curl: fix build failures due to needing to propagate frameworks #263598
Conversation
reckenrode
requested review from
jtojnar,
aanderse,
drupol,
etu,
globin,
Ma27 and
talyz
as code owners
reckenrode
force-pushed
the
curl-propagation-fix
branch
from
54328f0 to
93fcc5f
Compare
|
I pushed a change to make it handle paths with spaces. I wanted to use the ASCII record separator, but there’s no way to use hex escapes in Nix, and I didn’t want to put the raw character in the file (since it seemed brittle due to how/whether different editors would treat or display the character). |
|
LGTM, I fully trust you on this @reckenrode ! |
There was a problem hiding this comment.
I'm not sure about the latest attribute. I worry it might be abused and then cause unnecessary rebuilds. I assume you're thinking of cases like MoltenVK but wouldn't you only need an SDK bump for those when the version is bumped?
Overall I support the approach if cURL necessitates it.
pkgs/stdenv/adapters.nix
Outdated
| @@ -246,4 +246,106 @@ rec { | |||
| env = (args.env or {}) // { NIX_CFLAGS_COMPILE = toString (args.env.NIX_CFLAGS_COMPILE or "") + " ${toString compilerFlags}"; }; | |||
| }); | |||
| }); | |||
|
|
|||
| # Override SDK changes the SDK used to build the package. It does two things: | |||
There was a problem hiding this comment.
| # Override SDK changes the SDK used to build the package. It does two things: | |
| # Overriding the SDK changes the SDK used to build the package. It does two things: |
Alternatively stick to the name of the function, the current form reads a bit weird.
There was a problem hiding this comment.
I can clean this and the other comments up.
pkgs/stdenv/adapters.nix
Outdated
| # * It ensures that the compiler and bintools have the correct Libsystem version; and | ||
| # * It replaces any SDK references with those in the SDK corresponding to darwinSdkVersion. |
There was a problem hiding this comment.
| # * It ensures that the compiler and bintools have the correct Libsystem version; and | |
| # * It replaces any SDK references with those in the SDK corresponding to darwinSdkVersion. | |
| # * Ensure that the compiler and bintools have the correct Libsystem version | |
| # * Replace any SDK references with those in the SDK corresponding to darwinSdkVersion. |
Since the argument isn't necessarily an attrset with the darwinSdkVersion attribute, this reads a bit weird. Maybe "the requested version?"
pkgs/stdenv/adapters.nix
Outdated
| for targetPath in "$pkgOutputPath"/*; do | ||
| targetName=$(basename "$targetPath") | ||
|
|
||
| # `nix-support` is special-cased because any propgated inputs need their SDK |
There was a problem hiding this comment.
| # `nix-support` is special-cased because any propgated inputs need their SDK | |
| # `nix-support` is special-cased because any propagated inputs need their SDK |
|
|
||
| sdk = pkgs.darwin."apple_sdk_${lib.replaceStrings [ "." ] [ "_" ] darwinSdkVersion}"; | ||
|
|
||
| isSDKFramework = pkg: lib.hasPrefix "apple-framework-" (lib.getName pkg); |
There was a problem hiding this comment.
Should we not do something similar for apple-lib-*? That includes things like XPC.
There was a problem hiding this comment.
Eventually. That’s something I’d like to review in conjunction with or after #229210. There’s not a lot of consistency outside of the framework case, and I didn’t want to make the scope of this too broad. That’s why I’m calling it an MVP and keeping it limited to these packages. There’s still a lot of work left before we could conceivably do a tree-wide switch to the adapter over using apple_sdk_11_0.callPackage.
| @@ -5755,7 +5755,9 @@ with pkgs; | |||
|
|
|||
| joystickwake = callPackage ../tools/games/joystickwake { }; | |||
|
|
|||
| juce = darwin.apple_sdk_11_0.callPackage ../development/misc/juce { }; | |||
| juce = callPackage ../development/misc/juce { | |||
| stdenv = if stdenv.isDarwin then overrideSDK stdenv "11.0" else stdenv; | |||
There was a problem hiding this comment.
Might be worth introducing a stdenv_SDK_11 or such for this. The if-then-else makes it look kind of complicated.
There was a problem hiding this comment.
