util-linux: fix libtool.m4 for macOS 11+
#87103
Conversation
Formula/util-linux.rb
Outdated
| diff --git a/configure.orig b/configure | ||
| index 57b830a..0d33a08 100755 | ||
| --- a/configure.orig | ||
| +++ b/configure | ||
| @@ -12286,16 +12286,11 @@ $as_echo "$lt_cv_ld_force_load" >&6; } | ||
| _lt_dar_allow_undefined='$wl-undefined ${wl}suppress' ;; | ||
| darwin1.*) | ||
| _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; | ||
| - darwin*) # darwin 5.x on | ||
| - # if running on 10.5 or later, the deployment target defaults | ||
| - # to the OS version, if on x86, and 10.4, the deployment | ||
| - # target defaults to 10.4. Don't you love it? | ||
| - case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in | ||
| - 10.0,*86*-darwin8*|10.0,*-darwin[91]*) | ||
| - _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; | ||
| - 10.[012][,.]*) | ||
| + darwin*) | ||
| + case ${MACOSX_DEPLOYMENT_TARGET},$host in | ||
| + 10.[012],*|,*powerpc*) | ||
| _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; | ||
| - 10.*) | ||
| + *) | ||
| _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; | ||
| esac | ||
| ;; |
There was a problem hiding this comment.
Is this the same patch used in libgcrypt and libgpg-error? If so, let's move this patch to formula-patches and switch libgcrypt and libgpg-error to use those too.
There was a problem hiding this comment.
The patches are slightly different with util-linux having 10.[012][,.]* but libgcrypt and libgpg-error having 10.[012]*. Speaking of which, libgcrypt's patch might have a bug because 10.[[012]] probably should be 10.[012].
There was a problem hiding this comment.
Yea, looks like it:
❯ brew audit --strict libgcrypt
libgcrypt:
* Libraries were compiled with a flat namespace.
This can cause linker errors due to name collisions, and
is often due to a bug in detecting the macOS version.
/usr/local/Cellar/libgcrypt/1.9.4_1/lib/libgcrypt.20.dylib
Error: 1 problem in 1 formula detected
Nice catch. Would you like to open a PR to fix it?
CC @aconchillo
Edit: Nope, false positive. Looks like I need to check the audit more carefully.
❯ otool -hV libgcrypt.20.dylib
libgcrypt.20.dylib:
Mach header
magic cputype cpusubtype caps filetype ncmds sizeofcmds flags
MH_MAGIC_64 X86_64 ALL 0x00 DYLIB 15 1792 NOUNDEFS DYLDLINK TWOLEVEL NO_REEXPORTED_DYLIBS
Apologies for the ping!
There was a problem hiding this comment.
The difference between 10.[[012]] and 10.[012] is because m4 and configure differences. In m4 you use [[012]] which then gets converted to [012]... I didn't look into why though.
Formula/util-linux.rb
Outdated
| # util-linux's libtool.m4 doesn't properly support macOS >= 11.x (see | ||
| # libtool.rb formula). This causes the library to be linked with a flat | ||
| # namespace which might cause issues when dynamically loading the library. | ||
| # Issue ref: https://github.com/karelzak/util-linux/issues/1468 |
There was a problem hiding this comment.
Is there any way we can test for this?
There was a problem hiding this comment.
Mock a library with a symbol that collides with something a util-linux library exports and then try to link with both, I guess. Might be fragile though. And terrible to automate.
There was a problem hiding this comment.
Can we just filter out [-Wl,]-flat_namespace in superenv? I don't think we ever want a flat namespace anyway.
There was a problem hiding this comment.
Potentially. Ideally we'd have much more information about whether any current formulae use it or not. If anything requires it then it probably doesn't belong in the filter list.
Not sure of how to best approach that. Sounds like some sort of CI-only analytics gathering.
There was a problem hiding this comment.
The output of otool -hV includes TWOLEVEL if the library was linked normally (without -flat_namespace). Maybe that could be useful. https://stackoverflow.com/q/2553530
If filtering out -flat_namespace, maybe also replace -undefined suppress with -undefined dynamic_lookup. Is superenv able to handle environment variables like LDFLAGS?
There was a problem hiding this comment.
