Add passthru in ompss2 wrapper for icpx compat

When using `icpx -fsycl -fsycl-host-compiler=clang++`, the inner
compiler will use the flags set in the icpx wrapper and it will break.

flake.lock

@@ -2,11 +2,11 @@
   "nodes": {
     "nixpkgs": {
       "locked": {
-        "lastModified": 1764522689,
-        "narHash": "sha256-SqUuBFjhl/kpDiVaKLQBoD8TLD+/cTUzzgVFoaHrkqY=",
+        "lastModified": 1767634882,
+        "narHash": "sha256-2GffSfQxe3sedHzK+sTKlYo/NTIAGzbFCIsNMUPAAnk=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f",
+        "rev": "3c9db02515ef1d9b6b709fc60ba9a540957f661c",
         "type": "github"
       },
       "original": {

m/apex/configuration.nix

@@ -57,6 +57,18 @@
     };
   };
 
+  services.fail2ban = {
+    enable = true;
+    maxretry = 5;
+    bantime-increment = {
+      enable = true; # Double ban time on each attack
+      maxtime = "7d"; # Ban up to a week
+    };
+  };
+
+  # Disable SSH login with password, allow only keypair
+  services.openssh.settings.PasswordAuthentication = false;
+
   networking.firewall = {
     extraCommands = ''
       # Blackhole BSC vulnerability scanner (OpenVAS) as it is spamming our

m/bay/configuration.nix

@@ -24,7 +24,7 @@
       address = "10.0.40.40";
       prefixLength = 24;
     } ];
-    interfaces.ibp5s0.ipv4.addresses = [ {
+    interfaces.ibs785.ipv4.addresses = [ {
       address = "10.0.42.40";
       prefixLength = 24;
     } ];

m/common/base/users.nix

@@ -139,6 +139,7 @@
         openssh.authorizedKeys.keys = [
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKGt0ESYxekBiHJQowmKpfdouw0hVm3N7tUMtAaeLejK vincent@varch"
         ];
+        shell = pkgs.zsh;
       };
 
       pmartin1 = {

m/eudy/kernel/perf.nix

@@ -1,11 +1,6 @@
-{ config, pkgs, lib, ... }:
+{ pkgs, lib, ... }:
 
 {
-  # add the perf tool
-  environment.systemPackages = with pkgs; [
-    config.boot.kernelPackages.perf
-  ];
-
   # allow non-root users to read tracing data from the kernel
   boot.kernel.sysctl."kernel.perf_event_paranoid" = -2;
   boot.kernel.sysctl."kernel.kptr_restrict" = 0;

m/hut/configuration.nix

@@ -45,7 +45,7 @@
       address = "10.0.40.7";
       prefixLength = 24;
     } ];
-    interfaces.ibp5s0.ipv4.addresses = [ {
+    interfaces.ibs785.ipv4.addresses = [ {
       address = "10.0.42.7";
       prefixLength = 24;
     } ];

m/lake2/configuration.nix

@@ -46,7 +46,7 @@
       address = "10.0.40.42";
       prefixLength = 24;
     } ];
-    interfaces.ibp5s0.ipv4.addresses = [ {
+    interfaces.ibs785.ipv4.addresses = [ {
       address = "10.0.42.42";
       prefixLength = 24;
     } ];

m/owl1/configuration.nix

@@ -20,7 +20,7 @@
       address = "10.0.40.1";
       prefixLength = 24;
     } ];
-    interfaces.ibp5s0.ipv4.addresses = [ {
+    interfaces.ibs785.ipv4.addresses = [ {
       address = "10.0.42.1";
       prefixLength = 24;
     } ];

m/owl2/configuration.nix

@@ -21,7 +21,7 @@
       prefixLength = 24;
     } ];
     # Watch out! The OmniPath device is not in the same place here:
-    interfaces.ibp129s0.ipv4.addresses = [ {
+    interfaces.ibs801.ipv4.addresses = [ {
       address = "10.0.42.2";
       prefixLength = 24;
     } ];

m/tent/gitea.nix

@@ -27,4 +27,7 @@
       };
     };
   };
+
+  # Allow gitea user to send mail
+  users.users.gitea.extraGroups = [ "mail-robot" ];
 }

