Merge branch 'staging'

pkgs/applications/graphics/paraview/default.nix

@@ -29,6 +29,9 @@ stdenv.mkDerivation rec {
     "-DPARAVIEW_INSTALL_DEVELOPMENT=ON"
   ];
 
+  # https://bugzilla.redhat.com/show_bug.cgi?id=1138466
+  NIX_CFLAGS_COMPILE = "-DGLX_GLXEXT_LEGACY";
+
   enableParallelBuilding = true;
 
   buildInputs = [ cmake qt4 hdf5 mpich2 python libxml2 mesa libXt ];

pkgs/build-support/cc-wrapper/cc-wrapper.sh

@@ -80,8 +80,8 @@ if [ "$NIX_ENFORCE_PURITY" = 1 -a -n "$NIX_STORE" ]; then
 fi
 
 if [[ "@prog@" = *++ ]]; then
-    if  echo "$@" | grep -qvw -- -nostdlib; then
-        NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE $NIX_CXXSTDLIB_COMPILE"
+    if  echo "$@" | grep -qv -- -nostdlib; then
+        NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE ${NIX_CXXSTDLIB_COMPILE-@default_cxx_stdlib_compile@}"
         NIX_CFLAGS_LINK="$NIX_CFLAGS_LINK $NIX_CXXSTDLIB_LINK"
     fi
 fi

pkgs/build-support/cc-wrapper/default.nix

@@ -169,6 +169,12 @@ stdenv.mkDerivation {
 
       export real_cc=cc
       export real_cxx=c++
+      export default_cxx_stdlib_compile="${
+        if stdenv.isLinux && !(cc.isGNU or false)
+          then "-isystem $(echo -n ${cc.gcc}/include/c++/*) -isystem $(echo -n ${cc.gcc}/include/c++/*)/$(${cc.gcc}/bin/gcc -dumpmachine)"
+          else ""
+      }"
+
       if [ -e $ccPath/gcc ]; then
         wrap gcc ${./cc-wrapper.sh} $ccPath/gcc
         ln -s gcc $out/bin/cc

pkgs/development/compilers/gcc/4.9/default.nix

@@ -475,7 +475,7 @@ stdenv.mkDerivation ({
     else null;
 
   passthru =
-    { inherit langC langCC langAda langFortran langVhdl langGo enableMultilib version; };
+    { inherit langC langCC langAda langFortran langVhdl langGo enableMultilib version; isGNU = true; };
 
   inherit enableParallelBuilding;
 

pkgs/development/compilers/llvm/3.6/clang/cmake-exports.patch

@@ -0,0 +1,29 @@
+diff -Naur clang-3.6.0.src-orig/CMakeLists.txt clang-3.6.0.src/CMakeLists.txt 
+--- clang-3.6.0.src-orig/CMakeLists.txt	2015-03-05 05:56:20.788520896 +0100
++++ clang-3.6.0.src/CMakeLists.txt	2015-03-05 06:02:15.589365469 +0100
+@@ -362,6 +362,7 @@
+ 
+     if (NOT LLVM_INSTALL_TOOLCHAIN_ONLY OR ${name} STREQUAL "libclang")
+       install(TARGETS ${name}
++        EXPORT ClangTargets
+         LIBRARY DESTINATION lib${LLVM_LIBDIR_SUFFIX}
+         ARCHIVE DESTINATION lib${LLVM_LIBDIR_SUFFIX}
+         RUNTIME DESTINATION bin)
+@@ -516,15 +517,15 @@
+   set(CLANG_INSTALL_PACKAGE_DIR share/clang/cmake)
+   set(clang_cmake_builddir "${CMAKE_BINARY_DIR}/${CLANG_INSTALL_PACKAGE_DIR}")
+   get_property(CLANG_EXPORTS GLOBAL PROPERTY CLANG_EXPORTS)
+-  export(TARGETS ${CLANG_EXPORTS} FILE ${clang_cmake_builddir}/ClangTargets.cmake)
+ 
+   # Install a <prefix>/share/clang/cmake/ClangConfig.cmake file so that
+   # find_package(Clang) works. Install the target list with it.
+   install(FILES
+     ${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules/ClangConfig.cmake
+-    ${CLANG_BINARY_DIR}/share/clang/cmake/ClangTargets.cmake
+     DESTINATION share/clang/cmake)
+ 
++  install(EXPORT ClangTargets DESTINATION share/clang/cmake)
++
+   # Also copy ClangConfig.cmake to the build directory so that dependent projects
+   # can build against a build directory of Clang more easily.
+   configure_file(

pkgs/development/compilers/llvm/3.6/clang/default.nix

@@ -0,0 +1,54 @@
+{ stdenv, fetch, cmake, libxml2, libedit, llvm, version, clang-tools-extra_src }:
+
+let
+  gcc = if stdenv.cc.cc.isGNU or false then stdenv.cc.cc else stdenv.cc.cc.gcc;
+in stdenv.mkDerivation {
+  name = "clang-${version}";
+
+  unpackPhase = ''
+    unpackFile ${fetch "cfe" "0b8825mvdhfk5r9gwcwp1j2dl9kw5glgyk7pybq2dzhrh4vnj3my"}
+    mv cfe-${version}.src clang
+    sourceRoot=$PWD/clang
+    unpackFile ${clang-tools-extra_src}
+    mv clang-tools-extra-* $sourceRoot/tools/extra
+  '';
+
+  buildInputs = [ cmake libedit libxml2 llvm ];
+
+  cmakeFlags = [
+    "-DCMAKE_BUILD_TYPE=Release"
+    "-DCMAKE_CXX_FLAGS=-std=c++11"
+  ] ++
+  # Maybe with compiler-rt this won't be needed?
+  (stdenv.lib.optional stdenv.isLinux "-DGCC_INSTALL_PREFIX=${gcc}") ++
+  (stdenv.lib.optional (stdenv.cc.libc != null) "-DC_INCLUDE_DIRS=${stdenv.cc.libc}/include");
+
+  patches = [ ./purity.patch ./cmake-exports.patch ];
+
+  postPatch = ''
+    sed -i -e 's/Args.hasArg(options::OPT_nostdlibinc)/true/' lib/Driver/Tools.cpp
+    sed -i -e 's/DriverArgs.hasArg(options::OPT_nostdlibinc)/true/' lib/Driver/ToolChains.cpp
+  '';
+
+  # Clang expects to find LLVMgold in its own prefix
+  # Clang expects to find sanitizer libraries in its own prefix
+  postInstall = ''
+    ln -sv ${llvm}/lib/LLVMgold.so $out/lib
+    ln -sv ${llvm}/lib/clang/${version}/lib $out/lib/clang/${version}/
+    ln -sv $out/bin/clang $out/bin/cpp
+  '';
+
+  enableParallelBuilding = true;
+
+  passthru = stdenv.lib.optionalAttrs stdenv.isLinux {
+    inherit gcc;
+  };
+
+  meta = {
+    description = "A c, c++, objective-c, and objective-c++ frontend for the llvm compiler";
+    homepage    = http://llvm.org/;
+    license     = stdenv.lib.licenses.bsd3;
+    maintainers = [ stdenv.lib.maintainers.shlevy ];
+    platforms   = stdenv.lib.platforms.all;
+  };
+}

