commit 4eae6fe151b794c6679993768ea07d61656896fe · pyrox.dev/nixpkgs

nixos/doc/manual/release-notes/rl-2311.section.md

···

       26
       26
        
         - `root` and `wheel` are not given the ability to set (or preserve)

     

       27
       27
        
           arbitrary environment variables.

     

       28
       28
        
       

     

       29
       29
       +
       - [glibc](https://www.gnu.org/software/libc/) has been updated from version 2.37 to 2.38, see [the release notes](https://sourceware.org/glibc/wiki/Release/2.38) for what was changed.

     

       30
       30
       +
       

     

       29
       31
        
       [`sudo-rs`]: https://github.com/memorysafety/sudo-rs/

     

       30
       32
        
       

     

       31
       33
        
       ## New Services {#sec-release-23.11-new-services}

pkgs/applications/audio/mamba/default.nix

···

       37
       37
        
           license = licenses.bsd0;

     

       38
       38
        
           maintainers = with maintainers; [ magnetophon orivej ];

     

       39
       39
        
           platforms = platforms.linux;

     

       40
       40
       +
           # 2023-08-19, `-Werror=format-security` fails for xputty

     

       41
       41
       +
           # reported as https://github.com/brummer10/libxputty/issues/12

     

       42
       42
       +
           broken = true;

     

       40
       43
        
         };

     

       41
       44
        
       }

pkgs/applications/radio/direwolf/default.nix

···

       14
       14
        
           sha256 = "0xmz64m02knbrpasfij4rrq53ksxna5idxwgabcw4n2b1ig7pyx5";

     

       15
       15
        
         };

     

       16
       16
        
       

     

       17
       17
       +
         patches = [ ./fix-strlcpy-usage.patch ];

     

       18
       18
       +
       

     

       17
       19
        
         nativeBuildInputs = [ cmake ];

     

       18
       20
        
       

     

       19
       21
        
         strictDeps = true;

+89

pkgs/applications/radio/direwolf/fix-strlcpy-usage.patch

···

       1
       1
       +
       strlcpy is now part of glibc, so there's absolutely no reason for a custom implementation, especially

     

       2
       2
       +
       one with printf debugging. Hence, removing all of that.

     

       3
       3
       +
       

     

       4
       4
       +
       See also https://hydra.nixos.org/build/230546596

     

       5
       5
       +
       See glibc commit 454a20c8756c9c1d55419153255fc7692b3d2199

     

       6
       6
       +
       

     

       7
       7
       +
       diff --git a/external/misc/strlcpy.c b/external/misc/strlcpy.c

     

       8
       8
       +
       index ff18800..b1cb443 100644

     

       9
       9
       +
       --- a/external/misc/strlcpy.c

     

       10
       10
       +
       +++ b/external/misc/strlcpy.c

     

       11
       11
       +
       @@ -56,65 +56,3 @@

     

       12
       12
       +
        

     

       13
       13
       +
        #include "textcolor.h"

     

       14
       14
       +
        

     

       15
       15
       +
       -/*

     

       16
       16
       +
       - * Copy src to string dst of size siz.  At most siz-1 characters

     

       17
       17
       +
       - * will be copied.  Always NUL terminates (unless siz == 0).

     

       18
       18
       +
       - * Returns strlen(src); if retval >= siz, truncation occurred.

     

       19
       19
       +
       - */

     

       20
       20
       +
       -

     

       21
       21
       +
       -#if DEBUG_STRL

     

       22
       22
       +
       -size_t strlcpy_debug(char *__restrict__ dst, const char *__restrict__ src, size_t siz, const char *file, const char *func, int line)

     

       23
       23
       +
       -#else

     

       24
       24
       +
       -size_t strlcpy_debug(char *__restrict__ dst, const char *__restrict__ src, size_t siz)

     

       25
       25
       +
       -#endif

     

       26
       26
       +
       -{

     

       27
       27
       +
       -	char *d = dst;

     

       28
       28
       +
       -	const char *s = src;

     

       29
       29
       +
       -	size_t n = siz;

     

       30
       30
       +
       -	size_t retval;

     

       31
       31
       +
       -

     

       32
       32
       +
       -#if DEBUG_STRL

     

       33
       33
       +
       -	if (dst == NULL) {

     

       34
       34
       +
       -		text_color_set (DW_COLOR_ERROR);

