Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F13115218
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
48 KB
Subscribers
None
View Options
diff --git a/contrib/guix/libexec/build.sh b/contrib/guix/libexec/build.sh
index a8fff554f..bd26187b3 100755
--- a/contrib/guix/libexec/build.sh
+++ b/contrib/guix/libexec/build.sh
@@ -1,341 +1,342 @@
#!/usr/bin/env bash
# Copyright (c) 2019-2023 The Bitcoin developers
# Distributed under the MIT software license, see the accompanying
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
export LC_ALL=C
set -e -o pipefail
export TZ=UTC
# Although Guix _does_ set umask when building its own packages (in our case,
# this is all packages in manifest.scm), it does not set it for `guix
# environment`. It does make sense for at least `guix environment --container`
# to set umask, so if that change gets merged upstream and we bump the
# time-machine to a commit which includes the aforementioned change, we can
# remove this line.
#
# This line should be placed before any commands which creates files.
umask 0022
if [ -n "$V" ]; then
# Print both unexpanded (-v) and expanded (-x) forms of commands as they are
# read from this file.
set -vx
# Set VERBOSE for CMake-based builds
export VERBOSE="$V"
fi
# Check that required environment variables are set
cat << EOF
Required environment variables as seen inside the container:
DIST_ARCHIVE_BASE: ${DIST_ARCHIVE_BASE:?not set}
DISTNAME: ${DISTNAME:?not set}
HOST: ${HOST:?not set}
SOURCE_DATE_EPOCH: ${SOURCE_DATE_EPOCH:?not set}
JOBS: ${JOBS:?not set}
DISTSRC: ${DISTSRC:?not set}
OUTDIR: ${OUTDIR:?not set}
EOF
ACTUAL_OUTDIR="${OUTDIR}"
OUTDIR="${DISTSRC}/output"
#####################
# Environment Setup #
#####################
# The depends folder also serves as a base-prefix for depends packages for
# $HOSTs after successfully building.
BASEPREFIX="${PWD}/depends"
# Given a package name and an output name, return the path of that output in our
# current guix environment
store_path() {
grep --extended-regexp "/[^-]{32}-${1}-[^-]+${2:+-${2}}" "${GUIX_ENVIRONMENT}/manifest" \
| head --lines=1 \
- | sed --expression='s|^[[:space:]]*"||' \
+ | sed --expression='s|\x29*$||' \
+ --expression='s|^[[:space:]]*"||' \
--expression='s|"[[:space:]]*$||'
}
# Set environment variables to point the NATIVE toolchain to the right
# includes/libs
NATIVE_GCC="$(store_path gcc-toolchain)"
NATIVE_GCC_STATIC="$(store_path gcc-toolchain static)"
unset LIBRARY_PATH
unset CPATH
unset C_INCLUDE_PATH
unset CPLUS_INCLUDE_PATH
unset OBJC_INCLUDE_PATH
unset OBJCPLUS_INCLUDE_PATH
export LIBRARY_PATH="${NATIVE_GCC}/lib:${NATIVE_GCC_STATIC}/lib"
export C_INCLUDE_PATH="${NATIVE_GCC}/include"
export CPLUS_INCLUDE_PATH="${NATIVE_GCC}/include/c++:${NATIVE_GCC}/include"
export OBJC_INCLUDE_PATH="${NATIVE_GCC}/include"
export OBJCPLUS_INCLUDE_PATH="${NATIVE_GCC}/include/c++:${NATIVE_GCC}/include"
# Set environment variables to point the CROSS toolchain to the right
# includes/libs for $HOST
case "$HOST" in
*mingw*)
# Determine output paths to use in CROSS_* environment variables
CROSS_GLIBC="$(store_path "mingw-w64-x86_64-winpthreads")"
CROSS_GCC_ROOT="$(store_path "gcc-cross-${HOST}")"
CROSS_GCC_LIB_STORE="$(store_path "gcc-cross-${HOST}" lib)"
CROSS_GCC_LIBS=( "${CROSS_GCC_LIB_STORE}/lib/gcc/${HOST}"/* ) # This expands to an array of directories...
CROSS_GCC_LIB="${CROSS_GCC_LIBS[0]}" # ...we just want the first one (there should only be one)
# The search path ordering is generally:
# 1. gcc-related search paths
# 2. libc-related search paths
# 2. kernel-header-related search paths (not applicable to mingw-w64 hosts)
export CROSS_C_INCLUDE_PATH="${CROSS_GCC_LIB}/include:${CROSS_GCC_LIB}/include-fixed:${CROSS_GLIBC}/include"
export CROSS_CPLUS_INCLUDE_PATH="${CROSS_GCC_ROOT}/include/c++:${CROSS_GCC_ROOT}/include/c++/${HOST}:${CROSS_GCC_ROOT}/include/c++/backward:${CROSS_C_INCLUDE_PATH}"
export CROSS_LIBRARY_PATH="${CROSS_GCC_LIB_STORE}/lib:${CROSS_GCC_LIB}:${CROSS_GLIBC}/lib"
;;
*darwin*)
# The CROSS toolchain for darwin uses the SDK and ignores environment variables.
# See depends/hosts/darwin.mk for more details.
;;
*linux*)
CROSS_GLIBC="$(store_path "glibc-cross-${HOST}")"
CROSS_GLIBC_STATIC="$(store_path "glibc-cross-${HOST}" static)"
CROSS_KERNEL="$(store_path "linux-libre-headers-cross-${HOST}")"
CROSS_GCC_ROOT="$(store_path "gcc-cross-${HOST}")"
CROSS_GCC_LIB_STORE="$(store_path "gcc-cross-${HOST}" lib)"
CROSS_GCC_LIBS=( "${CROSS_GCC_LIB_STORE}/lib/gcc/${HOST}"/* ) # This expands to an array of directories...
