From d888aa3cbc40020e8769f187a33bf0dc41c7c97c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 31 Mar 2023 12:51:37 -0400 Subject: [PATCH] user/ruby3.0: new aport --- user/ruby3.0/APKBUILD | 228 ++++++++++++++++++ user/ruby3.0/dont-install-bundled-gems.patch | 20 ++ user/ruby3.0/fix-get_main_stack.patch | 70 ++++++ user/ruby3.0/ruby3.0.post-upgrade | 17 ++ .../test_insns-lower-recursion-depth.patch | 47 ++++ 5 files changed, 382 insertions(+) create mode 100644 user/ruby3.0/APKBUILD create mode 100644 user/ruby3.0/dont-install-bundled-gems.patch create mode 100644 user/ruby3.0/fix-get_main_stack.patch create mode 100644 user/ruby3.0/ruby3.0.post-upgrade create mode 100644 user/ruby3.0/test_insns-lower-recursion-depth.patch diff --git a/user/ruby3.0/APKBUILD b/user/ruby3.0/APKBUILD new file mode 100644 index 0000000..26bd95d --- /dev/null +++ b/user/ruby3.0/APKBUILD @@ -0,0 +1,228 @@ +# Contributor: Carlo Landmeter +# Contributor: Jakub Jirutka +# Contributor: Nulo +# Maintainer: Jakub Jirutka +# +# secfixes: +# 3.0.5-r0: +# - CVE-2021-33621 +# 3.0.4-r0: +# - CVE-2022-28738 +# - CVE-2022-28739 +# 3.0.3-r0: +# - CVE-2021-41817 +# - CVE-2021-41816 +# - CVE-2021-41819 +# 2.7.4-r0: +# - CVE-2021-31799 +# - CVE-2021-31810 +# - CVE-2021-32066 +# 2.7.3-r0: +# - CVE-2021-28965 +# - CVE-2021-28966 +# 2.7.2-r0: +# - CVE-2020-25613 +# 2.6.6-r0: +# - CVE-2020-10663 +# - CVE-2020-10933 +# 2.6.5-r0: +# - CVE-2019-16255 +# - CVE-2019-16254 +# - CVE-2019-15845 +# - CVE-2019-16201 +# 2.5.2-r0: +# - CVE-2018-16395 +# - CVE-2018-16396 +# 2.5.1-r0: +# - CVE-2017-17742 +# - CVE-2018-6914 +# - CVE-2018-8777 +# - CVE-2018-8778 +# - CVE-2018-8779 +# - CVE-2018-8780 +# 2.4.2-r0: +# - CVE-2017-0898 +# - CVE-2017-10784 +# - CVE-2017-14033 +# - CVE-2017-14064 +# - CVE-2017-0899 +# - CVE-2017-0900 +# - CVE-2017-0901 +# - CVE-2017-0902 +# 2.4.3-r0: +# - CVE-2017-17405 +# +pkgname=ruby3.0 +_pkgname=ruby +# When upgrading, upgrade also each ruby- aport listed in file +# gems/bundled_gems. If some aport is missing or not in the main repo, +# create/move it. +pkgver=3.0.5 +_abiver="${pkgver%.*}.0" +pkgrel=0 +pkgdesc="An object-oriented language for quick and easy programming" +url="https://www.ruby-lang.org/" +arch="all" +license="Ruby AND BSD-2-Clause AND MIT" +depends="ca-certificates" +depends_dev=" + $pkgname=$pkgver-r$pkgrel + $pkgname-rdoc=$pkgver-r$pkgrel + gmp-dev + libucontext-dev + " +makedepends="$depends_dev zlib-dev openssl1.1-compat-dev gdbm-dev readline-dev + libffi-dev coreutils yaml-dev linux-headers autoconf" +install="$pkgname.post-upgrade" +subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev + $pkgname-rdoc::noarch + $pkgname-libs + $pkgname-full::noarch + " +source="https://cache.ruby-lang.org/pub/ruby/${pkgver%.