New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
patch-shebangs: respect cross compilation #43833
Conversation
You're going to need a native version of this as well: #33956 (comment) |
This should cover both. When you run patchShebangs on the working directory you get the build packages path. When you run it on the nix store you get the host packages path. |
if [ -n "$strictDeps" ] && [[ "$f" = /nix/store/* ]]; then | ||
PATH="$HOST_PATH" | ||
fi | ||
newPath="$(command -v "$(basename "$oldPath")" || true)" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just realized that basename is not a bash builtin :(. Have to rewrite it to run outside of subshell.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can't also hardcode /nix/store
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The hardcoding may be necessary for back compat - but I agree that we will probably need a way to be specific about what we are targeting with patchShebangs. Something like an optional offset argument.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I mean you need to use $NIX_STORE_DIR
or something.
I guess in general it can be a good heuristic, but you really need to be able to override the decision. For one, anything in a |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Glad this is finally happening! Also, great trick inspecting the path prefix.
I think it might easier to make HOST_PATH
too big, just like PATH
, without strictDeps
, so the script itself can be unconditional.
I would really like to see tests for essential utilities like these, especially with all the ongoing changes such as cross-compilation and, though irrelevant here, musl. |
pkgs/stdenv/generic/setup.sh
Outdated
@@ -505,6 +505,10 @@ activatePackage() { | |||
addToSearchPath _PATH "$pkg/bin" | |||
fi | |||
|
|||
if [[ "$hostOffset" -eq 0 && -d "$pkg/bin" ]]; then | |||
addToSearchPath HOST_PATH "$pkg/bin" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Ericson2314 Does the name + logic look correct here? If so I might merge just this part into staging now & leave the patchshebang changes for later.
I wasn't sure whether HOST_PATH was a good name (and should we have a TARGET_PATH as well?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That looks good, and find with two-step plan, but can you make it depend on strictDeps
like as I mentioned in my comment above?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why though? It shouldn’t be any bigger than PATH here and it’s all internal to bash so no ARG_MAX issues.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The idea with strictDeps = false
is things work as if we made each dependency every type of dependency, i.e. buildInputs = nativeBuildInputs = ...
. In that case, PATH
would indeed equal HOST_PATH
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok but it would still be easier to have HOST_PATH always defined - less conditionals. Eventually people should start changing patchShebangs to something like patchShebangsHost & patchShebangsBuild. It's annoying to have to special case each.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@matthewbauer oh I'm definiely agreeing always define it. In the strictDeps = false
cause it should just contain more entries, because more pkgs's bin
directories will count. That's all.
I guess my opinion would be that the best way to test this stuff is to build more stuff that depends on it. Right now for cross we do have some cross jobs (https://hydra.nixos.org/jobset/nixpkgs/cross-trunk#tabs-jobs) but they are not blocking right now. To test patchShebangs we would need some runtime tests. NixOS has a lot of good ones for that. Maybe we can cross compile a vm image then run them on QEMU? |
FWIW these days I do the vast majority of musl-based work using musl-native, it makes it a lot simpler to separate out what's because of using musl vs what's a cross-compilation problem. I'd love to have many more tests for all of this-- honestly I probably would have introduced quite a bit of testing for these things but I was concerned about it not being the preferred use of the shared builder resources. Especially because the magic of Nix makes it all too easy to generate tests for the cross-product of every option :D :P. This was one of the concerns folks rightfully expressed on the musl RFC/discussion. A targeted test-case for this shouldn't be hard-- I think what's holding things back there is largely a consensus on the testing proposal (proposals?) that have been given lots of love but held back for various reasons. That is to say, I think a number of people would love to add tests for this and many other things but we need Just some thoughts :). |
I just pushed a commit just doing what I was trying to say, as that might just be clearer. @matthewbauer feel free to do whatever you like with it. |
7b3be2f
to
cf1cd29
Compare
Failure on x86_64-linux (full log) Attempted: stdenv Partial log (click to expand)