CROSS_GCC_LIB="${CROSS_GCC_LIBS[0]}" # ...we just want the first one (there should only be one)
export CROSS_CC="${CROSS_GCC_ROOT}/bin/${HOST}-gcc"
export CROSS_CXX="${CROSS_GCC_ROOT}/bin/${HOST}-g++"
export CROSS_C_INCLUDE_PATH="${CROSS_GCC_LIB}/include:${CROSS_GCC_LIB}/include-fixed:${CROSS_GLIBC}/include:${CROSS_KERNEL}/include"
export CROSS_CPLUS_INCLUDE_PATH="${CROSS_GCC_ROOT}/include/c++:${CROSS_GCC_ROOT}/include/c++/${HOST}:${CROSS_GCC_ROOT}/include/c++/backward:${CROSS_C_INCLUDE_PATH}"
export CROSS_LIBRARY_PATH="${CROSS_GCC_LIB_STORE}/lib:${CROSS_GCC_LIB}:${CROSS_GLIBC}/lib:${CROSS_GLIBC_STATIC}/lib"
;;
*)
exit 1 ;;
esac
# Sanity check CROSS_(CC|CXX)
for compiler in "${CROSS_CC}" "${CROSS_CXX}"; do
if [ -n "${compiler}" ] && [ ! -f "${compiler}" ]; then
echo "'${compiler}' doesn't exist... Aborting..."
exit 1
fi
done
# Sanity check CROSS_*_PATH directories
IFS=':' read -ra PATHS <<< "${CROSS_C_INCLUDE_PATH}:${CROSS_CPLUS_INCLUDE_PATH}:${CROSS_LIBRARY_PATH}"
for p in "${PATHS[@]}"; do
if [ -n "$p" ] && [ ! -d "$p" ]; then
echo "'$p' doesn't exist or isn't a directory... Aborting..."
exit 1
fi
done
# Disable Guix ld auto-rpath behavior
case "$HOST" in
*darwin*)
# The auto-rpath behavior is necessary for darwin builds as some native
# tools built by depends refer to and depend on Guix-built native
# libraries
#
# After the native packages in depends are built, the ld wrapper should
# no longer affect our build, as clang would instead reach for
# x86_64-apple-darwin-ld from cctools
;;
*) export GUIX_LD_WRAPPER_DISABLE_RPATH=yes ;;
esac
# Make /usr/bin if it doesn't exist
[ -e /usr/bin ] || mkdir -p /usr/bin
# Symlink file and env to a conventional path
[ -e /usr/bin/file ] || ln -s --no-dereference "$(command -v file)" /usr/bin/file
[ -e /usr/bin/env ] || ln -s --no-dereference "$(command -v env)" /usr/bin/env
# Determine the correct value for -Wl,--dynamic-linker for the current $HOST
case "$HOST" in
*linux*)
glibc_dynamic_linker=$(
case "$HOST" in
x86_64-linux-gnu) echo /lib64/ld-linux-x86-64.so.2 ;;
arm-linux-gnueabihf) echo /lib/ld-linux-armhf.so.3 ;;
aarch64-linux-gnu) echo /lib/ld-linux-aarch64.so.1 ;;
*) exit 1 ;;
esac
)
;;
esac
# Environment variables for determinism
export TAR_OPTIONS="--owner=0 --group=0 --numeric-owner --mtime='@${SOURCE_DATE_EPOCH}' --sort=name"
export TZ="UTC"
case "$HOST" in
*darwin*)
# cctools AR, unlike GNU binutils AR, does not have a deterministic mode
# or a configure flag to enable determinism by default, it only
# understands if this env-var is set or not. See:
#
# https://github.com/tpoechtrager/cctools-port/blob/55562e4073dea0fbfd0b20e0bf69ffe6390c7f97/cctools/ar/archive.c#L334
export ZERO_AR_DATE=yes
;;
esac
####################
# Depends Building #
####################
# Build the depends tree, overriding variables that assume multilib gcc
make -C depends --jobs="$JOBS" HOST="$HOST" \
${V:+V=1} \
${SOURCES_PATH+SOURCES_PATH="$SOURCES_PATH"} \
${BASE_CACHE+BASE_CACHE="$BASE_CACHE"} \
${SDK_PATH+SDK_PATH="$SDK_PATH"} \
x86_64_linux_CC=x86_64-linux-gnu-gcc \
x86_64_linux_CXX=x86_64-linux-gnu-g++ \
x86_64_linux_AR=x86_64-linux-gnu-gcc-ar \
x86_64_linux_RANLIB=x86_64-linux-gnu-gcc-ranlib \
x86_64_linux_NM=x86_64-linux-gnu-gcc-nm \
x86_64_linux_STRIP=x86_64-linux-gnu-strip \
FORCE_USE_SYSTEM_CLANG=1
###########################
# Source Tarball Building #
###########################
# Toolchain
case "$HOST" in
*mingw*)
CMAKE_TOOLCHAIN_FILE="/bitcoin/cmake/platforms/Win64.cmake"
;;
aarch64-linux-gnu)
CMAKE_TOOLCHAIN_FILE="/bitcoin/cmake/platforms/LinuxAArch64.cmake"
;;
arm-linux-gnueabihf)
CMAKE_TOOLCHAIN_FILE="/bitcoin/cmake/platforms/LinuxARM.cmake"
;;
x86_64-linux-gnu)
CMAKE_TOOLCHAIN_FILE="/bitcoin/cmake/platforms/Linux64.cmake"
;;
*darwin*)
CMAKE_TOOLCHAIN_FILE="/bitcoin/cmake/platforms/OSX.cmake"
;;
esac
mkdir -p source_package
pushd source_package
rm -f CMakeCache.txt
cmake -GNinja .. \
-DCMAKE_TOOLCHAIN_FILE=${CMAKE_TOOLCHAIN_FILE} \
-DBUILD_BITCOIN_WALLET=OFF \
-DBUILD_BITCOIN_CHRONIK=OFF \
-DBUILD_BITCOIN_QT=OFF \
-DBUILD_BITCOIN_ZMQ=OFF \
-DENABLE_QRCODE=OFF \
-DENABLE_NATPMP=OFF \
-DENABLE_UPNP=OFF \
-DUSE_JEMALLOC=OFF \
-DENABLE_CLANG_TIDY=OFF \
-DENABLE_BIP70=OFF \
-DUSE_LINKER=
ninja package_source
SOURCEDIST=$(echo bitcoin-abc-*.tar.gz)
mv ${SOURCEDIST} ..