*}/ruby-$pkgver.tar.gz + test_insns-lower-recursion-depth.patch + fix-get_main_stack.patch + dont-install-bundled-gems.patch + " +replaces="ruby-gems" +builddir="$srcdir/$_pkgname-$pkgver" + +# For backward compatibility (pre 3.x). +for _i in bigdecimal etc fiddle gdbm io-console irb json; do + provides="$provides ruby3.0-$_i=$pkgver-r$pkgrel" +done + +_gemdir="/usr/lib/ruby/gems/$_abiver" +_rubydir="/usr/lib/ruby/$_abiver" +_chost="${CHOST/-alpine-/-}" +_depends_full='' # see prepare() + +case "$CARCH" in + x86) _arch="i386";; + *) _arch="$CARCH";; +esac + +prepare() { + default_prepare + autoconf + + # v2.7.1 - Of all the bootstraptest only test_fiber fails on s390x: + # test_fiber.rb bootstraptest.tmp.rb:8: [BUG] vm_call_cfunc: cfp consistency error (0x000003ffb63fefb0, 0x000003ffb42f5f58) + case "$CARCH" in + s390x) rm bootstraptest/test_fiber.rb;; + esac + + local name ver; while read -r name ver _; do + case "$name=$ver" in + [a-z]*=[0-9]*.[0-9]*) + if ! apk add -qs "ruby-$name>=$ver" >/dev/null 2>&1; then + warning "bump package ruby-$name to version $ver" + fi + _depends_full="$_depends_full ruby-$name>=$ver" + esac + done < "$builddir"/gems/bundled_gems +} + +build() { + # -fomit-frame-pointer makes ruby segfault, see gentoo bug #150413 + # In many places aliasing rules are broken; play it safe + # as it's risky with newer compilers to leave it as it is. + export CFLAGS="$CFLAGS -fno-omit-frame-pointer -fno-strict-aliasing" + export CPPFLAGS="$CPPFLAGS -fno-omit-frame-pointer -fno-strict-aliasing" + + # Needed for coroutine stuff + export LIBS="-lucontext" + + # ruby saves path to install. we want use $PATH + export INSTALL=install + + # the configure script does not detect isnan/isinf as macros + export ac_cv_func_isnan=yes + export ac_cv_func_isinf=yes + + ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --infodir=/usr/share/info \ + --with-sitedir=/usr/local/lib/site_ruby \ + --with-search-path="/usr/lib/site_ruby/\$(ruby_ver)/$_arch-linux" \ + --enable-pthread \ + --disable-rpath \ + --enable-shared \ + --with-mantype=man + make +} + +check() { + make test +} + +package() { + make DESTDIR="$pkgdir" SUDO="" install + + install -m 644 -D COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING + + cd "$pkgdir" + + # Remove bundled gem bundler; it's provided by a separate aport/package + # ruby-bundler. + rm -rf ./$_rubydir/bundler + rm ./$_rubydir/bundler.rb + rm -rf ./$_gemdir/gems/bundler-* + rm ./$_gemdir/specifications/default/bundler-*.gemspec + rm usr/bin/bundle usr/bin/bundler + + # Remove bundled CA certificates; they are provided by ca-certificates. + rm ./$_rubydir/rubygems/ssl_certs/*/*.pem + rmdir ./$_rubydir/rubygems/ssl_certs/* || true + + rm -Rf ./$_gemdir/cache/* + + if [ -d usr/local ]; then + local f=$(find usr/local -type f) + if [ -n "$f" ]; then + error "Found files in /usr/local:" + echo "$f" + return 1 + fi + rm -r usr/local + fi +} + +rdoc() { + pkgdesc="Ruby documentation tool" + license="Ruby" + depends="$pkgname" + + amove $_rubydir/rdoc + amove $_gemdir/gems/rdoc-* + amove $_gemdir/specifications/default/rdoc-* + amove