pkgs/development/compilers/llvm/3.6/clang/purity.patch

@@ -0,0 +1,22 @@
+diff --git a/lib/Driver/Tools.cpp b/lib/Driver/Tools.cpp
+index 198e82e..810d006 100644
+--- a/lib/Driver/Tools.cpp
++++ b/lib/Driver/Tools.cpp
+@@ -7355,17 +7355,6 @@ void gnutools::Link::ConstructJob(Compilation &C, const JobAction &JA,
+     CmdArgs.push_back("-shared");
+   }
+ 
+-  if (ToolChain.getArch() == llvm::Triple::arm ||
+-      ToolChain.getArch() == llvm::Triple::armeb ||
+-      ToolChain.getArch() == llvm::Triple::thumb ||
+-      ToolChain.getArch() == llvm::Triple::thumbeb ||
+-      (!Args.hasArg(options::OPT_static) &&
+-       !Args.hasArg(options::OPT_shared))) {
+-    CmdArgs.push_back("-dynamic-linker");
+-    CmdArgs.push_back(Args.MakeArgString(
+-        D.DyldPrefix + getLinuxDynamicLinker(Args, ToolChain)));
+-  }
+-
+   CmdArgs.push_back("-o");
+   CmdArgs.push_back(Output.getFilename());
+ 

pkgs/development/compilers/llvm/3.6/default.nix

@@ -0,0 +1,35 @@
+{ pkgs, newScope, stdenv, isl, fetchurl, overrideCC, wrapCC }:
+let
+  callPackage = newScope (self // { inherit isl version fetch; });
+
+  version = "3.6.0";
+
+  fetch = fetch_v version;
+  fetch_v = ver: name: sha256: fetchurl {
+    url = "http://llvm.org/releases/${ver}/${name}-${ver}.src.tar.xz";
+    inherit sha256;
+  };
+
+  compiler-rt_src = fetch "compiler-rt" "04bbn946jninynkrjyp337xqs8ihn4fkz5xgvmywxkddwmwznjbz";
+  clang-tools-extra_src = fetch "clang-tools-extra" "04n83gsmy2ghvn7vp9hamsgn332rx2g7sa4paskr0d4ihax4ka9s";
+
+  self = {
+    llvm = callPackage ./llvm.nix {
+      inherit compiler-rt_src stdenv;
+    };
+
+    clang-unwrapped = callPackage ./clang {
+      inherit clang-tools-extra_src stdenv;
+    };
+
+    clang = wrapCC self.clang-unwrapped;
+
+    stdenv = overrideCC stdenv self.clang;
+
+    lldb = callPackage ./lldb.nix {};
+
+    libcxx = callPackage ./libc++ {};
+
+    libcxxabi = callPackage ./libc++abi.nix {};
+  };
+in self

pkgs/development/compilers/llvm/3.6/libc++/darwin.patch

@@ -0,0 +1,30 @@
+diff -ru -x '*~' libcxx-3.4.2.src-orig/lib/CMakeLists.txt libcxx-3.4.2.src/lib/CMakeLists.txt
+--- libcxx-3.4.2.src-orig/lib/CMakeLists.txt	2013-11-15 18:18:57.000000000 +0100
++++ libcxx-3.4.2.src/lib/CMakeLists.txt	2014-09-24 14:04:01.000000000 +0200
+@@ -56,7 +56,7 @@
+       "-compatibility_version 1"
+       "-current_version ${LIBCXX_VERSION}"
+       "-install_name /usr/lib/libc++.1.dylib"
+-      "-Wl,-reexport_library,/usr/lib/libc++abi.dylib"
++      "-Wl,-reexport_library,${LIBCXX_LIBCXXABI_LIB_PATH}/libc++abi.dylib"
+       "-Wl,-unexported_symbols_list,${CMAKE_CURRENT_SOURCE_DIR}/libc++unexp.exp"
+       "/usr/lib/libSystem.B.dylib")
+   else()
+@@ -64,14 +64,14 @@
+       list(FIND ${CMAKE_OSX_ARCHITECTURES} "armv7" OSX_HAS_ARMV7)
+       if (OSX_HAS_ARMV7)
+         set(OSX_RE_EXPORT_LINE
+-          "${CMAKE_OSX_SYSROOT}/usr/lib/libc++abi.dylib"
++          "${CMAKE_OSX_SYSROOT}${LIBCXX_LIBCXXABI_LIB_PATH}/libc++abi.dylib"
+           "-Wl,-reexported_symbols_list,${CMAKE_CURRENT_SOURCE_DIR}/libc++sjlj-abi.exp")
+       else()
+         set(OSX_RE_EXPORT_LINE
+-          "-Wl,-reexport_library,${CMAKE_OSX_SYSROOT}/usr/lib/libc++abi.dylib")
++          "-Wl,-reexport_library,${CMAKE_OSX_SYSROOT}${LIBCXX_LIBCXXABI_LIB_PATH}/libc++abi.dylib")
+       endif()
+     else()
+-      set (OSX_RE_EXPORT_LINE "/usr/lib/libc++abi.dylib -Wl,-reexported_symbols_list,${CMAKE_CURRENT_SOURCE_DIR}/libc++abi${LIBCXX_LIBCPPABI_VERSION}.exp")
++      set (OSX_RE_EXPORT_LINE "${LIBCXX_LIBCXXABI_LIB_PATH}/libc++abi.dylib -Wl,-reexported_symbols_list,${CMAKE_CURRENT_SOURCE_DIR}/libc++abi${LIBCXX_LIBCPPABI_VERSION}.exp")
+     endif()
+ 
+     list(APPEND link_flags