     

       35
       35
       +
       -		dw_printf ("ERROR: strlcpy dst is NULL.  (%s %s %d)\n", file, func, line);

     

       36
       36
       +
       -		return (0);

     

       37
       37
       +
       -	}

     

       38
       38
       +
       -	if (src == NULL) {

     

       39
       39
       +
       -		text_color_set (DW_COLOR_ERROR);

     

       40
       40
       +
       -		dw_printf ("ERROR: strlcpy src is NULL.  (%s %s %d)\n", file, func, line);

     

       41
       41
       +
       -		return (0);

     

       42
       42
       +
       -	}

     

       43
       43
       +
       -	if (siz == 1 || siz == 4) {

     

       44
       44
       +
       -		text_color_set (DW_COLOR_ERROR);

     

       45
       45
       +
       -		dw_printf ("Suspicious strlcpy siz.  Is it using sizeof a pointer variable?  (%s %s %d)\n", file, func, line);

     

       46
       46
       +
       -	}

     

       47
       47
       +
       -#endif

     

       48
       48
       +
       -

     

       49
       49
       +
       -	/* Copy as many bytes as will fit */

     

       50
       50
       +
       -	if (n != 0 && --n != 0) {

     

       51
       51
       +
       -		do {

     

       52
       52
       +
       -			if ((*d++ = *s++) == 0)

     

       53
       53
       +
       -				break;

     

       54
       54
       +
       -		} while (--n != 0);

     

       55
       55
       +
       -	}

     

       56
       56
       +
       -

     

       57
       57
       +
       -	/* Not enough room in dst, add NUL and traverse rest of src */

     

       58
       58
       +
       -	if (n == 0) {

     

       59
       59
       +
       -		if (siz != 0)

     

       60
       60
       +
       -			*d = '\0';		/* NUL-terminate dst */

     

       61
       61
       +
       -		while (*s++)

     

       62
       62
       +
       -			;

     

       63
       63
       +
       -	}

     

       64
       64
       +
       -

     

       65
       65
       +
       -	retval = s - src - 1;	/* count does not include NUL */

     

       66
       66
       +
       -

     

       67
       67
       +
       -#if DEBUG_STRL

     

       68
       68
       +
       -	if (retval >= siz) {

     

       69
       69
       +
       -		text_color_set (DW_COLOR_ERROR);

     

       70
       70
       +
       -		dw_printf ("WARNING: strlcpy result length %d exceeds maximum length %d.  (%s %s %d)\n",

     

       71
       71
       +
       -				(int)retval, (int)(siz-1), file, func, line);

     

       72
       72
       +
       -	}

     

       73
       73
       +
       -#endif

     

       74
       74
       +
       -	return (retval);

     

       75
       75
       +
       -}

     

       76
       76
       +
       -

     

       77
       77
       +
       diff --git a/src/direwolf.h b/src/direwolf.h

     

       78
       78
       +
       index efc329b..22eb748 100644

     

       79
       79
       +
       --- a/src/direwolf.h

     

       80
       80
       +
       +++ b/src/direwolf.h

     

       81
       81
       +
       @@ -294,7 +294,7 @@ char *strcasestr(const char *S, const char *FIND);

     

       82
       82
       +
        #define HAVE_STRLCPY 1

     

       83
       83
       +
        

     

       84
       84
       +
        

     

       85
       85
       +
       -#define DEBUG_STRL 1

     

       86
       86
       +
       +#define DEBUG_STRL 0

     

       87
       87
       +
        

     

       88
       88
       +
        #if DEBUG_STRL

     

       89
       89
       +

+13

pkgs/applications/science/misc/root/default.nix

···

       2
       2
        
       , lib

     

       3
       3
        
       , callPackage

     

       4
       4
        
       , fetchurl

     

       5
       5
       +
       , fetchpatch

     

       5
       6
        
       , makeWrapper

     

       6
       7
        
       , cmake

     

       7
       8
        
       , coreutils

     
···

       109
       110
        
       

     

       110
       111
        
         patches = [

     

       111
       112
        
           ./sw_vers.patch

     

       113
       113
       +
           # glibc >=2.38 already has strlcat implemented.

     

       114
       114
       +
           # merged upstream, remove on next package bump.