popd
rm -rf source_package
DISTNAME=${SOURCEDIST//.tar.*/}
mkdir -p "$OUTDIR"
OUTDIR=$(realpath "${OUTDIR}")
###########################
# Binary Tarball Building #
###########################
# CFLAGS
HOST_CFLAGS=$(find /gnu/store -maxdepth 1 -mindepth 1 -type d -exec echo -n " -ffile-prefix-map={}=/usr" \;)
case "$HOST" in
*linux*) HOST_CFLAGS+=" -ffile-prefix-map=${PWD}=." ;;
*mingw*) HOST_CFLAGS+=" -fno-ident" ;;
*darwin*) unset HOST_CFLAGS ;;
esac
# CXXFLAGS
HOST_CXXFLAGS="$HOST_CFLAGS"
case "$HOST" in
arm-linux-gnueabihf) HOST_CXXFLAGS="${HOST_CXXFLAGS} -Wno-psabi" ;;
esac
# LDFLAGS
case "$HOST" in
*linux*) HOST_LDFLAGS="-Wl,--as-needed -Wl,--dynamic-linker=$glibc_dynamic_linker" ;;
*mingw*) HOST_LDFLAGS="-Wl,--no-insert-timestamp" ;;
esac
# CMake flags
case "$HOST" in
*mingw*)
CMAKE_EXTRA_OPTIONS=(-DBUILD_BITCOIN_SEEDER=OFF -DCPACK_PACKAGE_FILE_NAME="${DISTNAME}-win64-setup-unsigned")
;;
*linux*)
CMAKE_EXTRA_OPTIONS=(-DENABLE_STATIC_LIBSTDCXX=ON -DENABLE_GLIBC_BACK_COMPAT=ON -DUSE_LINKER=)
;;
*darwin*)
CMAKE_EXTRA_OPTIONS=(-DGENISOIMAGE_EXECUTABLE="${WRAP_DIR}/genisoimage")
;;
esac
# Make $HOST-specific native binaries from depends available in $PATH
export PATH="${BASEPREFIX}/${HOST}/native/bin:${PATH}"
mkdir -p "$DISTSRC"
(
cd "$DISTSRC"
# Setup the directory where our Bitcoin ABC build for HOST will be
# installed. This directory will also later serve as the input for our
# binary tarballs.
INSTALLPATH=$(pwd)/installed/${DISTNAME}
mkdir -p "${INSTALLPATH}"
cmake -GNinja .. \
-DCMAKE_TOOLCHAIN_FILE=${CMAKE_TOOLCHAIN_FILE} \
-DCLIENT_VERSION_IS_RELEASE=ON \
-DENABLE_CLANG_TIDY=OFF \
-DENABLE_REDUCE_EXPORTS=ON \
-DCMAKE_INSTALL_PREFIX="${INSTALLPATH}" \
-DCCACHE=OFF \
-DCMAKE_C_FLAGS="${HOST_CFLAGS}" \
-DCMAKE_CXX_FLAGS="${HOST_CXXFLAGS}" \
-DCMAKE_EXE_LINKER_FLAGS="${HOST_LDFLAGS}" \
"${CMAKE_EXTRA_OPTIONS[@]}"
# Build Bitcoin ABC
ninja
ninja security-check
ninja symbol-check
ninja install-debug
cd installed
find ${DISTNAME} -not -name "*.dbg" | sort | tar --mtime=@${SOURCE_DATE_EPOCH} --no-recursion --mode='u+rw,go+r-w,a+X' --owner=0 --group=0 -c -T - | gzip -9n > ${OUTDIR}/${DISTNAME}-${HOST}.tar.gz
find ${DISTNAME} -name "*.dbg" | sort | tar --mtime=@${SOURCE_DATE_EPOCH} --no-recursion --mode='u+rw,go+r-w,a+X' --owner=0 --group=0 -c -T - | gzip -9n > ${OUTDIR}/${DISTNAME}-${HOST}-debug.tar.gz
) # $DISTSRC
rm -rf "$ACTUAL_OUTDIR"
mv --no-target-directory "$OUTDIR" "$ACTUAL_OUTDIR" \
|| ( rm -rf "$ACTUAL_OUTDIR" && exit 1 )
mv ${SOURCEDIST} "$ACTUAL_OUTDIR"
(
cd /outdir-base
find "$ACTUAL_OUTDIR" -type f -print0 \
| xargs -0 realpath --relative-base="$PWD" \
| xargs sha256sum \
| sort -k2 \
| sponge "$ACTUAL_OUTDIR"/SHA256SUMS.part
)
diff --git a/contrib/guix/libexec/prelude.bash b/contrib/guix/libexec/prelude.bash
index cae05664c..c2cced156 100644
--- a/contrib/guix/libexec/prelude.bash
+++ b/contrib/guix/libexec/prelude.bash
@@ -1,78 +1,78 @@
#!/usr/bin/env bash
export LC_ALL=C
set -e -o pipefail
# shellcheck source=contrib/shell/realpath.bash
source contrib/shell/realpath.bash
# shellcheck source=contrib/shell/git-utils.bash
source contrib/shell/git-utils.bash
################
# Required non-builtin commands should be invocable
################
check_tools() {
for cmd in "$@"; do
if ! command -v "$cmd" > /dev/null 2>&1; then
echo "ERR: This script requires that '$cmd' is installed and available in your \$PATH"
exit 1
fi
done
}
check_tools cat env readlink dirname basename git
################
# We should be at the top directory of the repository
################
same_dir() {
local resolved1 resolved2
resolved1="$(bash_realpath "${1}")"
resolved2="$(bash_realpath "${2}")"
[ "$resolved1" = "$resolved2" ]
}
if ! same_dir "${PWD}" "$(git_root)"; then
cat << EOF
ERR: This script must be invoked from the top level of the git repository
Hint: This may look something like:
env FOO=BAR ./contrib/guix/guix-<blah>
EOF
exit 1
fi
################
# Execute "$@" in a pinned, possibly older version of Guix, for reproducibility
# across time.
time-machine() {
# shellcheck disable=SC2086
guix time-machine --url=https://git.savannah.gnu.org/git/guix.git \
- --commit=998eda3067c7d21e0d9bb3310d2f5a14b8f1c681 \
+ --commit=160f78a4d92205df986ed9efcce7d3aac188cb24 \
--cores="$JOBS" \
--keep-failed \
--fallback \
${SUBSTITUTE_URLS:+--substitute-urls="$SUBSTITUTE_URLS"} \
${ADDITIONAL_GUIX_COMMON_FLAGS} ${ADDITIONAL_GUIX_TIMEMACHINE_FLAGS} \
-- "$@"
}
################
# Set common variables
################
VERSION="${FORCE_VERSION:-$(git_head_version)}"
DISTNAME="${DISTNAME:-bitcoin-${VERSION}}"
out_base_basename="output"
OUTDIR_BASE="${OUTDIR_BASE:-${out_base_basename}}"
var_base_basename="var"
VAR_BASE="${VAR_BASE:-${var_base_basename}}"
profiles_base_basename="profiles"
PROFILES_BASE="${PROFILES_BASE:-${VAR_BASE}/${profiles_base_basename}}"
diff --git a/contrib/guix/manifest.scm b/contrib/guix/manifest.scm
index 15a4b43f5..718567d66 100644
--- a/contrib/guix/manifest.scm
+++ b/contrib/guix/manifest.scm
@@ -1,621 +1,615 @@
(use-modules (gnu packages)
(gnu packages autotools)
((gnu packages bash) #:select (bash-minimal))
(gnu packages bison)
((gnu packages certs) #:select (nss-certs))
((gnu packages cdrom) #:select (xorriso))
((gnu packages cmake) #:select (cmake-minimal))
(gnu packages commencement)
(gnu packages compression)
(gnu packages cross-base)
(gnu packages file)
(gnu packages gawk)
(gnu packages gcc)
(gnu packages gperf)
((gnu packages installers) #:select (nsis-x86_64))
((gnu packages linux) #:select (linux-libre-headers-5.15 util-linux))
(gnu packages llvm)
(gnu packages mingw)
(gnu packages moreutils)
(gnu packages ninja)
(gnu packages perl)
(gnu packages pkg-config)
((gnu packages python) #:select (python-minimal))
((gnu packages python-build) #:select (python-tomli))
((gnu packages python-crypto) #:select (python-asn1crypto))
((gnu packages python-web) #:select (python-requests))
((gnu packages tls) #:select (openssl))
((gnu packages version-control) #:select (git-minimal))
(guix build-system cmake)
(guix build-system gnu)
(guix build-system python)
(guix build-system trivial)
(guix gexp)
(guix git-download)
((guix licenses) #:prefix license:)
(guix packages)
((guix utils) #:select (substitute-keyword-arguments)))
(define-syntax-rule (search-our-patches file-name ...)
"Return the list of absolute file names corresponding to each
FILE-NAME found in ./patches relative to the current file."
(parameterize
((%patch-path (list (string-append (dirname (current-filename)) "/patches"))))
(list (search-patch file-name) ...)))
(define building-on (string-append "--build=" (list-ref (string-split (%current-system) #\-) 0) "-guix-linux-gnu"))
(define (make-cross-toolchain target
base-gcc-for-libc
base-kernel-headers
base-libc
base-gcc)
"Create a cross-compilation toolchain package for TARGET"
(let* ((xbinutils (cross-binutils target))
;; 1. Build a cross-compiling gcc without targeting any libc, derived
;; from BASE-GCC-FOR-LIBC
(xgcc-sans-libc (cross-gcc target
#:xgcc base-gcc-for-libc
#:xbinutils xbinutils))
;; 2. Build cross-compiled kernel headers with XGCC-SANS-LIBC, derived
;; from BASE-KERNEL-HEADERS
(xkernel (cross-kernel-headers target
- base-kernel-headers
- xgcc-sans-libc
- xbinutils))
+ #:linux-headers base-kernel-headers
+ #:xgcc xgcc-sans-libc
+ #:xbinutils xbinutils))
;; 3. Build a cross-compiled libc with XGCC-SANS-LIBC and XKERNEL,
;; derived from BASE-LIBC
(xlibc (cross-libc target
- base-libc
- xgcc-sans-libc
- xbinutils
- xkernel))
+ #:libc base-libc
+ #:xgcc xgcc-sans-libc
+ #:xbinutils xbinutils
+ #:xheaders xkernel))
;; 4. Build a cross-compiling gcc targeting XLIBC, derived from
;; BASE-GCC
(xgcc (cross-gcc target
#:xgcc base-gcc
#:xbinutils xbinutils
#:libc xlibc)))
;; Define a meta-package that propagates the resulting XBINUTILS, XLIBC, and
;; XGCC
(package
(name (string-append target "-toolchain"))
(version (package-version xgcc))
(source #f)
(build-system trivial-build-system)
(arguments '(#:builder (begin (mkdir %output) #t)))
(propagated-inputs
`(("binutils" ,xbinutils)
("libc" ,xlibc)
("libc:static" ,xlibc "static")
("gcc" ,xgcc)
("gcc-lib" ,xgcc "lib")))
(synopsis (string-append "Complete GCC tool chain for " target))
(description (string-append "This package provides a complete GCC tool
chain for " target " development."))
(home-page (package-home-page xgcc))
(license (package-license xgcc)))))
(define base-gcc gcc-10)
(define base-linux-kernel-headers linux-libre-headers-5.15)
(define* (make-bitcoin-cross-toolchain target
#:key
(base-gcc-for-libc linux-base-gcc)
(base-kernel-headers base-linux-kernel-headers)
(base-libc glibc-2.28)
(base-gcc linux-base-gcc))
"Convenience wrapper around MAKE-CROSS-TOOLCHAIN with default values
desirable for building Bitcoin ABC release binaries."