SDK-specific stdenvs don’t compose very well. Even if the adapter is available, people might think you have to use one of those instead of overriding the SDK in the stdenv you want to use. For example, if overrideSDK stdenv is the standard pattern, it’s obvious you should be able to do overrideSDK llvmPackages_15.stdenv "11.0" or overrideSDK qt6Packages.stdenv "11.0" or overrideSDK python3.stdenv "11.0" or even overrideSDK python3.stdenv { darwinMinVersion = "10.13";}.
The last one is equivalent to what I had to do manually to fix pybind11 for clang 16. There are a couple of other packages that have to do that as well. It would be much nicer if they could just use the adapter to set the deployment target in the stdenv.
Regarding the conditional, you’d need it even if there were a SDK-specific stdenv. I’ve intentionally chosen not to make the adapter platform-neutral. It’s for Darwin, so you need to conditionally use it only on Darwin. I’m pretty sure I’ve seen it mentioned that the current approach is a layering violation, and I agree. This PR fixes that by making the adapter work like other platform-specific stuff in nixpkgs.
reckenrode
force-pushed
the
curl-propagation-fix
branch
from
93fcc5f to
2864180
Compare
|
@toonn I pushed an update that fixes the comments, cleans up the code a bit, and drops support for specifying the |
| @@ -246,4 +246,103 @@ rec { | |||
| env = (args.env or {}) // { NIX_CFLAGS_COMPILE = toString (args.env.NIX_CFLAGS_COMPILE or "") + " ${toString compilerFlags}"; }; | |||
| }); | |||
| }); | |||
|
|
|||
| # Overriding the SDK changes the Darwin SDK used to build the package, which: | |||
| # * Ensures that the compiler and bintools have the correct Libsystem version; and | |||
There was a problem hiding this comment.
The "; and" feels very awkward in a bulleted list, IMHO. Not important though.
There was a problem hiding this comment.
It’s a style thing. I try to write bulleted lists as if they were part of the sentence that precedes them (but laid out as lists for readability). But I can drop it if that’s the preference.
| # * Replaces any SDK references with those in the SDK corresponding to requested SDK version. | ||
| # | ||
| # `sdkVersion` can be any of the following: | ||
| # * A version string indicating the requested SDK version; or |
There was a problem hiding this comment.
If the "; and" from before is dropped the "; or" here needs the same treatment.
This is a replacement for using `darwin.apple_sdk_<ver>.callPackage`. Instead of injecting the required packages, it provides a stdenv adapter that modifies the derivation’s build inputs to use the requested SDK versions. This modification extends to any build inputs propagated to it as well. The `callPackage` approach is not deprecated yet, but it is expected that it will be eventually. Note that this is an MVP. It should work with most packages, but it only handles build inputs and also only handles frameworks. Once more SDKs are added (after NixOS#229210 is merged) and the SDK structure is normalized, it can be extended to handle any package in the SDK namespace. Cross-compilation may or may not work. Any cross-related issues can be addressed after NixOS#256590 is merged.
Using overrideSDK allows juce to use the correct SDK frameworks even when they are propagated from curl.
Using overrideSDK allows datadog_trace to use the correct SDK frameworks even when they are propagated from curl.
Using overrideSDK allows cargo-codspeed to use the correct SDK frameworks even when they are propagated from curl.
`libcurl.la` and `curl-config --static-libs` both include the frameworks curl needs to link, so propgate them in case dependents don’t include those frameworks in their build inputs. This fixes building Nix and probably other things (like netcdf).
reckenrode
force-pushed
the
curl-propagation-fix
branch
from
2864180 to
028534b
Compare
|
I pushed a fix for the typo. I left the lists as they were unless I get feedback requesting otherwise. |
ofborg
bot
added
10.rebuild-darwin: 501+
10.rebuild-darwin: 5001+
10.rebuild-linux: 0
|
FYI, the builds happening for several hours on Hydra already use the first version of this PR, but there won't be that much done yet today, so trashing those builds won't be a real issue. |
The changes have been in the adapter, which affects three packages. The core change of propagating the build inputs from curl hasn’t changed, so unless something happens to drastically change or drop 028534b, there shouldn’t be much in the way of rebuilds once this gets merged. |
Description of changes
curl expects to propagate any libraries and frameworks it links against, which was missed in #260963. This results in Nix and other packages that have curl as a dependency to fail to build. Since propagating frameworks is not compatible with the current mechanism for overriding the SDK used, a new mechanism has been introduced that handles propagated build inputs. This mechanism will likely replace the existing one in the future.
Things done
nix.conf? (See Nix manual)sandbox = relaxedsandbox = truenix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)