Merge pull request #28799 from orivej/stdenv-setup

stdenv-setup: fix substituteAll with set -eu

pkgs/stdenv/generic/make-derivation.nix

@@ -49,6 +49,7 @@ rec {
     # TODO(@Ericson2314): Make this more modular, and not O(n^2).
     let
       supportedHardeningFlags = [ "fortify" "stackprotector" "pie" "pic" "strictoverflow" "format" "relro" "bindnow" ];
+      # hardeningDisable additionally supports "all".
       erroneousHardeningFlags = lib.subtractLists supportedHardeningFlags (hardeningEnable ++ lib.remove "all" hardeningDisable);
     in if builtins.length erroneousHardeningFlags != 0
     then abort ("mkDerivation was called with unsupported hardening flags: " + lib.generators.toPretty {} {

pkgs/stdenv/generic/setup.sh

@@ -473,14 +473,14 @@ substitute() {
     shift 2
 
     if [ ! -f "$input" ]; then
-      echo "${FUNCNAME[0]}(): ERROR: file '$input' does not exist" >&2
+      echo "substitute(): ERROR: file '$input' does not exist" >&2
       return 1
     fi
 
     local content
     # read returns non-0 on EOF, so we want read to fail
     if IFS='' read -r -N 0 content < "$input"; then
-        echo "${FUNCNAME[0]}(): ERROR: File \"$input\" has null bytes, won't process" >&2
+        echo "substitute(): ERROR: File \"$input\" has null bytes, won't process" >&2
         return 1
     fi
 
@@ -497,10 +497,8 @@ substitute() {
                 shift 2
                 # check if the used nix attribute name is a valid bash name
                 if ! [[ "$varName" =~ ^[a-zA-Z_][a-zA-Z0-9_]*$ ]]; then
-                    echo "${FUNCNAME[0]}(): WARNING: substitution variables should be valid bash names," >&2
+                    echo "substitute(): ERROR: substitution variables must be valid Bash names, \"$varName\" isn't." >&2
-                    echo "  \"$varName\" isn't and therefore was skipped; it might be caused" >&2
+                    return 1
-                    echo "  by multi-line phases in variables - see #14907 for details." >&2
-                    continue
                 fi
                 pattern="@$varName@"
                 replacement="${!varName}"
@@ -513,7 +511,7 @@ substitute() {
                 ;;
 
             *)
-                echo "${FUNCNAME[0]}(): ERROR: Invalid command line argument: $1" >&2
+                echo "substitute(): ERROR: Invalid command line argument: $1" >&2
                 return 1
                 ;;
         esac
@@ -533,18 +531,16 @@ substituteInPlace() {
 }
 
 
-# Substitute all environment variables that do not start with an upper-case
+# Substitute all environment variables that start with a lowercase character and
-# character or underscore. Note: other names that aren't bash-valid
+# are valid Bash names.
-# will cause an error during `substitute --subst-var`.
 substituteAll() {
     local input="$1"
     local output="$2"
     local -a args=()
 
-    # Select all environment variables that start with a lowercase character.
+    for varName in $(awk 'BEGIN { for (v in ENVIRON) if (v ~ /^[a-z][a-zA-Z0-9_]*$/) print v }'); do
-    for varName in $(env | sed -e $'s/^\([a-z][^= \t]*\)=.*/\\1/; t \n d'); do
         if [ "${NIX_DEBUG:-}" = "1" ]; then
-            echo "@${varName}@ -> '${!varName}'"
+            printf "@%s@ -> %q\n" "${varName}" "${!varName}"
         fi
         args+=("--subst-var" "$varName")
     done