     

       115
       115
       +
           (fetchpatch {

     

       116
       116
       +
             url = "https://github.com/root-project/root/commit/8fb0e35446ed67c9d56639b4708c8f05459b7f84.patch";

     

       117
       117
       +
             hash = "sha256-7EabmYanqlQsYSQsi+S9eWs1v1pY6MncopL420Y3D4w=";

     

       118
       118
       +
           })

     

       119
       119
       +
         ] ++ lib.optionals (python.pkgs.pythonAtLeast "3.11") [

     

       120
       120
       +
           # Fix build against Python 3.11

     

       121
       121
       +
           (fetchpatch {

     

       122
       122
       +
             url = "https://github.com/root-project/root/commit/484deb056dacf768aba4954073b41105c431bffc.patch";

     

       123
       123
       +
             hash = "sha256-4qur2e3SxMIPgOg4IjlvuULR2BObuP7xdvs+LmNT2/s=";

     

       124
       124
       +
           })

     

       112
       125
        
         ];

     

       113
       126
        
       

     

       114
       127
        
         preConfigure = ''

pkgs/applications/virtualization/kvmtool/default.nix

···

       10
       10
        
           sha256 = "sha256-wpc5DfHnui0lBVH4uOq6a7pXVUZStjNLRvauu6QpRvE=";

     

       11
       11
        
         };

     

       12
       12
        
       

     

       13
       13
       +
         patches = [ ./strlcpy-glibc-2.38-fix.patch ];

     

       14
       14
       +
       

     

       13
       15
        
         buildInputs = lib.optionals stdenv.hostPlatform.isAarch64 [ dtc ];

     

       14
       16
        
       

     

       15
       17
        
         enableParallelBuilding = true;

+25

pkgs/applications/virtualization/kvmtool/strlcpy-glibc-2.38-fix.patch

···

       1
       1
       +
       Manually tell the compiler that strlcpy exists. The `try-build` function seems

     

       2
       2
       +
       somewhat broken, i.e. any code that I try to pass to it doesn't link because of an

     

       3
       3
       +
       "undefined reference to main" error (and some more quoting issues with newlines being

     

       4
       4
       +
       swalloed).

     

       5
       5
       +
       

     

       6
       6
       +
       Because both musl and glibc seemt o support strlcpy nowadays, I decided to just skip the

     

       7
       7
       +
       possibly broken feature-check and hardcode that it exists.

     

       8
       8
       +
       

     

       9
       9
       +
       diff --git a/Makefile b/Makefile

     

       10
       10
       +
       index ed2414b..37be9cd 100644

     

       11
       11
       +
       --- a/Makefile

     

       12
       12
       +
       +++ b/Makefile

     

       13
       13
       +
       @@ -239,10 +239,8 @@ endif

     

       14
       14
       +
        # On a given system, some libs may link statically, some may not; so, check

     

       15
       15
       +
        # both and only build those that link!

     

       16
       16
       +
        

     

       17
       17
       +
       -ifeq ($(call try-build,$(SOURCE_STRLCPY),$(CFLAGS),$(LDFLAGS)),y)

     

       18
       18
       +
       -	CFLAGS_DYNOPT	+= -DHAVE_STRLCPY

     

       19
       19
       +
       -	CFLAGS_STATOPT	+= -DHAVE_STRLCPY

     

       20
       20
       +
       -endif

     

       21
       21
       +
       +CFLAGS_DYNOPT	+= -DHAVE_STRLCPY

     

       22
       22
       +
       +CFLAGS_STATOPT	+= -DHAVE_STRLCPY

     

       23
       23
       +
        

     

       24
       24
       +
        ifeq ($(call try-build,$(SOURCE_BFD),$(CFLAGS),$(LDFLAGS) -lbfd -static),y)

     

       25
       25
       +
        	CFLAGS_STATOPT	+= -DCONFIG_HAS_BFD

+10

pkgs/development/compilers/swift/foundation/default.nix

···

       5
       5
        
       

     

       6
       6
        
       { lib

     

       7
       7
        
       , stdenv

     

       8
       8
       +
       , fetchpatch

     

       8
       9
        
       , callPackage

     

       9
       10
        
       , cmake

     

       10
       11
        
       , ninja

     
···

       22
       23
        
       

     

       23
       24
        
         inherit (sources) version;

     

       24
       25
        
         src = sources.swift-corelibs-foundation;