pkgs/development/compilers/llvm/3.6/libc++/default.nix

@@ -0,0 +1,41 @@
+{ lib, stdenv, fetch, cmake, libcxxabi, fixDarwinDylibNames, version }:
+
+stdenv.mkDerivation rec {
+  name = "libc++-${version}";
+
+  src = fetch "libcxx" "1dzvhyrzj54v823biadag5lwxfz37gm8a65aq72pjsh8n211x719";
+
+  # instead of allowing libc++ to link with /usr/lib/libc++abi.dylib,
+  # force it to link with our copy
+  preConfigure = stdenv.lib.optionalString stdenv.isDarwin ''
+    substituteInPlace lib/CMakeLists.txt \
+      --replace 'OSX_RE_EXPORT_LINE "/usr/lib/libc++abi.dylib' \
+                'OSX_RE_EXPORT_LINE "${libcxxabi}/lib/libc++abi.dylib' \
+      --replace '"''${CMAKE_OSX_SYSROOT}/usr/lib/libc++abi.dylib"' \
+                '"${libcxxabi}/lib/libc++abi.dylib"'
+  '';
+
+  patches = [ ./darwin.patch ];
+
+  buildInputs = [ cmake libcxxabi ] ++ lib.optional stdenv.isDarwin fixDarwinDylibNames;
+
+  cmakeFlags =
+    [ "-DCMAKE_BUILD_TYPE=Release"
+      "-DLIBCXX_LIBCXXABI_INCLUDE_PATHS=${libcxxabi}/include"
+      "-DLIBCXX_LIBCXXABI_LIB_PATH=${libcxxabi}/lib"
+      "-DLIBCXX_LIBCPPABI_VERSION=2"
+      "-DLIBCXX_CXX_ABI=libcxxabi"
+    ];
+
+  enableParallelBuilding = true;
+
+  setupHook = ./setup-hook.sh;
+
+  meta = {
+    homepage = http://libcxx.llvm.org/;
+    description = "A new implementation of the C++ standard library, targeting C++11";
+    license = "BSD";
+    maintainers = [ stdenv.lib.maintainers.shlevy ];
+    platforms = stdenv.lib.platforms.unix;
+  };
+}

pkgs/development/compilers/llvm/3.6/libc++/setup-hook.sh

@@ -0,0 +1,4 @@
+export NIX_CFLAGS_COMPILE+=" -isystem @out@/include/c++/v1"
+
+export NIX_CXXSTDLIB_COMPILE=" -stdlib=libc++"
+export NIX_CXXSTDLIB_LINK=" -stdlib=libc++"

pkgs/development/compilers/llvm/3.6/libc++abi.nix

@@ -0,0 +1,47 @@
+{ stdenv, cmake, fetch, libcxx, libunwind, llvm, version }:
+
+stdenv.mkDerivation {
+  name = "libc++abi-${version}";
+
+  src = fetch "libcxxabi" "1xclv63l7cmrxkl129w6j9fsxgdm8jjlcm8gswl2y9qmh3dwz2zp";
+
+  buildInputs = [ cmake ] ++ stdenv.lib.optional (!stdenv.isDarwin) libunwind;
+
+  postUnpack = ''
+    unpackFile ${libcxx.src}
+    unpackFile ${llvm.src}
+    export NIX_CFLAGS_COMPILE+=" -I$PWD/include"
+    export cmakeFlags="-DLLVM_PATH=$PWD/$(ls -d llvm-*) -DLIBCXXABI_LIBCXX_INCLUDES=$PWD/$(ls -d libcxx-*)/include"
+  '' + stdenv.lib.optionalString stdenv.isDarwin ''
+    export TRIPLE=x86_64-apple-darwin
+  '';
+
+  installPhase = if stdenv.isDarwin
+    then ''
+      for file in lib/*; do
+        # this should be done in CMake, but having trouble figuring out
+        # the magic combination of necessary CMake variables
+        # if you fancy a try, take a look at
+        # http://www.cmake.org/Wiki/CMake_RPATH_handling
+        install_name_tool -id $out/$file $file
+      done
+      make install
+      install -d 755 $out/include
+      install -m 644 ../include/cxxabi.h $out/include
+    ''
+    else ''
+      install -d -m 755 $out/include $out/lib
+      install -m 644 lib/libc++abi.so.1.0 $out/lib
+      install -m 644 ../include/cxxabi.h $out/include
+      ln -s libc++abi.so.1.0 $out/lib/libc++abi.so
+      ln -s libc++abi.so.1.0 $out/lib/libc++abi.so.1
+    '';
+
+  meta = {
+    homepage = http://libcxxabi.llvm.org/;
+    description = "A new implementation of low level support for a standard C++ library";
+    license = "BSD";
+    maintainers = with stdenv.lib.maintainers; [ shlevy vlstill ];
+    platforms = stdenv.lib.platforms.unix;
+  };
+}

pkgs/development/compilers/llvm/3.6/lldb.nix

@@ -0,0 +1,44 @@
+{ stdenv
+, fetch
+, cmake
+, zlib
+, ncurses
+, swig
+, which
+, libedit
+, llvm
+, clang-unwrapped
+, python
+, version
+}:
+
+stdenv.mkDerivation {
+  name = "lldb-${version}";
+
+  src = fetch "lldb" "1cphxbc8c0yqs2rxn94vcn8his465m97rnynklpzm8sf5kad26ib";
+
+  patchPhase = ''
+    sed -i 's|/usr/bin/env||' \
+      scripts/Python/finish-swig-Python-LLDB.sh \
+      scripts/Python/build-swig-Python.sh
+  '';
+
+  buildInputs = [ cmake python which swig ncurses zlib libedit ];
+
+  cmakeFlags = [
+    "-DCMAKE_BUILD_TYPE=Release"
+    "-DCMAKE_CXX_FLAGS=-std=c++11"
+    "-DLLDB_PATH_TO_LLVM_BUILD=${llvm}"
+    "-DLLDB_PATH_TO_CLANG_BUILD=${clang-unwrapped}"
+  ];
+
+  enableParallelBuilding = true;
+
+  meta = {
+    description = "A next-generation high-performance debugger";
+    homepage    = http://llvm.org/;
+    license     = stdenv.lib.licenses.bsd3;
+    maintainers = [ stdenv.lib.maintainers.shlevy ];
+    platforms   = stdenv.lib.platforms.all;
+  };
+}

