Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP] Build nixpkgs with gcc 8 by default #53760

Merged
merged 64 commits into from Feb 7, 2019

Conversation

@fpletz
Copy link
Member

commented Jan 10, 2019

This PR bumps gcc used in stdenv to version 8. The main motivation for this is the ability to add -fstack-clash-protection to our default hardening flags (#53753). This will be done in a separate PR.

I anticipate quite a few of broken packages because there are some new checks, i.e. for array bounds and format truncation.

There is also an old gcc8 branch which I noticed just now thanks to @Synthetica9. I'll cherry-pick changes from there.

Hydra Job: https://hydra.nixos.org/jobset/nixpkgs/gcc8
Newly failing builds with gcc8: https://hydra.nixos.org/eval/1500732?compare=staging-next

Current state: Most packages seem to build. clang segfaults currently. gcc fails on Darwin.

@fpletz fpletz added this to the 19.03 milestone Jan 10, 2019

@nixos-discourse

This comment was marked as off-topic.

Copy link

commented Jan 10, 2019

This pull request has been mentioned on Nix community. There might be relevant details there:

https://discourse.nixos.org/t/userland-hardening-with-gcc-fstack-clash-protection/1854/2

@edolstra

This comment has been minimized.

Copy link
Member

commented Jan 11, 2019

I see 172 commits, maybe you need to rebase this?

@vcunat

This comment has been minimized.

Copy link
Member

commented Jan 11, 2019

I believe it's mainly because it got master commits that are missing from staging at this point.

globin and others added 5 commits Jan 15, 2019

@fpletz fpletz force-pushed the gcc-8 branch from 90bf1e1 to d268433 Jan 17, 2019

@fpletz

This comment has been minimized.

Copy link
Member Author

commented Jan 17, 2019

I've rebased this branch onto staging-next because there are some python packages failing on staging that prevent us to check for gcc8 build failures for lots of packages.

fpletz added 9 commits Jan 17, 2019

@matthewbauer matthewbauer modified the milestones: 19.03, 19.09 Feb 6, 2019

@matthewbauer

This comment has been minimized.

Copy link
Member

commented Feb 6, 2019

Let's aim for this right after the 19.03 branch off. We still have quite a few things in staging that I am wanting to prioritize.

@matthewbauer matthewbauer reopened this Feb 6, 2019

@matthewbauer

This comment has been minimized.

Copy link
Member

commented Feb 6, 2019

Sorry didn't mean to close it!

@matthewbauer matthewbauer merged commit f959c99 into staging Feb 7, 2019

9 of 10 checks passed

grahamcofborg-eval Failed to merge
Details
grahamcofborg-eval-check-maintainers matching changed paths to changed attrs...
Details
grahamcofborg-eval-check-meta config.nix: checkMeta = true
Details
grahamcofborg-eval-nixos-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A manual
Details
grahamcofborg-eval-nixos-options nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A options
Details
grahamcofborg-eval-nixpkgs-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A manual
Details
grahamcofborg-eval-nixpkgs-tarball nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A tarball
Details
grahamcofborg-eval-nixpkgs-unstable-jobset nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A unstable
Details
grahamcofborg-eval-package-list nix-env -qa --json --file .
Details
grahamcofborg-eval-package-list-no-aliases nix-env -qa --json --file . --arg config { allowAliases = false; }
Details

@vcunat vcunat deleted the gcc-8 branch Feb 9, 2019

@vcunat

This comment has been minimized.

Copy link
Member

commented Jun 14, 2019

Why the hell was f959c99 detected as merged to staging? It certainly doesn't seem reachable ATM.

@vcunat vcunat restored the gcc-8 branch Jun 14, 2019

@vcunat

This comment has been minimized.

Copy link
Member

commented Jun 14, 2019

Well, GitHub still thinks it's merged and thus won't let me reopen in-place. Instead I opened #63132 so we don't lose the work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.