     

       26
       26
       +
       

     

       27
       27
       +
         patches = [

     

       28
       28
       +
           # from https://github.com/apple/swift-corelibs-foundation/pull/4811

     

       29
       29
       +
           # fix build with glibc >=2.38

     

       30
       30
       +
           (fetchpatch {

     

       31
       31
       +
             url = "https://github.com/apple/swift-corelibs-foundation/commit/47260803a108c6e0d639adcebeed3ac6a76e8bcd.patch";

     

       32
       32
       +
             hash = "sha256-1JUSQW86IHKkBZqxvpk0P8zcSKntzOTNlMoGBfgeT4c=";

     

       33
       33
       +
           })

     

       34
       34
       +
         ];

     

       25
       35
        
       

     

       26
       36
        
         outputs = [ "out" "dev" ];

     

       27
       37

pkgs/development/libraries/glibc/2.37-master.patch.gz

This is a binary file and will not be displayed.

pkgs/development/libraries/glibc/2.38-master.patch.gz

This is a binary file and will not be displayed.

+14 -12

pkgs/development/libraries/glibc/common.nix

···

       43
       43
        
       } @ args:

     

       44
       44
        
       

     

       45
       45
        
       let

     

       46
       46
       -
         version = "2.37";

     

       47
       47
       -
         patchSuffix = "-39";

     

       48
       48
       -
         sha256 = "sha256-Ilfv8RGhgV109GhW2q9AsBnB5VMVbGnUi6DL/Bu5GkM=";

     

       46
       46
       +
         version = "2.38";

     

       47
       47
       +
         patchSuffix = "-23";

     

       48
       48
       +
         sha256 = "sha256-+4KZiZiyspllRnvBtp0VLpwwfSzzAcnq+0VVt3DvP9I=";

     

       49
       49
        
       in

     

       50
       50
        
       

     

       51
       51
        
       assert withLinuxHeaders -> linuxHeaders != null;

     
···

       59
       59
        
         patches =

     

       60
       60
        
           [

     

       61
       61
        
             /* No tarballs for stable upstream branch, only https://sourceware.org/git/glibc.git and using git would complicate bootstrapping.

     

       62
       62
       -
                 $ git fetch --all -p && git checkout origin/release/2.37/master && git describe

     

       63
       63
       -
                 glibc-2.37-39-g6529a7466c

     

       64
       64
       -
                 $ git show --minimal --reverse glibc-2.37.. | gzip -9n --rsyncable - > 2.37-master.patch.gz

     

       62
       62
       +
                 $ git fetch --all -p && git checkout origin/release/2.38/master && git describe

     

       63
       63
       +
                 glibc-2.38-23-g0e1ef6779a

     

       64
       64
       +
                 $ git show --minimal --reverse glibc-2.38.. | gzip -9n --rsyncable - > 2.38-master.patch.gz

     

       65
       65
        
       

     

       66
       66
        
                To compare the archive contents zdiff can be used.

     

       67
       67
       -
                 $ zdiff -u 2.37-master.patch.gz ../nixpkgs/pkgs/development/libraries/glibc/2.37-master.patch.gz

     

       67
       67
       +
                 $ zdiff -u 2.38-master.patch.gz ../nixpkgs/pkgs/development/libraries/glibc/2.38-master.patch.gz

     

       68
       68
        
              */

     

       69
       69
       -
             ./2.37-master.patch.gz

     

       69
       69
       +
             ./2.38-master.patch.gz

     

       70
       70
        
       

     

       71
       71
        
             /* Allow NixOS and Nix to handle the locale-archive. */

     

       72
       72
        
             ./nix-locale-archive.patch

     
···

       89
       89
        
       

     

       90
       90
        
             ./0001-Revert-Remove-all-usage-of-BASH-or-BASH-in-installed.patch

     

       91
       91
        
       

     

       92
       92
       -
             /* Patch derived from archlinux (at the time of adding they're at 2.37),

     

       93
       93
       -
                https://github.com/archlinux/svntogit-packages/blob/packages/glibc/trunk/reenable_DT_HASH.patch

     

       92
       92
       +
             /* Patch derived from archlinux,

     

       93
       93
       +
                https://gitlab.archlinux.org/archlinux/packaging/packages/glibc/-/blob/e54d98e2d1aae4930ecad9404ef12234922d9dfd/reenable_DT_HASH.patch

     

       94
       94
        
       

     

       95
       95
       -
               See https://github.com/NixOS/nixpkgs/pull/188492#issuecomment-1233802991 for context.