(make-cross-toolchain target
base-gcc-for-libc
base-kernel-headers
base-libc
base-gcc))
(define (gcc-mingw-patches gcc)
(package-with-extra-patches gcc
(search-our-patches "gcc-remap-guix-store.patch"
- "vmov-alignment.patch"
- "gcc-broken-longjmp.patch")))
+ "vmov-alignment.patch")))
(define (make-mingw-pthreads-cross-toolchain target)
"Create a cross-compilation toolchain package for TARGET"
(let* ((xbinutils (cross-binutils target))
(pthreads-xlibc mingw-w64-x86_64-winpthreads)
(pthreads-xgcc (cross-gcc target
#:xgcc (gcc-mingw-patches mingw-w64-base-gcc)
#:xbinutils xbinutils
#:libc pthreads-xlibc)))
;; Define a meta-package that propagates the resulting XBINUTILS, XLIBC, and
;; XGCC
(package
(name (string-append target "-posix-toolchain"))
(version (package-version pthreads-xgcc))
(source #f)
(build-system trivial-build-system)
(arguments '(#:builder (begin (mkdir %output) #t)))
(propagated-inputs
`(("binutils" ,xbinutils)
("libc" ,pthreads-xlibc)
("gcc" ,pthreads-xgcc)
("gcc-lib" ,pthreads-xgcc "lib")))
(synopsis (string-append "Complete GCC tool chain for " target))
(description (string-append "This package provides a complete GCC tool
chain for " target " development."))
(home-page (package-home-page pthreads-xgcc))
(license (package-license pthreads-xgcc)))))
-(define (make-nsis-for-gcc-10 base-nsis)
- (package-with-extra-patches base-nsis
- (search-our-patches "nsis-gcc-10-memmove.patch"
- "nsis-disable-installer-reloc.patch")))
-
;; While LIEF is packaged in Guix, we maintain our own package,
;; to simplify building, and more easily apply updates.
;; Moreover, the Guix's package uses cmake, which caused build
;; failure; see https://github.com/bitcoin/bitcoin/pull/27296.
(define-public python-lief
(package
(name "python-lief")
(version "0.13.2")
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/lief-project/LIEF")
(commit version)))
(file-name (git-file-name name version))
(modules '((guix build utils)))
(snippet
'(begin
;; Configure build for Python bindings.
(substitute* "api/python/config-default.toml"
(("(ninja = )true" all m)
(string-append m "false"))
(("(parallel-jobs = )0" all m)
(string-append m (number->string (parallel-job-count)))))))
(sha256
(base32
"0y48x358ppig5xp97ahcphfipx7cg9chldj2q5zrmn610fmi4zll"))))
(build-system python-build-system)
(native-inputs (list cmake-minimal python-tomli))
(arguments
(list
#:tests? #f ;needs network
#:phases #~(modify-phases %standard-phases
(add-before 'build 'change-directory
(lambda _
(chdir "api/python")))
(replace 'build
(lambda _
(invoke "python" "setup.py" "build"))))))
(home-page "https://github.com/lief-project/LIEF")
(synopsis "Library to instrument executable formats")
(description
"@code{python-lief} is a cross platform library which can parse, modify
and abstract ELF, PE and MachO formats.")
(license license:asl2.0)))
(define osslsigncode
(package
(name "osslsigncode")
(version "2.5")
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/mtrojnar/osslsigncode")
(commit version)))
(sha256
(base32
"1j47vwq4caxfv0xw68kw5yh00qcpbd56d7rq6c483ma3y7s96yyz"))))
(build-system cmake-build-system)
(inputs
`(("openssl", openssl)))
(home-page "https://github.com/mtrojnar/osslsigncode")
(synopsis "Authenticode signing and timestamping tool")
(description "osslsigncode is a small tool that implements part of the
functionality of the Microsoft tool signtool.exe - more exactly the Authenticode
signing and timestamping. But osslsigncode is based on OpenSSL and cURL, and
thus should be able to compile on most platforms where these exist.")
(license license:gpl3+))) ; license is with openssl exception
(define-public python-elfesteem
(let ((commit "2eb1e5384ff7a220fd1afacd4a0170acff54fe56"))
(package
(name "python-elfesteem")
(version (git-version "0.1" "1" commit))
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/LRGH/elfesteem")
(commit commit)))
(file-name (git-file-name name commit))
(sha256
(base32
"07x6p8clh11z8s1n2kdxrqwqm2almgc5qpkcr9ckb6y5ivjdr5r6"))))
(build-system python-build-system)
;; There are no tests, but attempting to run python setup.py test leads to
;; PYTHONPATH problems, just disable the test
(arguments '(#:tests? #f))
(home-page "https://github.com/LRGH/elfesteem")
(synopsis "ELF/PE/Mach-O parsing library")
(description "elfesteem parses ELF, PE and Mach-O files.")
(license license:lgpl2.1))))
(define-public python-oscrypto
(package
(name "python-oscrypto")
- (version "1.2.1")
+ (version "1.3.0")
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/wbond/oscrypto")
(commit version)))
(file-name (git-file-name name version))
(sha256
(base32
- "1d4d8s4z340qhvb3g5m5v3436y3a71yc26wk4749q64m09kxqc3l"))
+ "1v5wkmzcyiqy39db8j2dvkdrv2nlsc48556h73x4dzjwd6kg4q0a"))
(patches (search-our-patches "oscrypto-hard-code-openssl.patch"))))
(build-system python-build-system)
(native-search-paths
(list (search-path-specification
(variable "SSL_CERT_FILE")
(file-type 'regular)
(separator #f) ;single entry
(files '("etc/ssl/certs/ca-certificates.crt")))))
(propagated-inputs
`(("python-asn1crypto" ,python-asn1crypto)
("openssl" ,openssl)))
(arguments
`(#:phases
(modify-phases %standard-phases
(add-after 'unpack 'hard-code-path-to-libscrypt
(lambda* (#:key inputs #:allow-other-keys)
(let ((openssl (assoc-ref inputs "openssl")))
(substitute* "oscrypto/__init__.py"
(("@GUIX_OSCRYPTO_USE_OPENSSL@")
(string-append openssl "/lib/libcrypto.so" "," openssl "/lib/libssl.so")))
#t)))
(add-after 'unpack 'disable-broken-tests
(lambda _
;; This test is broken as there is no keyboard interrupt.