pkgs/development/compilers/llvm/3.6/llvm.nix

@@ -0,0 +1,73 @@
+{ stdenv
+, fetch
+, perl
+, groff
+, cmake
+, python
+, libffi
+, binutils
+, libxml2
+, valgrind
+, ncurses
+, version
+, zlib
+, compiler-rt_src
+}:
+
+let
+  src = fetch "llvm" "1kmr5vlnz1419nnvyc7lsrcfx09n65ravjbmzxrqz7ml07jnk6mk";
+in stdenv.mkDerivation rec {
+  name = "llvm-${version}";
+
+  unpackPhase = ''
+    unpackFile ${src}
+    mv llvm-${version}.src llvm
+    sourceRoot=$PWD/llvm
+    unpackFile ${compiler-rt_src}
+    mv compiler-rt-* $sourceRoot/projects/compiler-rt
+  '';
+
+  buildInputs = [ perl groff cmake libxml2 python libffi ] ++ stdenv.lib.optional stdenv.isLinux valgrind;
+
+  propagatedBuildInputs = [ ncurses zlib ];
+
+  # hacky fix: created binaries need to be run before installation
+  preBuild = ''
+    mkdir -p $out/
+    ln -sv $PWD/lib $out
+  '';
+
+  cmakeFlags = with stdenv; [
+    "-DCMAKE_BUILD_TYPE=Release"
+    "-DLLVM_BUILD_TESTS=ON"
+    "-DLLVM_ENABLE_FFI=ON"
+  ] ++ stdenv.lib.optionals (!isDarwin) [
+    "-DBUILD_SHARED_LIBS=ON"
+    "-DLLVM_BINUTILS_INCDIR=${binutils}/include"
+  ] ++ stdenv.lib.optionals ( isDarwin) [
+    "-DCMAKE_CXX_FLAGS=-stdlib=libc++"
+    "-DCAN_TARGET_i386=false"
+  ];
+
+  postBuild = ''
+    rm -fR $out
+
+    paxmark m bin/{lli,llvm-rtdyld}
+
+    paxmark m unittests/ExecutionEngine/JIT/JITTests
+    paxmark m unittests/ExecutionEngine/MCJIT/MCJITTests
+    paxmark m unittests/Support/SupportTests
+  '';
+
+  enableParallelBuilding = true;
+
+  passthru.src = src;
+
+  meta = {
+    description = "Collection of modular and reusable compiler and toolchain technologies";
+    homepage    = http://llvm.org/;
+    license     = stdenv.lib.licenses.bsd3;
+    maintainers = with stdenv.lib.maintainers; [ shlevy lovek323 raskin viric ];
+    platforms   = stdenv.lib.platforms.all;
+  };
+}

pkgs/development/libraries/glibc/common.nix

@@ -13,7 +13,7 @@ cross:
 
 let
 
-  version = "2.20";
+  version = "2.21";
 
 in
 
@@ -127,7 +127,8 @@ stdenv.mkDerivation ({
   # I.e. when gcc is compiled with --with-arch=i686, then the
   # preprocessor symbol `__i686' will be defined to `1'.  This causes
   # the symbol __i686.get_pc_thunk.dx to be mangled.
-  NIX_CFLAGS_COMPILE = stdenv.lib.optionalString (stdenv.system == "i686-linux") "-U__i686";
+  NIX_CFLAGS_COMPILE = stdenv.lib.optionalString (stdenv.system == "i686-linux") "-U__i686"
+    + " -Wno-error=strict-prototypes";
 }
 
 # Remove the `gccCross' attribute so that the *native* glibc store path
@@ -150,7 +151,7 @@ stdenv.mkDerivation ({
     }
     else fetchurl {
       url = "mirror://gnu/glibc/glibc-${version}.tar.gz";
-      sha256 = "1g6ysvk15arpi7c1f1fpx5slgfr2k3dqd5xr0yvijajp1m0xxq9p";
+      sha256 = "0f4prv4c0fcpi85wv4028wqxn075197gwxhgf0vp571fiw2pi3wd";
     };
 
   # Remove absolute paths from `configure' & co.; build out-of-tree.

pkgs/development/libraries/glibc/dont-use-system-ld-so-cache.patch

@@ -15,13 +15,14 @@ diff -ru glibc-2.16.0-orig/elf/Makefile glibc-2.16.0/elf/Makefile
 +++ glibc-2.16.0/elf/Makefile	2012-09-18 12:03:30.031955196 -0400
 @@ -415,12 +415,12 @@
  
- $(objpfx)pldd: $(pldd-modules:%=$(objpfx)%.o)
+ $(objpfx)ldconfig: $(ldconfig-modules:%=$(objpfx)%.o)
  
 -SYSCONF-FLAGS := -D'SYSCONFDIR="$(sysconfdir)"'
 -CFLAGS-ldconfig.c = $(SYSCONF-FLAGS) -D'LIBDIR="$(libdir)"' \
 +PREFIX-FLAGS := -D'PREFIX="$(prefix)"'
 +CFLAGS-ldconfig.c = $(PREFIX-FLAGS) -D'LIBDIR="$(libdir)"' \
- 		    -D'SLIBDIR="$(slibdir)"' -DIS_IN_ldconfig=1
+ 		    -D'SLIBDIR="$(slibdir)"'
+ libof-ldconfig = ldconfig
 -CFLAGS-dl-cache.c = $(SYSCONF-FLAGS)
 -CFLAGS-cache.c = $(SYSCONF-FLAGS)
 -CFLAGS-rtld.c = $(SYSCONF-FLAGS)
@@ -29,8 +30,8 @@ diff -ru glibc-2.16.0-orig/elf/Makefile glibc-2.16.0/elf/Makefile
 +CFLAGS-cache.c = $(PREFIX-FLAGS)
 +CFLAGS-rtld.c = $(PREFIX-FLAGS)
  
- CPPFLAGS-.os += $(if $(filter $(@F),$(patsubst %,%.os,$(all-rtld-routines))),\
- 		     -DNOT_IN_libc=1 -DIS_IN_rtld=1 -DIN_LIB=rtld)
+ cpp-srcs-left := $(all-rtld-routines:=.os)
+ lib := rtld
 diff -ru glibc-2.16.0-orig/sysdeps/generic/dl-cache.h glibc-2.16.0/sysdeps/generic/dl-cache.h
 --- glibc-2.16.0-orig/sysdeps/generic/dl-cache.h	2012-06-30 15:12:34.000000000 -0400
 +++ glibc-2.16.0/sysdeps/generic/dl-cache.h	2012-09-18 11:59:27.465284809 -0400

pkgs/development/libraries/gtk+/2.x.nix

@@ -8,11 +8,11 @@ assert xineramaSupport -> xlibs.libXinerama != null;
 assert cupsSupport -> cups != null;
 
 stdenv.mkDerivation rec {
-  name = "gtk+-2.24.26";
+  name = "gtk+-2.24.27";
 
   src = fetchurl {
     url = "mirror://gnome/sources/gtk+/2.24/${name}.tar.xz";
-    sha256 = "d84fc0f1e3cd99e8b9ec756e754f42653940638579a8f28d0eabffc37018d133";
+    sha256 = "1x14rnjvqslpa1q19fp1qalz5sxds72amsgjk8m7769rwk511jr0";
   };
 
   enableParallelBuilding = true;

pkgs/development/libraries/libxmi/default.nix

@@ -9,7 +9,7 @@ stdenv.mkDerivation {
   };
 
