0pre20230908" +requireDaemonNewerThan "2.19" enableFeatures "git-hashing" From da90be789d8074880d95405a439b446c60947506 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= Date: Wed, 28 Feb 2024 08:00:17 +0100 Subject: [PATCH 8/9] Fix a too smart implicit cast Apparently gcc is able to implicitly cast from `FileIngestionMethod` to `ContentAddressMethod`, but clang isn't. So explicit the cast --- src/libstore/local-store.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index 56f8c5dd85c..1bbeaa912a6 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -1202,7 +1202,7 @@ StorePath LocalStore::addToStoreFromDump( Path tempDir; AutoCloseFD tempDirFd; - bool methodsMatch = (FileIngestionMethod) dumpMethod == hashMethod; + bool methodsMatch = ContentAddressMethod(FileIngestionMethod(dumpMethod)) == hashMethod; /* If the methods don't match, our streaming hash of the dump is the wrong sort, and we need to rehash. */ From f6142cd0d1b248581adddbbc1056df00fe12eb3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= Date: Wed, 28 Feb 2024 08:02:49 +0100 Subject: [PATCH 9/9] unset `NIX_HARDENING_ENABLE` in fast build mode `NIX_HARDENING_ENABLE` causes `_FORTIFY_SOURCE` to be defined. This isn't compatible with `-O0`, and the compiler will happily remind us about it at every call, spamming the terminal with warnings and stack traces. We don't really care hardening in that case, so just disable it if we pass `OPTIMIZE=0`. --- Makefile | 1 + flake.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/Makefile b/Makefile index 745e60aa5c9..c3dc83c7722 100644 --- a/Makefile +++ b/Makefile @@ -68,6 +68,7 @@ ifeq ($(OPTIMIZE), 1) GLOBAL_LDFLAGS += $(CXXLTO) else GLOBAL_CXXFLAGS += -O0 -U_FORTIFY_SOURCE + unexport NIX_HARDENING_ENABLE endif include mk/platform.mk diff --git a/flake.nix b/flake.nix index 58d17bf0092..42aaace6746 100644 --- a/flake.nix +++ b/flake.nix @@ -396,6 +396,7 @@ # Make bash completion work. XDG_DATA_DIRS+=:$out/share ''; + nativeBuildInputs = attrs.nativeBuildInputs or [] # TODO: Remove the darwin check once # https://github.com/NixOS/nixpkgs/pull/291814 is available