pkgs/amd-uprof/driver.nix

@@ -19,7 +19,7 @@ in stdenv.mkDerivation {
   '';
   hardeningDisable = [ "pic" "format" ];
   nativeBuildInputs = kernel.moduleBuildDependencies;
-  patches = [ ./makefile.patch ./hrtimer.patch ];
+  patches = [ ./makefile.patch ./hrtimer.patch ./remove-wr-rdmsrq.patch ];
   makeFlags = [
     "KERNEL_VERSION=${kernel.modDirVersion}"
     "KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"

pkgs/amd-uprof/remove-wr-rdmsrq.patch

@@ -0,0 +1,20 @@
+diff --git a/inc/PwrProfAsm.h b/inc/PwrProfAsm.h
+index d77770a..c93a0e9 100644
+--- a/inc/PwrProfAsm.h
++++ b/inc/PwrProfAsm.h
+@@ -347,6 +347,7 @@
+ 
+ #endif
+ 
++/*
+ #define rdmsrq(msr,val1,val2,val3,val4) ({ \
+         __asm__ __volatile__( \
+                               "rdmsr\n" \
+@@ -362,6 +363,7 @@
+                               :"c"(msr), "a"(val1), "d"(val2), "S"(val3), "D"(val4) \
+                             ); \
+     })
++*/
+ 
+ #define rdmsrpw(msr,val1,val2,val3,val4) ({ \
+         __asm__ __volatile__( \

pkgs/intel-oneapi/packages.nix

@@ -1,18 +1,46 @@
-{ lib
-, stdenv
-, callPackage
-, dpkg
-, fetchurl
+{
+  lib,
+  stdenv,
+  callPackage,
+  dpkg,
+  fetchurl,
 
-, sqlite
-, elfutils
+  sqlite,
+  elfutils,
 }:
 
 let
   inherit (builtins)
-    elem attrNames attrValues concatMap filter fromJSON getAttr groupBy head isNull listToAttrs map mapAttrs readFile replaceStrings splitVersion ;
+    attrNames
+    attrValues
+    concatMap
+    elem
+    filter
+    fromJSON
+    getAttr
+    groupBy
+    head
+    isNull
+    listToAttrs
+    map
+    mapAttrs
+    readFile
+    replaceStrings
+    splitVersion
+    ;
   inherit (lib)
-    converge findFirst groupBy' hasPrefix optional pipe take toInt toList versionAtLeast versionOlder ;
+    converge
+    findFirst
+    groupBy'
+    hasPrefix
+    optional
+    pipe
+    take
+    toInt
+    toList
+    versionAtLeast
+    versionOlder
+    ;
 
   aptData = fromJSON (readFile ./packages.json);
 
@@ -31,44 +59,69 @@ let
   #
   # To mitigate this, >= is set to take the latest version with matching major
   # and minor (only revision and patch are allowed to change)
-  compareVersions = got: kind: want:
+  compareVersions =
+    got: kind: want:
     let
       g0 = take 2 (splitVersion got);
       w0 = take 2 (splitVersion want);
-    in if isNull want then true
-    else if kind == "=" then got == want
-    else if kind == "<<" then versionOlder got want
-    else if kind == "<=" then versionAtLeast want got
-    else if kind == ">>" then versionOlder want got
-    else if kind == ">=" then (g0 == w0) && versionAtLeast got want # always match major version
-    else throw "unknown operation: ${kind}";
+    in
+    if isNull want then
+      true
+    else if kind == "=" then
+      got == want
+    else if kind == "<<" then
+      versionOlder got want
+    else if kind == "<=" then
+      versionAtLeast want got
+    else if kind == ">>" then
+      versionOlder want got
+    else if kind == ">=" then
+      (g0 == w0) && versionAtLeast got want # always match major version
+    else
+      throw "unknown operation: ${kind}";
 
-  findMatching = { pname, kind, version }:
+  findMatching =
+    {
+      pname,
+      kind,
+      version,
+    }:
     findFirst (x: pname == x.pname && compareVersions x.version kind version) null aptData;
 
   isIntel = pkg: (hasPrefix "intel-" pkg.pname);
 
-  expandDeps = pkg: (map findMatching (filter isIntel pkg.dependencies)) ++ (optional (pkg.size != 0) pkg);
+  expandDeps =
+    pkg: (map findMatching (filter isIntel pkg.dependencies)) ++ (optional (pkg.size != 0) pkg);
 