   # For the x86_64 GNU/Linux arch to be recognized by 'configure'
-  preConfigure = "cp ${libtool}/share/libtool/config/config.sub .";
+  preConfigure = "cp ${libtool}/share/libtool/build-aux/config.sub .";
 
   meta = {
     description = "Library for rasterizing 2-D vector graphics";

pkgs/development/libraries/opencascade/6.5.nix

@@ -2,10 +2,10 @@
 ftgl, freetype}:
 
 stdenv.mkDerivation rec {
-  name = "opencascade-6.5.4";
+  name = "opencascade-6.5.5";
   src = fetchurl {
-    url = http://files.opencascade.com/OCCT/OCC_6.5.4_release/OpenCASCADE654.tar.gz;
-    sha256 = "1di08mc0wly4cdi3rh9kj52bk0bfpyk6dy03c9yfnv04i7z03kmy";
+    url = http://files.opencascade.com/OCCT/OCC_6.5.5_release/OpenCASCADE655.tgz;
+    sha256 = "1dnik00adfh6dxvn9kgf35yjda8chbi05f71i9119idmmrcapipm";
   };
 
   buildInputs = [ mesa tcl tk file libXmu automake autoconf libtool qt4 ftgl freetype ];
@@ -20,7 +20,9 @@ stdenv.mkDerivation rec {
 
   # -fpermissive helps building opencascade, although gcc detects a flaw in the code
   # and reports an error otherwise. Further versions may fix that.
-  NIX_CFLAGS_COMPILE = "-fpermissive";
+  NIX_CFLAGS_COMPILE = "-fpermissive"
+  # https://bugs.freedesktop.org/show_bug.cgi?id=83631
+    + " -DGLX_GLXEXT_LEGACY";
 
   configureFlags = [ "--with-tcl=${tcl}/lib" "--with-tk=${tk}/lib" "--with-qt=${qt4}" "--with-ftgl=${ftgl}" "--with-freetype=${freetype}" ];
 

pkgs/development/libraries/opencascade/default.nix

@@ -14,6 +14,9 @@ stdenv.mkDerivation rec {
     cmakeFlags="$cmakeFlags -DINSTALL_DIR=$out -D3RDPARTY_TCL_DIR=${tcl} -D3RDPARTY_FREETYPE_DIR=${freetype}"
   '';
 
+  # https://bugs.freedesktop.org/show_bug.cgi?id=83631
+  NIX_CFLAGS_COMPILE = "-DGLX_GLXEXT_LEGACY";
+
   postInstall = ''
     mv $out/inc $out/include
     mkdir -p $out/share/doc/${name}

pkgs/development/libraries/opencascade/oce.nix

@@ -14,6 +14,9 @@ stdenv.mkDerivation rec {
     cmakeFlags="$cmakeFlags -DOCE_INSTALL_PREFIX=$out"
   '';
 
+  # https://bugs.freedesktop.org/show_bug.cgi?id=83631
+  NIX_CFLAGS_COMPILE = "-DGLX_GLXEXT_LEGACY";
+
   enableParallelBuilding = true;
 
   meta = {

pkgs/development/libraries/openssl/1.0.1j.nix

@@ -18,7 +18,7 @@ let
       # hardcoding something like /etc/ssl/cert.pem is impure and
       # cannot be overriden per-process.  For security, the
       # environment variable is ignored for setuid binaries.
-      ./cert-file.patch
+      ./cert-file-1.0.1j.patch
       # Remove the compilation time from the library
       ./no-date-in-library.patch
     ]

pkgs/development/libraries/openssl/cert-file-1.0.1j.patch

@@ -0,0 +1,41 @@
+diff -ru -x '*~' openssl-1.0.0e-orig/crypto/x509/x509_def.c openssl-1.0.0e/crypto/x509/x509_def.c
+--- openssl-1.0.0e-orig/crypto/x509/x509_def.c	1999-09-11 19:54:11.000000000 +0200
++++ openssl-1.0.0e/crypto/x509/x509_def.c	2011-09-12 18:30:59.386501609 +0200
+@@ -57,6 +57,10 @@
+  */
+ 
+ #include <stdio.h>
++#include <stdlib.h>
++#include <limits.h>
++#include <unistd.h>
++#include <sys/types.h>
+ #include "cryptlib.h"
+ #include <openssl/crypto.h>
+ #include <openssl/x509.h>
+@@ -71,7 +75,25 @@
+ 	{ return(X509_CERT_DIR); }
+ 
+ const char *X509_get_default_cert_file(void)
+-	{ return(X509_CERT_FILE); }
++	{
++	static char buf[PATH_MAX] = X509_CERT_FILE;
++	static int init = 0;
++	if (!init) {
++	    init = 1;
++	    char * s = getenv("OPENSSL_X509_CERT_FILE");
++	    if (s) {
++#ifndef OPENSSL_SYS_WINDOWS
++	        if (getuid() == geteuid()) {
++#endif
++		        strncpy(buf, s, sizeof(buf));
++		        buf[sizeof(buf) - 1] = 0;
++#ifndef OPENSSL_SYS_WINDOWS
++	        }
++#endif
++	    }
++	}
++	return buf;
++	}
+ 
+ const char *X509_get_default_cert_dir_env(void)
+ 	{ return(X509_CERT_DIR_EVP); }

pkgs/development/libraries/openssl/cert-file.patch

@@ -1,6 +1,6 @@
-diff -ru -x '*~' openssl-1.0.0e-orig/crypto/x509/x509_def.c openssl-1.0.0e/crypto/x509/x509_def.c
---- openssl-1.0.0e-orig/crypto/x509/x509_def.c	1999-09-11 19:54:11.000000000 +0200
-+++ openssl-1.0.0e/crypto/x509/x509_def.c	2011-09-12 18:30:59.386501609 +0200
+diff -ru openssl-1.0.1m-orig/crypto/x509/x509_def.c openssl-1.0.1m/crypto/x509/x509_def.c
+--- openssl-1.0.1m-orig/crypto/x509/x509_def.c	2015-03-19 14:19:00.000000000 +0100
++++ openssl-1.0.1m/crypto/x509/x509_def.c	2015-03-19 15:50:44.676683616 +0100
 @@ -57,6 +57,10 @@
   */
  