usr/bin/ri + amove usr/bin/rdoc +} + +libs() { + pkgdesc="Libraries necessary to run Ruby" + depends="" + + amove usr/lib +} + +full() { + pkgdesc="Ruby with all bundled gems" + # bundler is bundled since Ruby 2.6, so include it in ruby-full despite + # that it's provided by a seprate aport/package. + depends="ruby ruby-rdoc ruby-bundler $_depends_full" + + mkdir -p "$subpkgdir" +} + +sha512sums=" +ea45fcd2ca53b87f18fd8696d00a1e340d2495443216aaf87d3f643cb5bd8bb614a1faacd82d07e7f2b72172397c728316a82d7c34a7b4566191268ea517ccf7 ruby-3.0.5.tar.gz +2ee66e841f841ad6e7c8877ec20b548d23b50d6a888a0d2d16f9062892c5d1c64efb59385f6723bae6cd1591824278787eefc0180768619c653243756d1300ab test_insns-lower-recursion-depth.patch +8e0a75899a3855f85441dabb6571569f13cf3472c2ccb2ec5c8e0e5cc9026af3c9951ebed4a754d9723dfd1c8ece32862802f20e18b7e5de4875125d92ef146b fix-get_main_stack.patch +10bda0462feaec73a7522ef622ffc18815b1d4302e771013ab78ef88d1d9f76277b1d24401eff054e031ca0fbc1ac80486d58282378cbdaf695786b212e6524d dont-install-bundled-gems.patch +" diff --git a/user/ruby3.0/dont-install-bundled-gems.patch b/user/ruby3.0/dont-install-bundled-gems.patch new file mode 100644 index 0000000..5710923 --- /dev/null +++ b/user/ruby3.0/dont-install-bundled-gems.patch @@ -0,0 +1,20 @@ +Don't install bundled gems - we package them separately. + +--- a/tool/rbinstall.rb ++++ b/tool/rbinstall.rb +@@ -947,6 +947,7 @@ + end + end + ++=begin XXX-Patched + install?(:ext, :comm, :gem, :'bundled-gems') do + gem_dir = Gem.default_dir + install_dir = with_destdir(gem_dir) +@@ -1026,6 +1027,7 @@ + puts "skip installing bundled gems because of lacking zlib" + end + end ++=end + + parse_args() + diff --git a/user/ruby3.0/fix-get_main_stack.patch b/user/ruby3.0/fix-get_main_stack.patch new file mode 100644 index 0000000..ef369bc --- /dev/null +++ b/user/ruby3.0/fix-get_main_stack.patch @@ -0,0 +1,70 @@ +diff --git a/thread_pthread.c b/thread_pthread.c +index 951885ffa0..cf90321d1d 100644 +--- a/thread_pthread.c ++++ b/thread_pthread.c +@@ -681,9 +689,6 @@ hpux_attr_getstackaddr(const pthread_attr_t *attr, void **addr) + # define MAINSTACKADDR_AVAILABLE 0 + # endif + #endif +-#if MAINSTACKADDR_AVAILABLE && !defined(get_main_stack) +-# define get_main_stack(addr, size) get_stack(addr, size) +-#endif + + #ifdef STACKADDR_AVAILABLE + /* +@@ -765,6 +762,55 @@ get_stack(void **addr, size_t *size) + return 0; + #undef CHECK_ERR + } ++ ++#if defined(__linux__) && !defined(__GLIBC__) && defined(HAVE_GETRLIMIT) ++ ++#ifndef PAGE_SIZE ++#include ++#define PAGE_SIZE sysconf(_SC_PAGE_SIZE) ++#endif ++ ++static int ++get_main_stack(void **addr, size_t *size) ++{ ++ size_t start, end, limit, prevend = 0; ++ struct rlimit r; ++ FILE *f; ++ char buf[PATH_MAX+80], s[8]; ++ int n; ++ STACK_GROW_DIR_DETECTION; ++ ++ f = fopen("/proc/self/maps", "re"); ++ if (!f) ++ return -1; ++ n = 0; ++ while (fgets(buf, sizeof buf, f)) { ++ n = sscanf(buf, "%zx-%zx %*s %*s %*s %*s %7s", &start, &end, s); ++ if (n >= 2) { ++ if (n == 3 && strcmp(s, "[stack]") == 0) ++ break; ++ prevend = end; ++ } ++ n = 0; ++ } ++ fclose(f); ++ if (n == 0) ++ return -1; ++ ++ limit = 100 << 20; /* 100MB stack limit */ ++ if (getrlimit(RLIMIT_STACK, &r)==0 && r.rlim_cur < limit) ++ limit = r.rlim_cur & -PAGE_SIZE; ++ if (limit > end) limit = end; ++ if (prevend < end - limit) prevend = end - limit; ++ if (start > prevend) start = prevend; ++ *addr = IS_STACK_DIR_UPPER() ? (void *)start : (void *)end; ++ *size = end - start; ++ return 0; ++} ++#else ++# define get_main_stack(addr, size) get_stack(addr, size) ++#endif ++ + #endif + + static struct { diff --git a/user/ruby3.0/ruby3.0.post-upgrade b/user/ruby3.0/ruby3.0.post-upgrade new file mode 100644 index 0000000..6cba787 --- /dev/null +++ b/user/ruby3.0/ruby3.0.post-upgrade @@ -0,0 +1,17 @@ +#!/bin/sh + +ver_new="$1" +ver_old="$2" + +if [ "$(apk version -t "$ver_old" "2.5.0-r0")" = "<" ]; then + cat >&2 <<-EOF + * + * In Ruby 2.5 more parts of the stdlib has been splitted into standalone + * gems, yet still installed with Ruby by default. We have moved some of + * them into separate subpackages. If you don't know which subpackages you + * need, you may install meta-package "ruby-full". + * + EOF +fi + +exit 0 diff --git a/user/ruby3.0/test_insns-lower-recursion-depth.patch b/user/ruby3.0/test_insns-lower-recursion-depth.patch new file mode 100644 index 0000000..a775efb --- /dev/null +++ b/user/ruby3.0/test_insns-lower-recursion-depth.patch @@ -0,0 +1,47 @@ +The patched test is a recursion function. We have lower stack size, +so we hit SystemStackError sooner than on other platforms. + + #361 test_insns.rb:389:in `block in ': + # recursive once + def once n + return %r/#{ + if n == 0 + true + else + once(n-1) # here + end + }/ox + end + x = once(128); x = once(7); x = once(16); + x =~ "true" && $~ + #=> "" (expected "true") once + Stderr output is not empty + bootstraptest.tmp.rb:3:in `once': stack level too deep (SystemStackError) + from bootstraptest.tmp.rb:7:in `block in once' + from bootstraptest.tmp.rb:3:in `once' + from bootstraptest.tmp.rb:7:in `block in once' + from bootstraptest.tmp.rb:3:in `once' + from bootstraptest.tmp.rb:7:in `block in once' + from bootstraptest.tmp.rb:3:in `once' + from bootstraptest.tmp.rb:7:in `block in once' + from bootstraptest.tmp.rb:3:in `once' + ... 125 levels... + from bootstraptest.tmp.rb:3:in `once' + from bootstraptest.tmp.rb:7:in `block in once' + from bootstraptest.tmp.rb:3:in `once' + from bootstraptest.tmp.rb:11:in `
' + Test_insns.rb FAIL 1/187 + FAIL 1/1197 tests failed + Make: *** [uncommon.mk:666: yes-btest-ruby] Error 1 + +--- a/bootstraptest/test_insns.rb ++++ b/bootstraptest/test_insns.rb +@@ -273,7 +273,7 @@ + end + }/ox + end +- x = once(128); x = once(7); x = once(16); ++ x = once(32); x = once(7); x = once(16); + x =~ "true" && $~ + }, + [ 'once', <<-'},', ], # {