   # get the oldest by major version. If they have the same major version, take
   # the newest. This prevents most issues with resolutions
   # versionOlder b a -> true if b is older than a (b `older` a)
-  getNewerInMajor = a: b: let
-    va = a.version;
-    vb = b.version;
-    va0 = head (splitVersion va);
-    vb0 = head (splitVersion vb);
-  in
-  if isNull a then b
-  else if va0 != vb0 then
-    if va0 > vb0 then b else a
-  else if versionOlder vb va then a else b;
+  getNewerInMajor =
+    a: b:
+    let
+      va = a.version;
+      vb = b.version;
+      va0 = head (splitVersion va);
+      vb0 = head (splitVersion vb);
+    in
+    if isNull a then
+      b
+    else if va0 != vb0 then
+      if va0 > vb0 then b else a
+    else if versionOlder vb va then
+      a
+    else
+      b;
   removeDups = l: attrValues (groupBy' getNewerInMajor null (getAttr "provides") l);
 
   _resolveDeps = converge (l: removeDups (concatMap expandDeps l));
-  resolveDeps = pkg: let deps = _resolveDeps (toList pkg);
+  resolveDeps =
+    pkg:
+    let
+      deps = _resolveDeps (toList pkg);
       namedDeps = (map (x: "${x.pname}-${x.version}") deps);
-    in builtins.traceVerbose (builtins.deepSeq namedDeps namedDeps) deps;
+    in
+    builtins.traceVerbose (builtins.deepSeq namedDeps namedDeps) deps;
 
   blacklist = [
     "intel-basekit-env"
@@ -94,34 +147,53 @@ let
   isInBlacklist = pkg: elem pkg.provides blacklist;
   removeBlacklist = filter (e: !(isInBlacklist e));
 
-  dpkgExtractAll = pname: version: {srcs, deps}: stdenv.mkDerivation {
-    inherit pname version srcs;
+  dpkgExtractAll =
+    pname: version:
+    { srcs, deps }:
+    stdenv.mkDerivation {
+      inherit pname version srcs;
 
-    nativeBuildInputs = [ dpkg ];
-    phases = [ "installPhase" ];
+      nativeBuildInputs = [ dpkg ];
+      phases = [ "installPhase" ];
 
-    passthru = { inherit deps; };
+      passthru = { inherit deps; };
 
-    installPhase = ''
-      mkdir -p $out
-      for src in $srcs; do
-        echo "Unpacking $src"
-        dpkg -x $src $out
-      done
-    '';
-  };
+      installPhase = ''
+        mkdir -p $out
+        for src in $srcs; do
+          echo "Unpacking $src"
+          dpkg -x $src $out
+        done
+      '';
+    };
 
   apthost = "https://apt.repos.intel.com/oneapi/";
-  fetchDeb = p: fetchurl { url = apthost + p.filename; inherit (p) sha256; };
+  fetchDeb =
+    p:
+    fetchurl {
+      url = apthost + p.filename;
+      inherit (p) sha256;
+    };
 
-  buildIntel = pkg: pipe pkg [
-    resolveDeps
-    removeBlacklist
-    (l: {srcs = map fetchDeb l; deps = l; })
-    (dpkgExtractAll "${pkg.provides}-extracted" pkg.version)
-  ];
+  buildIntel =
+    pkg:
+    pipe pkg [
+      resolveDeps
+      removeBlacklist
+      (l: {
+        srcs = map fetchDeb l;
+        deps = l;
+      })
+      (dpkgExtractAll "${pkg.provides}-extracted" pkg.version)
+    ];
 
-  findHpcKit = year: findMatching { pname = "intel-hpckit"; kind = "<<"; version = toString (year+1); };
+  findHpcKit =
+    year:
+    findMatching {
+      pname = "intel-hpckit";
+      kind = "<<";
+      version = toString (year + 1);
+    };
   years = map toInt (attrNames components);
 
   patchIntel = callPackage ./patch_intel.nix { };
@@ -187,18 +259,39 @@ let
     };
   };
 
-  replaceDots = replaceStrings ["."] ["_"];
+  replaceDots = replaceStrings [ "." ] [ "_" ];
 
