| 14 Feb 2026 |
emily | like how we do PIE by default in our GCC and Clang builds | 17:59:13 |
emily | overriding for an individual package can be flag driven | 17:59:26 |
emily | though I think NIX_CFLAGS_COMPILE is probably sufficient interface there | 18:00:02 |
ris_ | i seeee | 18:02:04 |
ris_ | yeah i just think it's weird, people will expect that setting hardeningDisable = ["libcxxhardeningfast"]; to actually disable it | 18:02:58 |
ris_ | * yeah i just think it's weird, people will expect setting hardeningDisable = ["libcxxhardeningfast"]; to actually disable it | 18:47:29 |
emily | might be good to support hardeningDisable adding flags? but if we control it with the build-time default + cflags maybe it can just be an override in pkgsExtraHardening and not need the hardening* machinery at all | 20:34:31 |
| 15 Feb 2026 |
| ilsubyeega (backup) joined the room. | 02:36:46 |
| 16 Feb 2026 |
| zimward changed their display name from zimward to zim. | 13:48:43 |
| zimward changed their display name from zim to zimward. | 13:50:09 |
| pneumatic changed their profile picture. | 15:18:12 |
| 18 Feb 2026 |
ris_ | that's interesting - https://hydra.nixos.org/build/319824740 - since 2026-01-22 we've always been able to find pacret instructions in our aarch64 binaries | 22:22:07 |
ris_ | whether we've got the flag enabled or not | 22:22:30 |
ris_ | and the weird thing is it's for both clang and gcc | 22:22:47 |
ris_ | does this correspond to the gcc 15 switch? | 22:26:58 |
| 19 Feb 2026 |
ris_ | on closer inspection it looks like paciaspis being added to just _init and _fini when "disabled" | 19:16:46 |
emily | those are hand-written assembly, right? | 19:21:54 |
ris_ | beyond my understanding | 19:33:47 |
ris_ | my solution https://github.com/NixOS/nixpkgs/pull/492221 | 19:34:32 |
| 21 Feb 2026 |
| h7x4 changed their profile picture. | 19:27:00 |
| h7x4 changed their profile picture. | 19:30:26 |
| h7x4 changed their profile picture. | 19:33:54 |
| 22 Feb 2026 |
| Pearl joined the room. | 02:54:30 |
| 4 Aug 2022 |
| Winter (she/her) joined the room. | 03:27:09 |
| [0x4A6F] joined the room. | 22:08:01 |
| 6 Aug 2022 |
Winter (she/her) | Does anyone know where the fact that the Darwin stdenv builds CMake twice comes from? As far as I can tell, it's from stage 0, and then just gets used in the other stages from there. Am I missing something here, is it something with the overrides? It looks like it might be, but then the fact that those are only allowed in the final stage (per booter.nix) (when that doesn't seem true, since then they wouldn't be defined...?) comes up.
(Isn't this the same pattern (defining in one stage and referencing in the others) that makes Glibc only build a limited number of times in the Linux stdenv?) | 08:00:17 |
@trofi:matrix.org | You think cmake should be rebuild less? Or more?
glibc's is probably a bit different as it's a part of stdenv.cc.libc and mainly used by that I would guess. Also, if depends if the package is used or not by other packages in the derivation would affect rebuild count as well.
| 14:59:09 |
@trofi:matrix.org | Looking at stdenv's dep tree I see 2 cmake-boot hashes and one cmake hash: https://dpaste.com/8GGM6P9BF.txt | 15:03:11 |
Winter (she/her) | In reply to @trofi:matrix.org
You think cmake should be rebuild less? Or more?
glibc's is probably a bit different as it's a part of stdenv.cc.libc and mainly used by that I would guess. Also, if depends if the package is used or not by other packages in the derivation would affect rebuild count as well.
I have no particular opinion, I'm just curious how that happens. | 21:22:09 |
Winter (she/her) | Oh, for clarification, I was talking about cmake-boot. | 21:22:19 |