@@ -12,30 +12,28 @@ diff -ru -x '*~' openssl-1.0.0e-orig/crypto/x509/x509_def.c openssl-1.0.0e/crypt
  #include "cryptlib.h"
  #include <openssl/crypto.h>
  #include <openssl/x509.h>
-@@ -71,7 +75,25 @@
- 	{ return(X509_CERT_DIR); }
+@@ -78,7 +82,23 @@
  
  const char *X509_get_default_cert_file(void)
--	{ return(X509_CERT_FILE); }
-+	{
-+	static char buf[PATH_MAX] = X509_CERT_FILE;
-+	static int init = 0;
-+	if (!init) {
-+	    init = 1;
-+	    char * s = getenv("OPENSSL_X509_CERT_FILE");
-+	    if (s) {
+ {
+-    return (X509_CERT_FILE);
++    static char buf[PATH_MAX] = X509_CERT_FILE;
++    static int init = 0;
++    if (!init) {
++        init = 1;
++        char * s = getenv("OPENSSL_X509_CERT_FILE");
++        if (s) {
 +#ifndef OPENSSL_SYS_WINDOWS
-+	        if (getuid() == geteuid()) {
++            if (getuid() == geteuid()) {
 +#endif
-+		        strncpy(buf, s, sizeof(buf));
-+		        buf[sizeof(buf) - 1] = 0;
++                strncpy(buf, s, sizeof(buf));
++                buf[sizeof(buf) - 1] = 0;
 +#ifndef OPENSSL_SYS_WINDOWS
-+	        }
++            }
 +#endif
-+	    }
-+	}
-+	return buf;
-+	}
++        }
++    }
++    return buf;
+ }
  
  const char *X509_get_default_cert_dir_env(void)
- 	{ return(X509_CERT_DIR_EVP); }

pkgs/development/libraries/openssl/default.nix

@@ -2,7 +2,7 @@
 , withCryptodev ? false, cryptodevHeaders }:
 
 let
-  name = "openssl-1.0.1l";
+  name = "openssl-1.0.1m";
 
   opensslCrossSystem = stdenv.lib.attrByPath [ "openssl" "system" ]
     (throw "openssl needs its platform name cross building" null)
@@ -18,6 +18,8 @@ let
       # hardcoding something like /etc/ssl/cert.pem is impure and
       # cannot be overriden per-process.  For security, the
       # environment variable is ignored for setuid binaries.
+      # FIXME: drop this patch; it really isn't necessary, because
+      # OpenSSL already supports a ‘SSL_CERT_FILE’ variable.
       ./cert-file.patch
     ]
 
@@ -43,7 +45,7 @@ stdenv.mkDerivation {
       "http://www.openssl.org/source/${name}.tar.gz"
       "http://openssl.linux-mirror.org/source/${name}.tar.gz"
     ];
-    sha256 = "1m6i80y9c9g7h4303bqbxnsk5wm6jd0n57hwqr0g4jaxzr44vkxj";
+    sha256 = "0x7gvyybmqm4lv62mlhlm80f1rn7il2qh8224rahqv0i15xhnpq9";
   };
 
   patches = patchesCross false;

pkgs/development/libraries/vtk/default.nix

@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, cmake, mesa, libX11, xproto, libXt
+{ stdenv, fetchurl, fetchpatch, cmake, mesa, libX11, xproto, libXt
 , qtLib ? null }:
 
 with stdenv.lib;
@@ -17,6 +17,9 @@ stdenv.mkDerivation rec {
     sha256 = "1fxxgsa7967gdphkl07lbfr6dcbq9a72z5kynlklxn7hyp0l18pi";
   };
 
+  # https://bugzilla.redhat.com/show_bug.cgi?id=1138466
+  postPatch = "sed '/^#define GL_GLEXT_LEGACY/d' -i ./Rendering/vtkOpenGL.h";
+
   buildInputs = [ cmake mesa libX11 xproto libXt ]
     ++ optional (qtLib != null) qtLib;
 

pkgs/development/tools/analysis/valgrind/default.nix

@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, perl, gdb }:
+{ stdenv, fetchurl, fetchpatch, perl, gdb }:
 
 stdenv.mkDerivation rec {
   name = "valgrind-3.10.1";
@@ -8,6 +8,13 @@ stdenv.mkDerivation rec {
     sha256 = "15xrzhfnwwn7n1sfbkwvdbvs6zk0zx718n6zd5i1nrnvdp13s9gs";
   };
 
+  patches = [(fetchpatch {
+    name = "glibc-2.21.patch";
+    url = "https://projects.archlinux.org/svntogit/packages.git/plain/trunk"
+      + "/valgrind-3.9.0-glibc-2.21.patch?h=packages/valgrind&id=41e87313b69";
+    sha256 = "14sgsvjjalbcqpcayyv5cndc9hfm5bigkp684b6cr6virksmlk19";
+  })];
+
   # Perl is needed for `cg_annotate'.
   # GDB is needed to provide a sane default for `--db-command'.
   nativeBuildInputs = [ perl ];

pkgs/os-specific/linux/plymouth/default.nix

@@ -1,6 +1,5 @@
-{ stdenv, fetchurl, autoconf, automake, cairo, docbook_xsl, gtk
-, libdrm, libpng , libtool, libxslt, makeWrapper, pango, pkgconfig
-, udev
+{ stdenv, fetchurl, autoreconfHook, cairo, docbook_xsl, gtk
+, libdrm, libpng, libxslt, makeWrapper, pango, pkgconfig, udev
 }:
 
 stdenv.mkDerivation rec {
@@ -13,7 +12,7 @@ stdenv.mkDerivation rec {
   };
 
   buildInputs = [
-    autoconf automake cairo docbook_xsl gtk libdrm libpng libtool
+    autoreconfHook cairo docbook_xsl gtk libdrm libpng
     libxslt makeWrapper pango pkgconfig udev
   ];
 
@@ -22,23 +21,23 @@ stdenv.mkDerivation rec {
       -i configure.ac
   '';
 
-  configurePhase = ''
-    ./configure \
-      --prefix=$out \
-      -bindir=$out/bin \
-      -sbindir=$out/sbin \
-      --exec-prefix=$out \
-      --libdir=$out/lib \
-      --libexecdir=$out/lib \
-      --sysconfdir=$out/etc \
-      --localstatedir=/var \
-      --with-log-viewer \
-      --without-system-root-install \
-      --without-rhgb-compat-link \
-      --enable-tracing \
-      --enable-systemd-integration \
-      --enable-pango \
-      --enable-gtk
+  postPatch = ''
+    configureFlags="
+      --prefix=$out
+      --bindir=$out/bin
+      --sbindir=$out/sbin
+      --exec-prefix=$out
+      --libdir=$out/lib
+      --libexecdir=$out/lib
+      --sysconfdir=$out/etc
+      --localstatedir=/var
+      --with-log-viewer
+      --without-system-root-install
+      --without-rhgb-compat-link
+      --enable-tracing
+      --enable-systemd-integration
+      --enable-pango
+      --enable-gtk"
   '';
 
   meta = with stdenv.lib; {

pkgs/os-specific/linux/util-linux/default.nix

@@ -1,15 +1,14 @@
 { stdenv, fetchurl, zlib, ncurses ? null, perl ? null, pam }:
 
 stdenv.mkDerivation rec {
-  name = "util-linux-2.25.2";
+  name = "util-linux-2.26";
 
   src = fetchurl {
-    url = "mirror://kernel/linux/utils/util-linux/v2.25/${name}.tar.xz";
-    sha256 = "e0457f715b73f4a349e1acb08cb410bf0edc9a74a3f75c357070f31f70e33cd6";
+    url = "mirror://kernel/linux/utils/util-linux/v2.26/${name}.tar.xz";
+    sha256 = "a23c6f39dea0ed215ccd589509ffc7bb6f706f6e1a04760f493fb0fd7e93c489";
   };
 
   patches = [ ./rtcwake-search-PATH-for-shutdown.patch
-              ./unshare-fix-map-root-user.patch
             ];
 