-in lib.recurseIntoAttrs (listToAttrs (map (year: let
-      year_str = toString year;
-    in {
-      name = "hpckit_${year_str}";
-      value = patchIntel {unpatched = buildIntel (findHpcKit year); components = components.${year_str}; };
-  }) years)) // {
+in
+lib.recurseIntoAttrs (
+  listToAttrs (
+    map (
+      year:
+      let
+        year_str = toString year;
+      in
+      {
+        name = "hpckit_${year_str}";
+        value = patchIntel {
+          unpatched = buildIntel (findHpcKit year);
+          components = components.${year_str};
+        };
+      }
+    ) years
+  )
+)
+// {
   apt = pipe aptData [
     (groupBy (p: replaceDots p.provides))
-    (mapAttrs (_: l: listToAttrs (map (pkg: { name = replaceDots ("v" + pkg.version); value = pkg; }) l)))
-  ] ;
+    (mapAttrs (
+      _: l:
+      listToAttrs (
+        map (pkg: {
+          name = replaceDots ("v" + pkg.version);
+          value = pkg;
+        }) l
+      )
+    ))
+  ];
 
   inherit resolveDeps patchIntel buildIntel;
 }

pkgs/intel-oneapi/patch_intel.nix

@@ -1,174 +1,189 @@
-{ stdenv
-, stdenvNoCC
-, lib
-, symlinkJoin
-, autoPatchelfHook
-, wrapCCWith
-, overrideCC
-, gcc
-, hwloc
-, libelf
-, libffi_3_3
-, libpsm2
-, libuuid
-, libxml2
-, numactl
-, ocl-icd
-, openssl
-, python3
-, rdma-core
-, ucx
-, zlib
+{
+  stdenv,
+  stdenvNoCC,
+  lib,
+  symlinkJoin,
+  autoPatchelfHook,
+  wrapCCWith,
+  overrideCC,
+  gcc,
+  hwloc,
+  libelf,
+  libffi_3_3,
+  libpsm2,
+  libuuid,
+  libxml2,
+  numactl,
+  ocl-icd,
+  openssl,
+  python3,
+  rdma-core,
+  ucx,
+  zlib,
 }:
 
 lib.makeOverridable (
-{
-  unpatched,
-  components ? { },
-  extraPackages ? components.extraPackages or []
-}:
+  {
+    unpatched,
+    components ? { },
+    extraPackages ? components.extraPackages or [ ],
+  }:
 
-let
-  inherit (builtins) attrValues filter mapAttrs removeAttrs;
+  let
+    inherit (builtins)
+      attrValues
+      filter
+      mapAttrs
+      removeAttrs
+      ;
 
-  __components = removeAttrs components ["extraPackages"];
-  _components = __components;
-  # _components = lib.traceSeqN 2 {
-  #   inherit unpatched __components;
-  #   deps = builtins.map (x: "${x.pname}-${x.version}") unpatched.deps;
-  # } __components;
+    __components = removeAttrs components [ "extraPackages" ];
+    _components = __components;
+    # _components = lib.traceSeqN 2 {
+    #   inherit unpatched __components;
+    #   deps = builtins.map (x: "${x.pname}-${x.version}") unpatched.deps;
+    # } __components;
 
-  wrapIntel = { cc, extraBuildCommands ? "", extraInstall ? "", ... }@args:
-    let
-      targetConfig = stdenv.targetPlatform.config;
-    in (wrapCCWith {
-      inherit cc;
-      extraBuildCommands = ''
-        echo "-L${gcc.cc}/lib/gcc/${targetConfig}/${gcc.version}" >> $out/nix-support/cc-ldflags
-        echo "-L${gcc.cc.lib}/lib" >> $out/nix-support/cc-ldflags
-        echo "-L${cc}/lib" >> $out/nix-support/cc-ldflags
+    wrapIntel =
+      cc:
+      let
+        targetConfig = stdenv.targetPlatform.config;
+      in
+      (wrapCCWith {
+        inherit cc;
 
-        # echo "--gcc-toolchain=${gcc.cc}" >> $out/nix-support/libcxx-cxxflags
-        echo "--gcc-toolchain=${gcc.cc}" >> $out/nix-support/cc-cflags
+        nixSupport = {
+          cc-ldflags = [
+            "-L${gcc.cc}/lib/gcc/${targetConfig}/${gcc.version}"
+            "-L${gcc.cc.lib}/lib"
+            "-L${cc}/lib"
+          ];
+          cc-cflags = [
+            "--gcc-toolchain=${gcc.cc}"
+            "-isystem \"${cc.original}/lib/clang/*/include\""
+            "-isystem ${cc}/include"
+            "-isystem ${cc}/include/intel64"
+            "-isystem ${gcc.cc}/lib/gcc/${targetConfig}/${gcc.version}/include"
+          ];
+          libcxx-cxxflags = [
+            # "--gcc-toolchain=${gcc.cc}"
+            "-isystem ${gcc.cc}/include/c++/${gcc.version}"
+            "-isystem ${gcc.cc}/include/c++/${gcc.version}/${targetConfig}"
+          ];
+        };
 