(substitute* "tests/test_trust_list.py"
(("^(.*)class TrustListTests" line indent)
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line)))
(substitute* "tests/test_tls.py"
(("^(.*)class TLSTests" line indent)
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line)))
#t))
(replace 'check
(lambda _
(invoke "python" "run.py" "tests")
#t)))))
(home-page "https://github.com/wbond/oscrypto")
(synopsis "Compiler-free Python crypto library backed by the OS")
(description "oscrypto is a compilation-free, always up-to-date encryption library for Python.")
(license license:expat)))
(define-public python-oscryptotests
(package (inherit python-oscrypto)
(name "python-oscryptotests")
(propagated-inputs
`(("python-oscrypto" ,python-oscrypto)))
(arguments
`(#:tests? #f
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'hard-code-path-to-libscrypt
(lambda* (#:key inputs #:allow-other-keys)
(chdir "tests")
#t)))))))
(define-public python-certvalidator
(let ((commit "a145bf25eb75a9f014b3e7678826132efbba6213"))
(package
(name "python-certvalidator")
(version (git-version "0.1" "1" commit))
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/achow101/certvalidator")
(commit commit)))
(file-name (git-file-name name commit))
(sha256
(base32
"1qw2k7xis53179lpqdqyylbcmp76lj7sagp883wmxg5i7chhc96k"))))
(build-system python-build-system)
(propagated-inputs
`(("python-asn1crypto" ,python-asn1crypto)
("python-oscrypto" ,python-oscrypto)
("python-oscryptotests", python-oscryptotests))) ;; certvalidator tests import oscryptotests
(arguments
`(#:phases
(modify-phases %standard-phases
(add-after 'unpack 'disable-broken-tests
(lambda _
(substitute* "tests/test_certificate_validator.py"
(("^(.*)class CertificateValidatorTests" line indent)
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line)))
(substitute* "tests/test_crl_client.py"
(("^(.*)def test_fetch_crl" line indent)
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line)))
(substitute* "tests/test_ocsp_client.py"
(("^(.*)def test_fetch_ocsp" line indent)
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line)))
(substitute* "tests/test_registry.py"
(("^(.*)def test_build_paths" line indent)
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line)))
(substitute* "tests/test_validate.py"
(("^(.*)def test_revocation_mode_hard" line indent)
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line)))
(substitute* "tests/test_validate.py"
(("^(.*)def test_revocation_mode_soft" line indent)
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line)))
#t))
(replace 'check
(lambda _
(invoke "python" "run.py" "tests")
#t)))))
(home-page "https://github.com/wbond/certvalidator")
(synopsis "Python library for validating X.509 certificates and paths")
(description "certvalidator is a Python library for validating X.509
certificates or paths. Supports various options, including: validation at a
specific moment in time, whitelisting and revocation checks.")
(license license:expat))))
(define-public python-altgraph
(package
(name "python-altgraph")
(version "0.17")
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/ronaldoussoren/altgraph")
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
(base32
"09sm4srvvkw458pn48ga9q7ykr4xlz7q8gh1h9w7nxpf001qgpwb"))))
(build-system python-build-system)
(home-page "https://github.com/ronaldoussoren/altgraph")
(synopsis "Python graph (network) package")
(description "altgraph is a fork of graphlib: a graph (network) package for
constructing graphs, BFS and DFS traversals, topological sort, shortest paths,
etc. with graphviz output.")
(license license:expat)))
(define-public python-macholib
(package
(name "python-macholib")
(version "1.14")
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/ronaldoussoren/macholib")
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
(base32
"0aislnnfsza9wl4f0vp45ivzlc0pzhp9d4r08700slrypn5flg42"))))
(build-system python-build-system)
(propagated-inputs
`(("python-altgraph" ,python-altgraph)))
(arguments
'(#:phases
(modify-phases %standard-phases
(add-after 'unpack 'disable-broken-tests
(lambda _
;; This test is broken as there is no keyboard interrupt.
(substitute* "macholib_tests/test_command_line.py"
(("^(.*)class TestCmdLine" line indent)
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line)))
(substitute* "macholib_tests/test_dyld.py"
(("^(.*)def test_\\S+_find" line indent)
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line))
(("^(.*)def testBasic" line indent)
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line))
)
#t)))))
(home-page "https://github.com/ronaldoussoren/macholib")
(synopsis "Python library for analyzing and editing Mach-O headers")
(description "macholib is a Macho-O header analyzer and editor. It's
typically used as a dependency analysis tool, and also to rewrite dylib
references in Mach-O headers to be @executable_path relative. Though this tool
targets a platform specific file format, it is pure python code that is platform
and endian independent.")
(license license:expat)))
(define-public python-signapple
(let ((commit "8a945a2e7583be2665cf3a6a89d665b70ecd1ab6"))
(package
(name "python-signapple")
(version (git-version "0.1" "1" commit))
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/achow101/signapple")
(commit commit)))
(file-name (git-file-name name commit))
(sha256
(base32
"0fr1hangvfyiwflca6jg5g8zvg3jc9qr7vd2c12ff89pznf38dlg"))))
(build-system python-build-system)
(propagated-inputs
`(("python-asn1crypto" ,python-asn1crypto)
("python-oscrypto" ,python-oscrypto)
("python-certvalidator" ,python-certvalidator)
("python-elfesteem" ,python-elfesteem)
("python-requests" ,python-requests)
("python-macholib" ,python-macholib)))
;; There are no tests, but attempting to run python setup.py test leads to
;; problems, just disable the test
(arguments '(#:tests? #f))
(home-page "https://github.com/achow101/signapple")
(synopsis "Mach-O binary signature tool")
(description "signapple is a Python tool for creating, verifying, and
inspecting signatures in Mach-O binaries.")