   #FIXME: make it also work on non-nixos?

pkgs/os-specific/linux/util-linux/unshare-fix-map-root-user.patch

@@ -1,66 +0,0 @@
-In rare cases droping groups with setgroups(0, NULL) is an operation
-that can grant a user additional privileges.  User namespaces were
-allwoing that operation to unprivileged users and that had to be
-fixed.
-
-Update unshare --map-root-user to disable the setgroups operation
-before setting the gid_map.
-
-This is needed as after the security fix gid_map is restricted to
-privileged users unless setgroups has been disabled.
-
-Signed-off-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
----
- include/pathnames.h |  1 +
- sys-utils/unshare.c | 19 +++++++++++++++++++
- 2 files changed, 20 insertions(+)
-
-diff --git a/include/pathnames.h b/include/pathnames.h
-index 1cc4e15e6e4f..1c53e4554268 100644
---- a/include/pathnames.h
-+++ b/include/pathnames.h
-@@ -92,6 +92,7 @@
- 
- #define _PATH_PROC_UIDMAP	"/proc/self/uid_map"
- #define _PATH_PROC_GIDMAP	"/proc/self/gid_map"
-+#define _PATH_PROC_SETGROUPS	"/proc/self/setgroups"
- 
- #define _PATH_PROC_ATTR_CURRENT	"/proc/self/attr/current"
- #define _PATH_PROC_ATTR_EXEC	"/proc/self/attr/exec"
-diff --git a/sys-utils/unshare.c b/sys-utils/unshare.c
-index 95e4afbd055e..d409a7c936b6 100644
---- a/sys-utils/unshare.c
-+++ b/sys-utils/unshare.c
-@@ -39,6 +39,24 @@
- #include "pathnames.h"
- #include "all-io.h"
- 
-+static void disable_setgroups(void)
-+{
-+	const char *file = _PATH_PROC_SETGROUPS;
-+	const char *deny = "deny";
-+	int fd;
-+
-+	fd = open(file, O_WRONLY);
-+	if (fd < 0) {
-+		if (errno == ENOENT)
-+			return;
-+		 err(EXIT_FAILURE, _("cannot open %s"), file);
-+	}
-+
-+	if (write_all(fd, deny, strlen(deny)))
-+		err(EXIT_FAILURE, _("write failed %s"), file);
-+	close(fd);
-+}
-+
- static void map_id(const char *file, uint32_t from, uint32_t to)
- {
- 	char *buf;
-@@ -178,6 +196,7 @@ int main(int argc, char *argv[])
- 	}
- 
- 	if (maproot) {
-+		disable_setgroups();
- 		map_id(_PATH_PROC_UIDMAP, 0, real_euid);
- 		map_id(_PATH_PROC_GIDMAP, 0, real_egid);
- 	}

pkgs/tools/graphics/graphviz/cve-2014-9157.patch

@@ -0,0 +1,24 @@
+From https://lists.debian.org/debian-qa-packages/2014/12/msg00048.html , which
+seems to come from Ubuntu.
+
+Subject: Fix format string vulnerability (CVE-2014-9157) in yyerror() routine
+Origin: https://github.com/ellson/graphviz/commit/99eda421f7ddc27b14e4ac1d2126e5fe41719081
+Author: Emden R. Gansner
+
+---
+ lib/cgraph/scan.l |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: b/lib/cgraph/scan.l
+===================================================================
+--- a/lib/cgraph/scan.l
++++ b/lib/cgraph/scan.l
+@@ -225,7 +225,7 @@
+ 	agxbput (&xb, buf);
+ 	agxbput (&xb, yytext);
+ 	agxbput (&xb,"'\n");
+-	agerr(AGERR,agxbuse(&xb));
++	agerr(AGERR, "%s", agxbuse(&xb));
+ 	agxbfree(&xb);
+ }
+ /* must be here to see flex's macro defns */

pkgs/tools/graphics/graphviz/default.nix

@@ -1,5 +1,6 @@
 { stdenv, fetchurl, pkgconfig, libpng, libjpeg, expat, libXaw
 , yacc, libtool, fontconfig, pango, gd, xlibs, gts, libdevil, gettext, cairo
+, flex
 }:
 
 stdenv.mkDerivation rec {
@@ -11,10 +12,16 @@ stdenv.mkDerivation rec {
     sha256 = "17l5czpvv5ilmg17frg0w4qwf89jzh2aglm9fgx0l0aakn6j7al1";
   };
 
-  patches = [ ./0001-vimdot-lookup-vim-in-PATH.patch ];
+  patches =
+    [ ./0001-vimdot-lookup-vim-in-PATH.patch
+    
+      # NOTE: Once this patch is removed, flex can probably be removed from
+      # buildInputs.
+      ./cve-2014-9157.patch
+    ];
 
   buildInputs =
-    [ pkgconfig libpng libjpeg expat yacc libtool fontconfig gd gts libdevil
+    [ pkgconfig libpng libjpeg expat yacc libtool fontconfig gd gts libdevil flex
     ] ++ stdenv.lib.optionals (xlibs != null) [ xlibs.xlibs xlibs.libXrender pango libXaw ]
     ++ stdenv.lib.optional (stdenv.system == "x86_64-darwin") gettext;
 

pkgs/tools/misc/coreutils/default.nix

@@ -18,6 +18,11 @@ let
       sha256 = "0bdq6yggyl7nkc2pbl6pxhhyx15nyqhz3ds6rfn448n6rxdwlhzc";
     };
 