-        # For some reason, If we don't resolve the realpath things go wrong
-        for stddef in ${cc}/lib/clang/*/include/stddef.h ; do
-          dir=$(dirname $(realpath "$stddef"))
-          echo "-isystem $dir" >> $out/nix-support/cc-cflags
-        done
+        extraBuildCommands = ''
+          # FIXME: We should find a better way to modify the PATH instead of using
+          # this ugly hack. See https://jungle.bsc.es/git/rarias/bscpkgs/issues/9
+          echo 'path_backup="${gcc.cc}/bin:$path_backup"' >>$out/nix-support/cc-wrapper-hook
 
-        echo "-isystem ${cc}/include" >> $out/nix-support/cc-cflags
-        echo "-isystem ${cc}/include/intel64" >> $out/nix-support/cc-cflags
+          # Disable hardening by default
+          echo "" > $out/nix-support/add-hardening.sh
 
-        for dir in ${gcc.cc}/lib/gcc/${targetConfig}/*/include; do
-          echo "-isystem $dir" >> $out/nix-support/cc-cflags
-        done
+          wrap icx  $wrapper $ccPath/icx
+          wrap icpx $wrapper $ccPath/icpx
+          wrap ifx  $wrapper $ccPath/ifx
 
-        for dir in ${gcc.cc}/include/c++/*; do
-          echo "-isystem $dir" >> $out/nix-support/libcxx-cxxflags
-        done
-        for dir in ${gcc.cc}/include/c++/*/${targetConfig}; do
-          echo "-isystem $dir" >> $out/nix-support/libcxx-cxxflags
-        done
+          ln -s $out/bin/icpx $out/bin/c++
+          ln -s $out/bin/icx  $out/bin/cc
 
-        # FIXME: We should find a better way to modify the PATH instead of using
-        # this ugly hack. See https://jungle.bsc.es/git/rarias/bscpkgs/issues/9
-        echo 'path_backup="${gcc.cc}/bin:$path_backup"' >> $out/nix-support/cc-wrapper-hook
+          sed -i 's/.*isCxx=0/isCxx=1/' $out/bin/icpx
 
-        # Disable hardening by default
-        echo "" > $out/nix-support/add-hardening.sh
-      '' + extraBuildCommands;
-    } // (removeAttrs args ["cc" "extraBuildCommands" "extraInstall"])
-    ).overrideAttrs (old: {
-      installPhase = old.installPhase + extraInstall;
-    });
+          # Use this to detect when a compiler subprocess is called
+          # from icpx (--fsycl-host-compiler)
+          echo 'export NIX_CC_WRAPPER_INTEL=1' >>$out/nix-support/cc-wrapper-hook
 
-in
-stdenvNoCC.mkDerivation (finalAttrs: {
-  pname = lib.removeSuffix "-extracted" unpatched.pname;
-  inherit (unpatched) version;
-  src = unpatched;
+          # oneMath looks for sycl libraries in bin/../lib
+          ln -s ${cc}/lib $out/lib
+          ln -s ${cc}/include $out/include
+        '';
+      }).overrideAttrs
+        (old: {
+          installPhase = old.installPhase + ''
+            export named_cc="icx"
+            export named_cxx="icpx"
+            export named_fc="ifx"
+          '';
+        });
 
-  phases = [ "installPhase" "fixupPhase" ];
-  buildInputs = [
-    libffi_3_3
-    libelf
-    libxml2
-    hwloc
-    numactl
-    libuuid
-    libpsm2
-    zlib
-    ocl-icd
-    rdma-core
-    ucx
-    openssl
-    python3
-    stdenv.cc.cc.lib
-  ] ++ extraPackages;
+  in
+  stdenvNoCC.mkDerivation (finalAttrs: {
+    pname = lib.removeSuffix "-extracted" unpatched.pname;
+    inherit (unpatched) version;
+    src = unpatched;
 