     

       95
       95
       +
                See also https://github.com/ValveSoftware/Proton/issues/6051

     

       96
       96
       +
                & https://github.com/NixOS/nixpkgs/pull/188492#issuecomment-1233802991

     

       96
       97
        
             */

     

       97
       98
        
             ./reenable_DT_HASH.patch

     

       98
       99
        
           ]

     
···

       135
       136
        
             "--enable-bind-now"

     

       136
       137
        
             (lib.withFeatureAs withLinuxHeaders "headers" "${linuxHeaders}/include")

     

       137
       138
        
             (lib.enableFeature profilingLibraries "profile")

     

       139
       139
       +
             "--enable-fortify-source"

     

       138
       140
        
           ] ++ lib.optionals (stdenv.hostPlatform.isx86 || stdenv.hostPlatform.isAarch64) [

     

       139
       141
        
             # This feature is currently supported on

     

       140
       142
        
             # i386, x86_64 and x32 with binutils 2.29 or later,

     
···

       159
       161
        
             "libc_cv_as_needed=no"

     

       160
       162
        
           ]

     

       161
       163
        
           ++ lib.optional withGd "--with-gd"

     

       162
       162
       -
           ++ lib.optional (!withLibcrypt) "--disable-crypt";

     

       164
       164
       +
           ++ lib.optional withLibcrypt "--enable-crypt";

     

       163
       165
        
       

     

       164
       166
        
         makeFlags = (args.makeFlags or []) ++ [

     

       165
       167
        
           "OBJCOPY=${stdenv.cc.targetPrefix}objcopy"

+16 -133

pkgs/development/libraries/glibc/reenable_DT_HASH.patch

···

       1
       1
       -
       From e47de5cb2d4dbecb58f569ed241e8e95c568f03c Mon Sep 17 00:00:00 2001

     

       2
       2
       -
       From: Florian Weimer <fweimer@redhat.com>

     

       3
       3
       -
       Date: Fri, 29 Apr 2022 16:37:51 +0200

     

       4
       4
       -
       Subject: [PATCH] Do not use --hash-style=both for building glibc shared

     

       5
       5
       -
        objects

     

       1
       1
       +
       From 31915e55f9c34f6137ab1c5ac002375a2d5d4589 Mon Sep 17 00:00:00 2001

     

       2
       2
       +
       From: Frederik Schwan <frederik.schwan@linux.com>

     

       3
       3
       +
       Date: Fri, 4 Aug 2023 15:19:57 +0200

     

       4
       4
       +
       Subject: [PATCH] force --hash-style=both to keep compatibility with old niche

     

       5
       5
       +
        software

     

       6
       6
        
       

     

       7
       7
       -
       The comment indicates that --hash-style=both was used to maintain

     

       8
       8
       -
       compatibility with static dlopen, but we had many internal ABI

     

       9
       9
       -
       changes since then, so this compatiblity does not add value anymore.

     

       10
       10
       -
       

     

       11
       11
       -
       Reviewed-by: Carlos O'Donell <carlos@redhat.com>

     

       12
       7
        
       ---

     

       13
       13
       -
        Makeconfig     |  9 +++++++++

     

       14
       14
       -
        Makerules      |  7 +++++++

     

       15
       15
       -
        config.make.in |  1 +

     

       16
       16
       -
        configure      | 28 ++++++++++++++++++++++++++++

     

       17
       17
       -
        configure.ac   | 16 ++++++++++++++++

     

       18
       18
       -
        5 files changed, 61 insertions(+)

     

       8
       8
       +
        Makeconfig | 4 ++++

     

       9
       9
       +
        1 file changed, 4 insertions(+)

     

       19
       10
        
       

     

       20
       20
       -
       diff --git b/Makeconfig a/Makeconfig

     

       21
       21
       -
       index 760f14e92f..0aa5fb0099 100644

     

       22
       22
       -
       --- b/Makeconfig

     

       23
       23
       -
       +++ a/Makeconfig

     

       24
       24
       -
       @@ -362,6 +362,15 @@ relro-LDFLAGS = -Wl,-z,relro

     