+    # The test tends to fail on btrfs and maybe other unusual filesystems.
+    postPatch = ''
+      sed '2i echo Skipping dd sparse test && exit 0' -i ./tests/dd/sparse.sh
+    '';
+
     nativeBuildInputs = [ perl ];
     buildInputs = [ gmp ]
       ++ optional aclSupport acl

pkgs/tools/networking/curl/default.nix

@@ -12,11 +12,11 @@ assert scpSupport -> libssh2 != null;
 assert c-aresSupport -> c-ares != null;
 
 stdenv.mkDerivation rec {
-  name = "curl-7.40.0";
+  name = "curl-7.41.0";
 
   src = fetchurl {
     url = "http://curl.haxx.se/download/${name}.tar.bz2";
-    sha256 = "1fizi07p0h76zaa3wxh4d9vr4hln97sgfpcr5y56pyh077mhk4c9";
+    sha256 = "1slbbxp2k8m34mdzrl5qhafr5zhhcv7fgjhs2mcxjmswvimm92wz";
   };
 
   # Zlib and OpenSSL must be propagated because `libcurl.la' contains

pkgs/top-level/all-packages.nix

@@ -1520,6 +1520,7 @@ let
 
   grub = callPackage_i686 ../tools/misc/grub {
     buggyBiosCDSupport = config.grub.buggyBiosCDSupport or true;
+    automake = automake112x; # fails with 13 and 14
   };
 
   trustedGrub = callPackage_i686 ../tools/misc/grub/trusted.nix {
@@ -2275,7 +2276,9 @@ let
 
   panomatic = callPackage ../tools/graphics/panomatic { };
 
-  par2cmdline = callPackage ../tools/networking/par2cmdline { };
+  par2cmdline = callPackage ../tools/networking/par2cmdline {
+    automake = automake112x; # fails with 14
+  };
 
   parallel = callPackage ../tools/misc/parallel { };
 
@@ -2398,7 +2401,9 @@ let
 
   ponysay = callPackage ../tools/misc/ponysay { };
 
-  povray = callPackage ../tools/graphics/povray { };
+  povray = callPackage ../tools/graphics/povray {
+    automake = automake113x; # fails with 14
+  };
 
   ppl = callPackage ../development/libraries/ppl { };
 
@@ -3269,8 +3274,9 @@ let
 
   ccl = callPackage ../development/compilers/ccl { };
 
-  clang = wrapCC llvmPackages.clang;
+  clang = llvmPackages.clang;
 
+  clang_36 = llvmPackages.clang;
   clang_35 = wrapCC llvmPackages_35.clang;
   clang_34 = wrapCC llvmPackages_34.clang;
   clang_33 = wrapCC (clangUnwrapped llvm_33 ../development/compilers/llvm/3.3/clang.nix);
@@ -3298,8 +3304,8 @@ let
   };
 
   #Use this instead of stdenv to build with clang
-  clangStdenv = if stdenv.isDarwin then stdenv else lowPrio (stdenvAdapters.overrideCC stdenv clang);
-  libcxxStdenv = stdenvAdapters.overrideCC stdenv (clangWrapSelf llvmPackages.clang);
+  clangStdenv = if stdenv.isDarwin then stdenv else lowPrio llvmPackages.stdenv;
+  libcxxStdenv = stdenvAdapters.overrideCC stdenv (clangWrapSelf llvmPackages.clang-unwrapped);
 
   clean = callPackage ../development/compilers/clean { };
 
@@ -3808,13 +3814,14 @@ let
 
   llvm = llvmPackages.llvm;
 
+  llvm_36 = llvmPackages_36.llvm;
   llvm_35 = llvmPackages_35.llvm;
   llvm_34 = llvmPackages_34.llvm;
   llvm_33 = llvm_v ../development/compilers/llvm/3.3/llvm.nix;
 
   llvm_v = path: callPackage path { };
 
-  llvmPackages = llvmPackages_35;
+  llvmPackages = llvmPackages_36;
 
   llvmPackages_34 = recurseIntoAttrs (import ../development/compilers/llvm/3.4 {
     inherit stdenv newScope fetchurl;
@@ -3826,6 +3833,11 @@ let
     inherit pkgs stdenv newScope fetchurl isl;
   };
 
+  llvmPackages_36 = import ../development/compilers/llvm/3.6 {
+    inherit pkgs stdenv newScope fetchurl isl wrapCC;
+    inherit (stdenvAdapters) overrideCC;
+  };
+
   manticore = callPackage ../development/compilers/manticore { };
 
   mentorToolchains = recurseIntoAttrs (
@@ -4920,8 +4932,8 @@ let
 
   csslint = callPackage ../development/web/csslint { };
 
-  libcxx = llvmPackages_35.libcxx;
-  libcxxabi = llvmPackages_35.libcxxabi;
+  libcxx = llvmPackages.libcxx;
+  libcxxabi = llvmPackages.libcxxabi;
 
   libsigrok = callPackage ../development/tools/libsigrok { };
 
@@ -5018,7 +5030,7 @@ let
   gnumake382 = callPackage ../development/tools/build-managers/gnumake/3.82 { };
   gnumake40 = callPackage ../development/tools/build-managers/gnumake/4.0 { };
   gnumake41 = callPackage ../development/tools/build-managers/gnumake/4.1 { };
-  gnumake = gnumake382;
+  gnumake = gnumake41;
 
   gob2 = callPackage ../development/tools/misc/gob2 { };
 
@@ -5548,7 +5560,7 @@ let
 
   dssi = callPackage ../development/libraries/dssi {};
 
-  dragonegg = llvmPackages.dragonegg;
+  dragonegg = llvmPackages_35.dragonegg;
 
   dxflib = callPackage ../development/libraries/dxflib {};
 
@@ -6130,7 +6142,9 @@ let
 
   libassuan = callPackage ../development/libraries/libassuan { };
 
-  libassuan2_1 = callPackage ../development/libraries/libassuan/git.nix { };
+  libassuan2_1 = callPackage ../development/libraries/libassuan/git.nix {
+    automake = automake112x; # fails with 13 and 14
+  };
 
   libatomic_ops = callPackage ../development/libraries/libatomic_ops {};
 
@@ -6727,7 +6741,9 @@ let
 
   libunwindNative = callPackage ../development/libraries/libunwind/native.nix {};
 
-  libuvVersions = recurseIntoAttrs (callPackage ../development/libraries/libuv { });
+  libuvVersions = recurseIntoAttrs (callPackage ../development/libraries/libuv {
+    automake = automake113x; # fails with 14
+  });
 
   libv4l = lowPrio (v4l_utils.override {
     withQt4 = false;
@@ -9245,9 +9261,7 @@ let
 
   perf-tools = callPackage ../os-specific/linux/perf-tools { };
 
-  plymouth = callPackage ../os-specific/linux/plymouth {
-    automake = automake113x;
-  };
+  plymouth = callPackage ../os-specific/linux/plymouth { };
 
   pmount = callPackage ../os-specific/linux/pmount { };