stdenv: make stage3.{gmp,mpfr,mpc,isl} do what the comment says #169378
Conversation
ghost
changed the title
ghost
changed the title
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
ofborg
bot
added
10.rebuild-linux-stdenv
This comment was marked as duplicate.
This comment was marked as duplicate.
1 similar comment
|
@ofborg eval |
|
@ofborg eval |
|
The aarch64-darwin builder timeout appears to not be functioning correctly. |
|
Last commit extends the |
As explained in the comment, this ensures that stage4-coreutils does not leak a reference to the bootstrap-files by way of libgmp. This will allow the next patch in this series to build stage4-coreutils using a dynamically-linked (rather than statically-linked) libgmp.
The usage of `makeStaticLibraries` in stdenv/linux/default.nix is prefaced by this comment: # Link GCC statically against GMP etc. This makes sense because # these builds of the libraries are only used by GCC, so it # reduces the size of the stdenv closure. However "these builds of the libraries are only used by GCC" is not actually true. As currently written, the stage4 coreutils links against these customized, static-ified libraries. Beside the fact that the code doesn't actually do what it says, this causes other problems as well. One example is #168983, which arises because have a dynamically-linked binary (coreutils) which is built from statically-linked libraries (libgmp.a); doing this causes mayhem on platforms where `-fstack-protector` needs an auxiliary `libssp.{so,a}` library; we end up with link failures because some parts of the resulting binary want `libssp.so` and other parts want `libssp_nonshared.a`. Let's make the code actually do what the comment says, by moving these definitions into the `gcc-unwrapped` override. This will cause the stage4-coreutils to link against libgmp dynamically, rather than statically. For this reason this commit depends on the previous commit, which allows that to be done without creating a forbidden reference from stdenv-final to the bootstrap-files.
During stdenv bootstrapping, coreutils is built twice. This makes troubleshooting very difficult, because both packages have name="coreutils", so it is a hassle to figure out "which coreutils am I using / is not building"? The first of these builds is used only in stage4, and is not part of the final stdenv. Let's label that one with a different `name` attribute to make it obvious which is which.
Co-authored-by: sternenseemann <sternenseemann@systemli.org>
ghost
marked this pull request as ready for review
ofborg
bot
added
10.rebuild-darwin: 1-10
10.rebuild-darwin: 1
and removed
10.rebuild-darwin: 0
|
Ping... This is the last PR needed in order for |
|
Tried building |
All the RPATHs will change due to the outpath of stdenv changing. You'll definitely need to run |
|
I'll try the I don't think ca-refs helps here because this PR will not leave A |
The outputs created before and after applying thisbefore "old hashes (f529aef3dd8daff2a8d342736974d97e1b9adde8)",
[
{
"drvPath": "/nix/store/6z3cjric4i9l7rdjyn1k9c69sh8phwzn-boost-1.77.0.drv",
"outputs": {
"dev": "/nix/store/89azyhlgn9qc5qgdq3fijvqfwnkky0k4-boost-1.77.0-dev",
"out": "/nix/store/is2w1z69jn37cyn5dk0dwsx7vmi5fgkd-boost-1.77.0"
}
},
{
"drvPath": "/nix/store/iqsr3dxvv3851wwnfcj57d7kqnj2bj3x-curl-7.83.1.drv",
"outputs": {
"bin": "/nix/store/34syrjdr1971hgv32anz6xwkwrsandry-curl-7.83.1-bin",
"man": "/nix/store/a8qc805dn1q520mxxh4bq3iwqd4ybk0d-curl-7.83.1-man"
}
},
{
"drvPath": "/nix/store/ijr6902bvqzdkddwb8sm572mizk73msn-gmp-with-cxx-6.2.1.drv",
"outputs": {
"out": "/nix/store/04amblxwih41nzslcscs6jaqzr2gjdn4-gmp-with-cxx-6.2.1"
}
},
{
"drvPath": "/nix/store/fic9vh40xcikp1s75fa76l75bxzw7b59-isl-0.20.drv",
"outputs": {
"out": "/nix/store/2xlhbbsh8q58xmldqzsad8cr8xwl2n1j-isl-0.20"
}
},
{
"drvPath": "/nix/store/1dxmddd93df80qdd6ljkhhv2vjympafx-libwebsockets-4.3.1.drv",
"outputs": {
"out": "/nix/store/w610n13mv6aplf4906wqg9vkrqaq6aan-libwebsockets-4.3.1"
}
}
]after: "new hashes (02630180fad510ee877fa51112b7c7b230ef2f13)",
[
{
"drvPath": "/nix/store/v4dbh7p18pka11cvd7b14w75dqm9md63-boost-1.77.0.drv",
"outputs": {
"out": "/nix/store/is2w1z69jn37cyn5dk0dwsx7vmi5fgkd-boost-1.77.0"
}
},
{
"drvPath": "/nix/store/pq28fqdld2chxsf2cmv9nq3jara0cbbi-curl-7.83.1.drv",
"outputs": {
"bin": "/nix/store/52vflqgbqqris07cscqifr920llvk80k-curl-7.83.1-bin",
"man": "/nix/store/a8qc805dn1q520mxxh4bq3iwqd4ybk0d-curl-7.83.1-man"
}
},
{
"drvPath": "/nix/store/bc1i51b70srkcavc3gmlwydk0rcl1ja3-gmp-with-cxx-6.2.1.drv",
"outputs": {
"out": "/nix/store/04amblxwih41nzslcscs6jaqzr2gjdn4-gmp-with-cxx-6.2.1"
}
},
{
"drvPath": "/nix/store/78d5aqk0vm5ic6yij6ynygijqfymjhcd-isl-0.20.drv",
