gcc: add enableHostPie option; use it for stdenv bootstrap-tools#514892
gcc: add enableHostPie option; use it for stdenv bootstrap-tools#514892JamieMagee wants to merge 1 commit into
Conversation
GCC's host binaries (notably the gcc driver) are linked as fixed-address EXEC by default, with the lowest LOAD segment at 0x10000. On systems where vm.mmap_min_addr is higher than that — including the RISE RISC-V Runners (https://riseproject.dev/2026/03/24/announcing-the-rise-risc-v-runners-free-native-risc-v-ci-on-github/), which run as Kubernetes pods on Scaleway EM-RV1 boards — the kernel refuses the fixed mmap and the bootstrap cc segfaults on the very first \`expand-response-params\` compile. The whole stdenv bootstrap then dies with cascading 'C compiler cannot create executables' errors. GCC 14 introduced --enable-host-pie, which links the host gcc binaries as PIE so the kernel can load them anywhere. Wire that flag through and turn it on when building bootGCC for stdenv bootstrap-tools. Original diagnosis on a DC ROMA II laptop: https://tristanxr.com/post/dc-roma-ii-nix/
nixpkgs-ci
Bot
added
10.rebuild-darwin: 0
|
It's sli....ghtly more complicated than that. The more precise reason is that binutils for riscv64 links all PDE (position dependent executable, the opposite of PIE, But wait, isn't that exactly right for it to work? It would be if it wasn't for patchelf... NixOS/patchelf#622 (comment) Patchelf inserts data below the lowest address if available, which means that if you patchelf a PDE hard enough, the lowest address bumps down to As such, although possible (the amount of extra data patchelf needs to insert is basically a matter of luck), I would be surprised if what you've done here reliably (as in, across versions) produces a usable gcc. Even if it does, everything in Nixpkgs that cannot be built as a PIE would potentially have this problem. Aside from your stopgap, my other two ideas is to
I'm not against merging this as a stopgap but, pending @NixOS/stdenv approval, maybe we should just |
|
That's a much better mental model. Thanks for tracing it through binutils + patchelf. The So as a stopgap this is flimsier than I thought. Of your two suggestions, bumping TEXT_START_ADDR to 0x100000 seems like the better fix. Want me to take a swing at that? And would it go upstream to binutils, or as a nixpkgs-local patch on the riscv64 binutils derivation? Also +1 on flipping --enable-host-pie on by default for gcc ≥ 14. Happy to widen this PR or keep it scoped and do the default-flip separately, whichever you prefer. |
|
Took a swing at the patchelf side too: NixOS/patchelf#637 tracks the input's lowest LOAD |
2 participants
GCC's host binaries are linked as fixed-address
EXECELFs with their lowest LOAD segment at0x10000. On systems wherevm.mmap_min_addris set higher than that (including the RISE RISC-V Runners) the kernel refuses the fixed mmap and the bootstrapccsegfaults on the very firstexpand-response-paramscompile.GCC 14 added
--enable-host-pie, which links the hostgccbinaries as PIE so they can load anywhere. This wires that flag through asenableHostPie(defaultfalse) and turns it on when buildingbootGCCfor stdenv bootstrap-tools, gated on gcc >= 14 since older versions don't know the flag.Default off everywhere else, so existing arch tarballs aren't affected unless someone explicitly regenerates them.
The riscv64-linux bootstrap-files pin needs a separate follow-up PR once Hydra rebuilds
stdenvBootstrapTools.riscv64-linux.distwith this change. Same dance as #498702.Original diagnosis by @RossComputerGuy on a DC ROMA II laptop: https://tristanxr.com/post/dc-roma-ii-nix/.
cc @NixOS/risc-v @NixOS/stdenv
Things done
passthru.tests.nixpkgs-reviewon this PR. See nixpkgs-review usage../result/bin/.