(license license:expat))))
(define-public mingw-w64-base-gcc
(package
(inherit base-gcc)
(arguments
(substitute-keyword-arguments (package-arguments base-gcc)
((#:configure-flags flags)
`(append ,flags
;; https://gcc.gnu.org/install/configure.html
(list "--enable-threads=posix",
building-on)))
((#:make-flags flags)
;; Uses the SSP functions from glibc instead of from libssp.so.
;; Our 'symbol-check' script will complain if we link against libssp.so,
;; and thus will ensure that this works properly.
`(cons "gcc_cv_libc_provides_ssp=yes" ,flags))))))
(define-public linux-base-gcc
(package
(inherit base-gcc)
(arguments
(substitute-keyword-arguments (package-arguments base-gcc)
((#:configure-flags flags)
`(append ,flags
;; https://gcc.gnu.org/install/configure.html
(list "--enable-initfini-array=yes",
"--enable-default-ssp=yes",
"--enable-default-pie=yes",
building-on)))
((#:phases phases)
`(modify-phases ,phases
;; Given a XGCC package, return a modified package that replace each instance of
;; -rpath in the default system spec that's inserted by Guix with -rpath-link
(add-after 'pre-configure 'replace-rpath-with-rpath-link
(lambda _
(substitute* (cons "gcc/config/rs6000/sysv4.h"
(find-files "gcc/config"
"^gnu-user.*\\.h$"))
(("-rpath=") "-rpath-link="))
#t))))))))
(define-public glibc-2.28
(package
(inherit glibc-2.31)
(version "2.28")
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://sourceware.org/git/glibc.git")
(commit "c9e58ae23402eb82877de90fd8a18519c086ed87")))
(file-name (git-file-name "glibc" "c9e58ae23402eb82877de90fd8a18519c086ed87"))
(sha256
(base32
"0wm0if2n4z48kpn85va6yb4iac34crds2f55ddpz1hykx6jp1pb6"))
(patches (search-our-patches "glibc-2.28-fcommon.patch"
"glibc-2.28-guix-prefix.patch"
"glibc-2.28-no-librt.patch"))))
(arguments
(substitute-keyword-arguments (package-arguments glibc)
((#:configure-flags flags)
`(append ,flags
;; https://www.gnu.org/software/libc/manual/html_node/Configuring-and-compiling.html
(list "--enable-stack-protector=all",
"--enable-bind-now",
"--disable-werror",
building-on)))
((#:phases phases)
`(modify-phases ,phases
(add-before 'configure 'set-etc-rpc-installation-directory
(lambda* (#:key outputs #:allow-other-keys)
;; Install the rpc data base file under `$out/etc/rpc'.
;; Otherwise build will fail with "Permission denied."
(let ((out (assoc-ref outputs "out")))
(substitute* "sunrpc/Makefile"
(("^\\$\\(inst_sysconfdir\\)/rpc(.*)$" _ suffix)
(string-append out "/etc/rpc" suffix "\n"))
(("^install-others =.*$")
(string-append "install-others = " out "/etc/rpc\n"))))))))))))
(packages->manifest
(append
(list ;; The Basics
bash-minimal
which
coreutils-minimal
util-linux
gperf
;; File(system) inspection
file
grep
diffutils
findutils
;; File transformation
patch
gawk
sed
moreutils
;; Compression and archiving
tar
bzip2
gzip
xz
;; Build tools
cmake-minimal
ninja
gnu-make
- libtool-2.4.7
+ libtool
autoconf-2.71
automake
pkg-config
bison
;; Native GCC 10 toolchain
gcc-toolchain-10
(list gcc-toolchain-10 "static")
;; Scripting
- python-minimal ;; (3.9)
+ python-minimal ;; (3.10)
perl
;; Git
git-minimal
;; Tests
python-lief)
(let ((target (getenv "HOST")))
(cond ((string-suffix? "-mingw32" target)
;; Windows
(list zip
(make-mingw-pthreads-cross-toolchain "x86_64-w64-mingw32")
- (make-nsis-for-gcc-10 nsis-x86_64)
+ nsis-x86_64
nss-certs
osslsigncode))
((string-contains target "-linux-")
(list (make-bitcoin-cross-toolchain target)))
((string-contains target "darwin")
(list clang-toolchain-10 binutils xorriso python-signapple))
(else '())))))
diff --git a/contrib/guix/patches/gcc-broken-longjmp.patch b/contrib/guix/patches/gcc-broken-longjmp.patch
deleted file mode 100644
index 56568813c..000000000
--- a/contrib/guix/patches/gcc-broken-longjmp.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-commit eb5698897c52702498938592d7f76e67d126451f
-Author: Eric Botcazou <ebotcazou@adacore.com>
-Date: Wed May 5 22:48:51 2021 +0200
-
- Fix PR target/100402
-
- This is a regression for 64-bit Windows present from mainline down to the 9
- branch and introduced by the fix for PR target/99234. Again SEH, but with
- a twist related to the way MinGW implements setjmp/longjmp, which turns out
- to be piggybacked on SEH with recent versions of MinGW, i.e. the longjmp
- performs a bona-fide unwinding of the stack, because it calls RtlUnwindEx
- with the second argument initially passed to setjmp, which is the result of
- __builtin_frame_address (0) in the MinGW header file:
-
- define setjmp(BUF) _setjmp((BUF), __builtin_frame_address (0))
-
- This means that we directly expose the frame pointer to the SEH machinery
- here (unlike with regular exception handling where we use an intermediate
- CFA) and thus that we cannot do whatever we want with it. The old code
- would leave it unaligned, i.e. not multiple of 16, whereas the new code
- aligns it, but this breaks for some reason; at least it appears that a
- .seh_setframe directive with 0 as second argument always works, so the
- fix aligns it this way.