"outputs": {
"out": "/nix/store/2xlhbbsh8q58xmldqzsad8cr8xwl2n1j-isl-0.20"
}
},
{
"drvPath": "/nix/store/qig24v5jsjc9mf57a523cm66hvhaddqc-libwebsockets-4.3.1.drv",
"outputs": {
"out": "/nix/store/dcsk0imymx88lsqrkx0mz9hdc8zdpv0n-libwebsockets-4.3.1"
}
}
],
I did a diffoscope of curl and I think this is a case of #151475, since the only difference I see is the Build-ID that's injected. Libwebsockets differs because openssl differs, which also has separateDebugInfo and also has a different Build-ID. Not sure about the extra boost output that's listed... But otherwise, boost, gmp, isl all give the same output, so that's reassuring. Note that I indeed did not diff stdenv.cc, maybe that could be interesting to see too. |
|
I don't see a big risk anymore that this will cause regressions, so let's go for it. Both your testing and mine is sufficient to give me confidence that this is ok and an improvement. Thanks for pushing through! |
|
I see this in perl: Seems like stage4 is leaking into stdenv? Those annotations are surely useful to find these kinds of issues :) Path is Edit: Oh! I think that's because of the inherit in the last stage... oops? |
| # stage5.gcc -> stage4.coreutils -> stage3.glibc -> bootstrap | ||
| gmp = lib.makeOverridable (super.gmp.override { stdenv = self.stdenv; }).overrideAttrs (a: { pname = "${a.pname}-stage4"; }); | ||
|
|
||
| # coreutils gets rebuilt both here and also in the final stage; we rename this one to avoid confusion |
There was a problem hiding this comment.
I think it's not true that it gets rebuilt in the final stage.
There was a problem hiding this comment.
You are correct.
I'm unable to reproduce the situation I was experiencing two months ago, where coreutils was getting built twice.
Unfortunately I don't have much more time today, so I think the best course of action is to simply revert the commit that added the "-stage4" marker. If it is still necessary (which seems unlikely) I will resubmit it as a standalone PR. I'll have more time to look at this tomorrow morning.
I'm starting to suspect that the problem may have been caused by my own site-specific overlays, which have changed a lot in the last two months. I maintain them as extra commits on top of nixpkgs/master with frequent rebasing, so I don't have a version history for them. I need to start keeping one.
There was a problem hiding this comment.
I figured out the reason. We should still revert the commit (i.e. we should merge #179961).
I will explain in more detail tomorrow.
|
Investigating. |
ghost
mentioned this pull request
|
Postmortem in case anybody is curious why this happened. |
This PR consists of three commits, which should be reviewed independently (but sequentially). You can merge any prefix of the three-commit series without breaking anything.
Motivation
The comments in
stdenv/linux/default.nixdisagree with what the code actually does. In particular, the comments claim that the special static builds of libgmp/libmpfr/libmpc/libisl in stage3 are "only used by GCC". This not quite correct: the "special"stage3.gmpends up linked into the ephemeral coreutils which is built in stage4 (stage4.coreutils).This PR fixes the code to agree with the comment and intent.
This also closes #168983 which was caused by a conflict between statically-linked libraries (
libgmp.a) and dynamically-linked libraries (everything else) which were both compiled with-fstack-protector. Mixing static and shared libraries in the presence of hardening flags is not generally well-supported, and is certainly not well-tested. In particular, on some platforms-fstack-protectorinduces a link-time dependency onlibssp, which is implemented differently for statically (libssp_nonshared.a) vs dynamically (libssp.so) linked objects; this causes link-time failures in the ephemeralstage4.coreutils.Description of changes
The first commit c527af1 forces
gmpto rebuild in stage4, using the stage4 stdenv, rather than recyclingstage3.gmp.The second commit cad68ef causes the implementation of
stage3to agree with the intent and descriptive comment, by restricting the visibility of the specially-built libraries so they are visible only togcc-unwrapped. This will causestage4.coreutilsto use the ordinarystage4.gmprather than the customized staticifiedstage3.gcc-unwrapped.gmp; because of this cad68ef requires c527af1.The final commit 9dd7908 is strictly ergonomic; it appends "-stage4" to the
nameof the ephemeral coreutils that is used only for stdenv bootstrapping, so it can be distinguished easily from the final coreutils. I found this to be extremely helpful when untangling what was going on here.Things done
nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)