Here are libraries I have installed that don't have TWOLEVEL from otool -hV:
/usr/local/Cellar/berkeley-db/18.1.40/lib/libdb-18.1.dylib
/usr/local/Cellar/berkeley-db/18.1.40/lib/libdb_cxx-18.1.dylib
/usr/local/Cellar/berkeley-db/18.1.40/lib/libdb_stl-18.1.dylib
/usr/local/Cellar/gdbm/1.21/lib/libgdbm.6.dylib
/usr/local/Cellar/gdbm/1.21/lib/libgdbm_compat.4.dylib
/usr/local/Cellar/gettext/0.21/lib/libasprintf.0.dylib
/usr/local/Cellar/gmp/6.2.1_1/lib/libgmp.10.dylib
/usr/local/Cellar/gmp/6.2.1_1/lib/libgmpxx.4.dylib
/usr/local/Cellar/gpgme/1.16.0/lib/libgpgme.11.dylib
/usr/local/Cellar/gsl/2.7/lib/libgsl.25.dylib
/usr/local/Cellar/gsl/2.7/lib/libgslcblas.0.dylib
/usr/local/Cellar/gts/0.7.6_2/lib/libgts-0.7.5.0.1.dylib
/usr/local/Cellar/isl/0.24/lib/libisl.23.dylib
/usr/local/Cellar/jq/1.6/lib/libjq.1.dylib
/usr/local/Cellar/libassuan/2.5.5/lib/libassuan.0.dylib
/usr/local/Cellar/libb2/0.98.1/lib/libb2.1.dylib
/usr/local/Cellar/libev/4.33/lib/libev.4.dylib
/usr/local/Cellar/libksba/1.6.0/lib/libksba.8.dylib
/usr/local/Cellar/libmpc/1.2.1/lib/libmpc.3.dylib
/usr/local/Cellar/mpfr/4.1.0/lib/libmpfr.6.dylib
/usr/local/Cellar/npth/1.6/lib/libnpth.0.dylib
/usr/local/Cellar/pcre/8.45/lib/libpcre.1.dylib
/usr/local/Cellar/pcre/8.45/lib/libpcre16.0.dylib
/usr/local/Cellar/pcre/8.45/lib/libpcre32.0.dylib
/usr/local/Cellar/pcre/8.45/lib/libpcrecpp.0.dylib
/usr/local/Cellar/pcre/8.45/lib/libpcreposix.0.dylib
/usr/local/Cellar/pcre2/10.38/lib/libpcre2-16.0.dylib
/usr/local/Cellar/pcre2/10.38/lib/libpcre2-32.0.dylib
/usr/local/Cellar/pcre2/10.38/lib/libpcre2-8.0.dylib
/usr/local/Cellar/pcre2/10.38/lib/libpcre2-posix.3.dylib
There was a problem hiding this comment.
The output of
otool -hVincludesTWOLEVELif the library was linked normally (without-flat_namespace). Maybe that could be useful. https://stackoverflow.com/q/2553530
This is really useful, and makes this easy to check with an audit. Not sure checking for a two-level namespace is implemented in (This is false; I found it.)ruby-macho (maybe I just don't understand the API), but doing so seems to just be a matter of implementing some getters.
There was a problem hiding this comment.
In the Catalina bottle:
❯ otool -hV gmp/6.2.1_1/lib/libgmp.10.dylib
gmp/6.2.1_1/lib/libgmp.10.dylib:
Mach header
magic cputype cpusubtype caps filetype ncmds sizeofcmds flags
MH_MAGIC_64 X86_64 ALL 0x00 DYLIB 14 1632 NOUNDEFS DYLDLINK TWOLEVEL NO_REEXPORTED_DYLIBS
In the Big Sur bottle:
❯ otool -hV gmp/6.2.1_1/lib/libgmp.10.dylib
gmp/6.2.1_1/lib/libgmp.10.dylib:
Mach header
magic cputype cpusubtype caps filetype ncmds sizeofcmds flags
MH_MAGIC_64 X86_64 ALL 0x00 DYLIB 14 1624 DYLDLINK NO_REEXPORTED_DYLIBS
Looks like this bug is pretty common.
There was a problem hiding this comment.
Implementing an audit. Will open a PR after lunch.
There are at least five instances where a formula has libraries compiled with `-flat_namespace` due to a bug in detecting the macOS version (cf. Homebrew/homebrew-core#87103, Homebrew/homebrew-core#85974, Homebrew/homebrew-core#85973). I think it makes sense to check for this more generally. It is sometimes intentional, so I've added a check for an allowlist for those instances. Running this on the current `util-linux` bottle produces ❯ brew audit --strict util-linux util-linux: * Libraries were compiled with a flat namespace. This can cause linker errors due to name collisions, and is often due to a bug in detecting the macOS version. /usr/local/Cellar/util-linux/2.37.2/lib/libblkid.1.dylib /usr/local/Cellar/util-linux/2.37.2/lib/libfdisk.1.dylib /usr/local/Cellar/util-linux/2.37.2/lib/libsmartcols.1.dylib /usr/local/Cellar/util-linux/2.37.2/lib/libuuid.1.dylib Error: 1 problem in 1 formula detected Some things that still need to be done here: - fix this check for universal binaries - check if we want to restrict this audit check to newer versions of macOS - fix false positives (try `brew audit --strict llvm` and compare the output of `otool -hV` on the identified files) While we're here, let's fix the formatting of the output of these other audits (cf. Homebrew#12217).
|
Has this patch been upstreamed yet? |
If you refer to https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=c9cebf3d1824d6ec90fd864a744bb81c97ac7d31 The libgcrypt maintainers are waiting to see if there's any incompatibility. If no issues occur they are planning to port these changes to other libraries (e.g. libassuan). |
|
For util-linux, I opened util-linux/util-linux#1468 instead of a pull request because |
|
Can't we just run autogen ourselves then? That seems to be easier than maintaining a bunch of patches. |
It also means carrying around a dependency that's likely to stick around long after they're needed. A patch is less likely to stick around when unnecessary (usually because it fails to apply). If we do this we should add lots of comments saying why we need the extra deps and when they can be removed. |
Co-authored-by: Carlo Cabrera <30379873+carlocab@users.noreply.github.com>
carlocab
added
CI-linux-self-hosted
There was a problem hiding this comment.
Switched this to use a generic patch. Thanks, @FnControlOption!
|
Linux errors are unrelated. Merging. |
brew install --build-from-source <formula>, where<formula>is the name of the formula you're submitting?brew test <formula>, where<formula>is the name of the formula you're submitting?brew audit --strict <formula>(after doingbrew install --build-from-source <formula>)? If this is a new formula, does it passbrew audit --new <formula>?Upstream issue: util-linux/util-linux#1468