       11
       11
       +
       diff --git a/Makeconfig b/Makeconfig

     

       12
       12
       +
       index 77d7fd14df..2ae67c4beb 100644

     

       13
       13
       +
       --- a/Makeconfig

     

       14
       14
       +
       +++ b/Makeconfig

     

       15
       15
       +
       @@ -378,6 +378,10 @@ relro-LDFLAGS = -Wl,-z,relro

     

       25
       16
        
        LDFLAGS.so += $(relro-LDFLAGS)

     

       26
       17
        
        LDFLAGS-rtld += $(relro-LDFLAGS)

     

       27
       18
        
        

     

       28
       28
       -
       +ifeq (yes,$(have-hash-style))

     

       29
       29
       -
       +# For the time being we unconditionally use 'both'.  At some time we

     

       30
       30
       -
       +# should declare statically linked code as 'out of luck' and compile

     

       31
       31
       -
       +# with --hash-style=gnu only.

     

       32
       19
        
       +hashstyle-LDFLAGS = -Wl,--hash-style=both

     

       33
       20
        
       +LDFLAGS.so += $(hashstyle-LDFLAGS)

     

       34
       21
        
       +LDFLAGS-rtld += $(hashstyle-LDFLAGS)

     

       35
       35
       -
       +endif

     

       36
       22
        
       +

     

       37
       37
       -
        ifeq (no,$(build-pie-default))

     

       38
       38
       -
        pie-default = $(no-pie-ccflag)

     

       39
       39
       -
        else # build-pie-default

     

       40
       40
       -
       diff --git b/Makerules a/Makerules

     

       41
       41
       -
       index 354528b8c7..428464f092 100644

     

       42
       42
       -
       --- b/Makerules

     

       43
       43
       -
       +++ a/Makerules

     

       44
       44
       -
       @@ -557,6 +557,13 @@ $(common-objpfx)shlib.lds: $(common-objpfx)config.make $(..)Makerules

     

       45
       45
       -
        		  -Wl,--verbose 2>/dev/null | \

     

       46
       46
       -
        	  sed > $@T \

     

       47
       47
       -
        	      -e '/^=========/,/^=========/!d;/^=========/d' \

     

       48
       48
       -
       +	      $(if $(filter yes,$(have-hash-style)), \

     

       49
       49
       -
       +		   -e 's/^.*\.gnu\.hash[ 	]*:.*$$/  .note.ABI-tag : { *(.note.ABI-tag) } &/' \

     

       50
       50
       -
       +		   -e '/^[ 	]*\.hash[ 	]*:.*$$/{h;d;}' \

     

       51
       51
       -
       +		   -e '/DATA_SEGMENT_ALIGN/{H;g}' \

     

       52
       52
       -
       +		, \

     

       53
       53
       -
       +		   -e 's/^.*\.hash[ 	]*:.*$$/  .note.ABI-tag : { *(.note.ABI-tag) } &/' \

     

       54
       54
       -
       +	       ) \

     

       55
       55
       -
        	      -e 's/^.*\*(\.dynbss).*$$/& \

     

       56
       56
       -
        		 PROVIDE(__start___libc_freeres_ptrs = .); \

     

       57
       57
       -
        		 *(__libc_freeres_ptrs) \

     

       58
       58
       -
       diff --git b/config.make.in a/config.make.in

     

       59
       59
       -
       index fff4c78dd0..bf728c71c0 100644

     

       60
       60
       -
       --- b/config.make.in

     

       61
       61
       -
       +++ a/config.make.in

     

       62
       62
       -
       @@ -70,6 +70,7 @@ have-libcap = @have_libcap@

     

       63
       63
       -
        have-cc-with-libunwind = @libc_cv_cc_with_libunwind@

     

       64
       64
       -
        fno-unit-at-a-time = @fno_unit_at_a_time@

     

       65
       65
       -
        bind-now = @bindnow@

     

       66
       66
       -
       +have-hash-style = @libc_cv_hashstyle@

     

       67
       67
       -
        use-default-link = @use_default_link@

     

       68
       68
       -
        have-cxx-thread_local = @libc_cv_cxx_thread_local@

     

       69
       69
       -
        have-loop-to-function = @libc_cv_cc_loop_to_function@

     

       70
       70
       -
       diff --git b/configure a/configure

     

       71
       71
       -
       index 716dc041b6..5a730dc5fc 100755

     