|
Failure on x86_64-darwin (full log) Attempted: stdenv Partial log (click to expand)
|
Failure on aarch64-linux (full log) Attempted: stdenv Partial log (click to expand)
|
348d406
to
06a5376
Compare
Failure on x86_64-linux (full log) Attempted: stdenv Partial log (click to expand)
|
Failure on aarch64-linux (full log) Attempted: stdenv Partial log (click to expand)
|
Failure on x86_64-darwin (full log) Attempted: stdenv Partial log (click to expand)
|
Should go to staging when ready. |
This has broken stuff for me (in painfully subtle and indirect ways, of course), it seems. Any of you able to come to #nix-darwin on IRC? |
When I say for me, it's broken at least one important |
Yeah I can hop on |
Basically, on current staging, try this:
This is true regardless of platform, so on Linux it'll be impure but not too bad, on macOS it's impure and breaks a bunch of other shit because This is because Edit: if you want to empathize, the reason I found this was because it indirectly led to a broken |
See #46756 for a test that would've caught this sooner. |
....and I just locked myself out of my laptop. I'll read that while I get in boot flashdrive |
So the basic issue is with this, without a |
N.B. the 18.09 version of this is laxer and happily mixes up build time and run time deps so the normal stdenv.shell suffices. |
Yeah, I'm not clear on what the correct solution is, but it breaks a ton of stuff on Darwin. Can we back this out until we figure it out, or does someone have a quick stopgap that'll make things work? |
Adding the |
We actually already have a |
Sorry about this! This has been in the works for a while so I may have forgotten some of the details. I think this is what we were looking at in #46542 (comment). A better solution like defaultBuildInputs is probably the way to go. As for right now, it may make sense to just revert this for the time being just to make your testing easier. I intentionally merged this right after the 18.09 branch just because I expected there to be some issues and it can take a while for them to all show up. But I don't want it to interfere with the great work on updating the macOS stdenv! |
@Ericson2314 Maybe we should just put c72c865 into master for now? That avoids @copumpkin's issue IIUC. I originally avoided doing it because I wanted to add some "enforcement" for incorrect uses of nativeBuildInputs & buildInputs (#46476) but it may be too soon for that (and adding bash everywhere seems like a bad idea). |
The other thing I'd be wary of in this So I'm not sure what this strict deps thing is but I'd rather it fail loudly if something fails a strictness check rather than quietly leaving the shebang alone, which is almost never what we want. |
Yeah I think it wouldn't even fix the original issue. It's difficult because in almost all cases you should be listing these things in either buildInputs or nativeBuildInputs. The bash case is weird though and needs to be handled in a special way. We can't easily put the target's bash in the stdenv because it hasn't been cross compiled correctly.
That's not how patch shebangs has worked in the past. Sometimes things wind up in outputs that you don't really want in your closure. For instance Git has a bunch of |
Can we require a whitelist of unpatched shebangs? @matthewbauer I agree with putting that patch on master if we can find a solution to the |
Can we revert this? Staging has been broken for almost a month and this causes problems on both linux (/bin/sh) and (boostrap-tools) for everything that's built using a bootstrap stdenv. The only workaround I found implies overriding almost every package in the stdenv which is not maintainable. |
It's okay to revert if this is causing the issue, but I thought those failures were unrelated. ba5717a was supposed to fix any lingering issues in missing bash. But anyway, this is definitely not a high priority feature so a revert is definitely okay if it causes any serious issues. |
I checked the last eval, but it should include those changes. |
Yeah, https://hydra.nixos.org/build/81725278 includes that but references bootstrap-tools.
I also tested revering this commit on top of staging earlier today and that fixed the references so I'm pretty sure it's this and not one of the other darwin stdenv changes for CoreFoundation. Hopefully staging looks reasonable again after 9c4b11e. |
Ok just for reference this PR was reverted. At some point I'd like to get back to this and get everything working but it's not a high priority. |
this is really cool! |
This hopefully makes patchShebangs respect cross compilation. It
introduces the concept of the HOST_PATH. Nothing is ever executed on
it but instead used as a way to get the proper path using ‘command
-v’. Needs more testing.
/cc @Ericson2314 @dtzWill
Fixes #33956
Motivation for this change
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)