-
- gcc/
- PR target/100402
- * config/i386/i386.c (ix86_compute_frame_layout): For a SEH target,
- always return the establisher frame for __builtin_frame_address (0).
- gcc/testsuite/
- * gcc.c-torture/execute/20210505-1.c: New test.
-
- This patch can be dropped when we are building with GCC 10.4.0 or later.
-
-diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
-index 2f838840e96..06ad1b2274e 100644
---- a/gcc/config/i386/i386.c
-+++ b/gcc/config/i386/i386.c
-@@ -6356,12 +6356,29 @@ ix86_compute_frame_layout (void)
- area, see the SEH code in config/i386/winnt.c for the rationale. */
- frame->hard_frame_pointer_offset = frame->sse_reg_save_offset;
-
-- /* If we can leave the frame pointer where it is, do so. Also, return
-+ /* If we can leave the frame pointer where it is, do so; however return
- the establisher frame for __builtin_frame_address (0) or else if the
-- frame overflows the SEH maximum frame size. */
-+ frame overflows the SEH maximum frame size.
-+
-+ Note that the value returned by __builtin_frame_address (0) is quite
-+ constrained, because setjmp is piggybacked on the SEH machinery with
-+ recent versions of MinGW:
-+
-+ # elif defined(__SEH__)
-+ # if defined(__aarch64__) || defined(_ARM64_)
-+ # define setjmp(BUF) _setjmp((BUF), __builtin_sponentry())
-+ # elif (__MINGW_GCC_VERSION < 40702)
-+ # define setjmp(BUF) _setjmp((BUF), mingw_getsp())
-+ # else
-+ # define setjmp(BUF) _setjmp((BUF), __builtin_frame_address (0))
-+ # endif
-+
-+ and the second argument passed to _setjmp, if not null, is forwarded
-+ to the TargetFrame parameter of RtlUnwindEx by longjmp (after it has
-+ built an ExceptionRecord on the fly describing the setjmp buffer). */
- const HOST_WIDE_INT diff
- = frame->stack_pointer_offset - frame->hard_frame_pointer_offset;
-- if (diff <= 255)
-+ if (diff <= 255 && !crtl->accesses_prior_frames)
- {
- /* The resulting diff will be a multiple of 16 lower than 255,
- i.e. at most 240 as required by the unwind data structure. */
diff --git a/contrib/guix/patches/nsis-disable-installer-reloc.patch b/contrib/guix/patches/nsis-disable-installer-reloc.patch
deleted file mode 100644
index 4914527e5..000000000
--- a/contrib/guix/patches/nsis-disable-installer-reloc.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-Patch NSIS so that it's installer stubs, produced at NSIS build time,
-do not contain .reloc sections, which will exist by default when using
-binutils/ld 2.36+.
-
-This ultimately fixes an issue when running the installer with the
-"Force randomization for images (Mandatory ASLR)" setting active.
-
-This patch has not yet been sent upstream, because it's not clear if this
-is the best fix, for the underlying issue, which seems to be that makensis
-doesn't account for .reloc sections when it builds installers.
-
-The existence of a reloc section shouldn't be a problem, and, if anything,
-is actually a requirement for working ASLR. All other Windows binaries we
-produce contain them, and function correctly when under the same
-"Force randomization for images (Mandatory ASLR)" setting.
-
-See:
-https://github.com/bitcoin/bitcoin/issues/25726
-https://sourceforge.net/p/nsis/bugs/1131/
-
---- a/SCons/Config/gnu
-+++ b/SCons/Config/gnu
-@@ -102,6 +102,7 @@ stub_env.Append(LINKFLAGS = ['-mwindows']) # build windows executables
- stub_env.Append(LINKFLAGS = ['$NODEFLIBS_FLAG']) # no standard libraries
- stub_env.Append(LINKFLAGS = ['$ALIGN_FLAG']) # 512 bytes align
- stub_env.Append(LINKFLAGS = ['$MAP_FLAG']) # generate map file
-+stub_env.Append(LINKFLAGS = ['-Wl,--disable-reloc-section'])
-
- conf = FlagsConfigure(stub_env)
- conf.CheckCompileFlag('-fno-tree-loop-distribute-patterns') # GCC 10: Don't generate msvcrt!memmove calls (bug #1248)
diff --git a/contrib/guix/patches/nsis-gcc-10-memmove.patch b/contrib/guix/patches/nsis-gcc-10-memmove.patch
deleted file mode 100644
index a1aadfd4f..000000000
--- a/contrib/guix/patches/nsis-gcc-10-memmove.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-commit f6df41524e703dc471e283e566a48e05a735b7f2
-Author: Anders <anders_k@users.sourceforge.net>
-Date: Sat Jun 27 23:18:45 2020 +0000
-
- Don't let GCC 10 generate memmove calls (bug #1248)
-
- git-svn-id: https://svn.code.sf.net/p/nsis/code/NSIS/trunk@7189 212acab6-be3b-0410-9dea-997c60f758d6
-
-diff --git a/SCons/Config/gnu b/SCons/Config/gnu
-index bfcb362d..21fa446b 100644
---- a/SCons/Config/gnu
-+++ b/SCons/Config/gnu
-@@ -103,6 +103,10 @@ stub_env.Append(LINKFLAGS = ['$NODEFLIBS_FLAG']) # no standard libraries
- stub_env.Append(LINKFLAGS = ['$ALIGN_FLAG']) # 512 bytes align
- stub_env.Append(LINKFLAGS = ['$MAP_FLAG']) # generate map file
-
-+conf = FlagsConfigure(stub_env)
-+conf.CheckCompileFlag('-fno-tree-loop-distribute-patterns') # GCC 10: Don't generate msvcrt!memmove calls (bug #1248)
-+conf.Finish()
-+
- stub_uenv = stub_env.Clone()
- stub_uenv.Append(CPPDEFINES = ['_UNICODE', 'UNICODE'])
-
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Sun, Mar 2, 10:20 (1 d, 11 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
5187331
Default Alt Text
(48 KB)
Attached To
rABC Bitcoin ABC
Event Timeline
Log In to Comment