       72
       72
       -
       --- b/configure

     

       73
       73
       -
       +++ a/configure

     

       74
       74
       -
       @@ -622,6 +622,7 @@ libc_cv_cc_nofma

     

       75
       75
       -
        libc_cv_mtls_dialect_gnu2

     

       76
       76
       -
        fno_unit_at_a_time

     

       77
       77
       -
        libc_cv_has_glob_dat

     

       78
       78
       -
       +libc_cv_hashstyle

     

       79
       79
       -
        libc_cv_fpie

     

       80
       80
       -
        libc_cv_z_execstack

     

       81
       81
       -
        ASFLAGS_config

     

       82
       82
       -
       @@ -6193,6 +6194,33 @@ $as_echo "$libc_cv_fpie" >&6; }

     

       83
       83
       -
        

     

       84
       84
       -
        

     

       85
       85
       -
        

     

       86
       86
       -
       +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for --hash-style option" >&5

     

       87
       87
       -
       +$as_echo_n "checking for --hash-style option... " >&6; }

     

       88
       88
       -
       +if ${libc_cv_hashstyle+:} false; then :

     

       89
       89
       -
       +  $as_echo_n "(cached) " >&6

     

       90
       90
       -
       +else

     

       91
       91
       -
       +  cat > conftest.c <<EOF

     

       92
       92
       -
       +int _start (void) { return 42; }

     

       93
       93
       -
       +EOF

     

       94
       94
       -
       +if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS $no_ssp

     

       95
       95
       -
       +			    -fPIC -shared -o conftest.so conftest.c

     

       96
       96
       -
       +			    -Wl,--hash-style=both -nostdlib 1>&5'

     

       97
       97
       -
       +  { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5

     

       98
       98
       -
       +  (eval $ac_try) 2>&5

     

       99
       99
       -
       +  ac_status=$?

     

       100
       100
       -
       +  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5

     

       101
       101
       -
       +  test $ac_status = 0; }; }

     

       102
       102
       -
       +then

     

       103
       103
       -
       +  libc_cv_hashstyle=yes

     

       104
       104
       -
       +else

     

       105
       105
       -
       +  libc_cv_hashstyle=no

     

       106
       106
       -
       +fi

     

       107
       107
       -
       +rm -f conftest*

     

       108
       108
       -
       +fi

     

       109
       109
       -
       +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $libc_cv_hashstyle" >&5

     

       110
       110
       -
       +$as_echo "$libc_cv_hashstyle" >&6; }

     

       111
       111
       -
       +

     

       112
       112
       -
       +

     

       113
       113
       -
        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GLOB_DAT reloc" >&5

     

       114
       114
       -
        $as_echo_n "checking for GLOB_DAT reloc... " >&6; }

     

       115
       115
       -
        if ${libc_cv_has_glob_dat+:} false; then :

     

       116
       116
       -
       diff --git b/configure.ac a/configure.ac

     

       117
       117
       -
       index d08ad4d64e..a045f6608e 100644

     

       118
       118
       -
       --- b/configure.ac

     

       119
       119
       -
       +++ a/configure.ac

     

       120
       120
       -
       @@ -1360,6 +1360,22 @@ LIBC_TRY_CC_OPTION([-fpie], [libc_cv_fpie=yes], [libc_cv_fpie=no])

     

       121
       121
       -
        

     

       122
       122
       -
        AC_SUBST(libc_cv_fpie)

     

       123
       123
       -
        

     

       124
       124
       -
       +AC_CACHE_CHECK(for --hash-style option,

     

       125
       125
       -
       +	       libc_cv_hashstyle, [dnl

     

       126
       126
       -
       +cat > conftest.c <<EOF

     

       127
       127
       -
       +int _start (void) { return 42; }

     

       128
       128
       -
       +EOF

     

       129
       129
       -
       +if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS $no_ssp

     

       130
       130
       -
       +			    -fPIC -shared -o conftest.so conftest.c

     

       131
       131
       -
       +			    -Wl,--hash-style=both -nostdlib 1>&AS_MESSAGE_LOG_FD])

     

       132
       132
       -
       +then

     

       133
       133
       -
       +  libc_cv_hashstyle=yes

     

       134
       134
       -
       +else

     

       135
       135
       -
       +  libc_cv_hashstyle=no

     

       136
       136
       -
       +fi

     

       137
       137
       -
       +rm -f conftest*])

     

       138
       138
       -
       +AC_SUBST(libc_cv_hashstyle)

     

       139
       139
       -
       +

     

       140
       140
       -
        AC_CACHE_CHECK(for GLOB_DAT reloc,

     

       141
       141
       -
        	       libc_cv_has_glob_dat, [dnl

     

       142
       142
       -
        cat > conftest.c <<EOF

     

       23
       23
       +
        # Linker options to enable and disable DT_RELR.

     

       24
       24
       +
        ifeq ($(have-dt-relr),yes)

     

       25
       25
       +
        dt-relr-ldflag = -Wl,-z,pack-relative-relocs

     

       143
       26
        
       -- 

     

       144
       144
       -
       2.37.1

     

       27
       27
       +
       2.41.0

     

       145
       28

pkgs/development/libraries/libredwg/default.nix

···

       34
       34
        
         in ''

     

       35
       35
        
           # avoid git dependency

     

       36
       36
        
           cp ${printVersion} build-aux/git-version-gen

     

       37
       37
       +
           # failing to build otherwise since glibc-2.38

     

       38
       38
       +
           sed '1i#include <string.h>' -i programs/dwg2SVG.c

     

       37
       39
        
         '';

     

       38
       40
        
       

     

       39
       41
        
         preConfigure = lib.optionalString (stdenv.isDarwin && enablePython) ''

pkgs/development/libraries/rapidjson/default.nix

···

       29
       29
        
             url = "https://git.alpinelinux.org/aports/plain/community/rapidjson/do-not-include-gtest-src-dir.patch?id=9e5eefc7a5fcf5938a8dc8a3be8c75e9e6809909";

     

       30
       30
        
             hash = "sha256-BjSZEwfCXA/9V+kxQ/2JPWbc26jQn35CfN8+8NW24s4=";

     

       31
       31
        
           })

     

       32
       32
       +
           # One of these three tests reports memcpy overlap after update to glibc-2.38

     

       33
       33
       +
           ./test-skip-valgrind.diff

     

       32
       34
        
         ];

     

       33
       35
        
       

     

       34
       36
        
         postPatch = ''

pkgs/development/libraries/rapidjson/test-skip-valgrind.diff

···

       1
       1
       +
       --- a/test/unittest/CMakeLists.txt

     

       2
       2
       +
       +++ b/test/unittest/CMakeLists.txt

     

       3
       3
       +
       @@ -82,3 +81,0 @@

     

       4
       4
       +
       -    add_test(NAME valgrind_unittest

     

       5
       5
       +
       -        COMMAND valgrind --leak-check=full --error-exitcode=1 ${CMAKE_RUNTIME_OUTPUT_DIRECTORY}/unittest --gtest_filter=-SIMD.*

     

       6
       6
       +
       -        WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/bin)

     

       7
       7
       +

+2 -1

pkgs/servers/brickd/default.nix

···

       30
       30
        
         '';

     

       31
       31
        
       

     

       32
       32
        
         buildPhase = ''

     

       33
       33
       -
           export

     

       34
       33
        
           # build the brickd binary

     

       35
       34
        
           mkdir src/daemonlib

     

       36
       35
        
           cp -r ${daemonlib}/* src/daemonlib

     

       36
       36
       +
           substituteInPlace src/daemonlib/utils.{c,h} \

     

       37
       37
       +
             --replace "_GNU_SOURCE" "__GLIBC__"

     

       37
       38
        
           cd src/brickd

     

       38
       39
        
           make

     

       39
       40

pkgs/tools/admin/rset/default.nix

···

       44
       44
        
           license = licenses.isc;

     

       45
       45
        
           platforms = platforms.unix;

     

       46
       46
        
           maintainers = with maintainers; [ cstrahan ];

     

       47
       47
       +
           # 2023-08-19, fails to compile with glibc-2.38 because of strlcpy.

     

       48
       48
       +
           # At the time of writing, this was 4 minors behind already and

     

       49
       49
       +
           # the `paths.patch` didn't apply anymore, so this is now considered

     

       50
       50
       +
           # broken until somebody cares enough to fix and upgrade this.

     

       51
       51
       +
           broken = true;

     

       47
       52
        
         };

     

       48
       53
        
       }