-  autoPatchelfIgnoreMissingDeps = [ "libhwloc.so.5" "libcuda.so.1" "libze_loader.so.1" ];
+    phases = [
+      "installPhase"
+      "fixupPhase"
+    ];
+    buildInputs = [
+      libffi_3_3
+      libelf
+      libxml2
+      hwloc
+      numactl
+      libuuid
+      libpsm2
+      zlib
+      ocl-icd
+      rdma-core
+      ucx
+      openssl
+      python3
+      stdenv.cc.cc.lib
+    ]
+    ++ extraPackages;
 
-  # There are broken symlinks that go outside packages, ignore them
-  dontCheckForBrokenSymlinks = true;
+    autoPatchelfIgnoreMissingDeps = [
+      "libhwloc.so.5"
+      "libcuda.so.1"
+      "libze_loader.so.1"
+    ];
 
-  nativeBuildInputs = [ autoPatchelfHook ];
-  installPhase = ''
-    cp -r $src/opt/intel/oneapi/ $out
-  '';
+    # There are broken symlinks that go outside packages, ignore them
+    dontCheckForBrokenSymlinks = true;
 
-  passthru = let
-    pkgs = mapAttrs
-      (folder: version: symlinkJoin {
-        pname = "intel-${folder}";
-        inherit version;
-        paths = ["${finalAttrs.finalPackage}/${folder}/${version}"];
-      })
-      _components;
-  in pkgs // {
-    inherit unpatched;
-    pkgs = lib.recurseIntoAttrs pkgs;
-    components = _components;
+    nativeBuildInputs = [ autoPatchelfHook ];
+    installPhase = ''
+      cp -r $src/opt/intel/oneapi/ $out
+    '';
 
-    # This contains all packages properly symlinked into toplevel directories
-    # in $out.
-    #
-    # NOTE: there are clashes with packages that have symlinks outside their
-    # scope (libtcm and env/vars.sh)
-    all = symlinkJoin {
-      pname = finalAttrs.finalPackage + "-symlinked";
-      inherit (finalAttrs.finalPackage) version;
-      paths = filter lib.isDerivation (attrValues finalAttrs.finalPackage.pkgs);
-    };
+    passthru =
+      let
+        pkgs = mapAttrs (
+          folder: version:
+          let
+            original = "${finalAttrs.finalPackage}/${folder}/${version}";
+          in
+          symlinkJoin {
+            pname = "intel-${folder}";
+            inherit version;
+            paths = [ original ];
+            passthru = { inherit original; };
+          }
+        ) _components;
+      in
+      pkgs
+      // {
+        inherit unpatched;
+        pkgs = lib.recurseIntoAttrs pkgs;
+        components = _components;
 
-    stdenv = overrideCC stdenv finalAttrs.finalPackage.cc;
+        # This contains all packages properly symlinked into toplevel directories
+        # in $out.
+        #
+        # NOTE: there are clashes with packages that have symlinks outside their
+        # scope (libtcm and env/vars.sh)
+        all = symlinkJoin {
+          pname = finalAttrs.finalPackage.pname + "-symlinked";
+          inherit (finalAttrs.finalPackage) version;
+          paths = filter lib.isDerivation (attrValues finalAttrs.finalPackage.pkgs);
+        };
 
-    cc = wrapIntel {
-      cc = finalAttrs.finalPackage.pkgs.compiler;
-      extraBuildCommands = ''
-        wrap icx  $wrapper $ccPath/icx
-        wrap icpx $wrapper $ccPath/icpx
-        wrap ifx  $wrapper $ccPath/ifx
+        stdenv = overrideCC stdenv finalAttrs.finalPackage.cc;
 
-        ln -s $out/bin/icpx $out/bin/c++
-        ln -s $out/bin/icx  $out/bin/cc
+        cc = wrapIntel finalAttrs.finalPackage.pkgs.compiler;
+      };
 
-        # Use this to detect when a compiler subprocess is called
-        # from icpx (--fsycl-host-compiler)
-        echo 'export "NIX_CC_WRAPPER_INTEL=1"' >> $out/nix-support/cc-wrapper-hook
-
-        sed -i 's/.*isCxx=0/isCxx=1/' $out/bin/icpx
-
-        # oneMath looks for sycl libraries in bin/../lib
-        ln -s ${finalAttrs.finalPackage.pkgs.compiler}/lib $out/lib
-        ln -s ${finalAttrs.finalPackage.pkgs.compiler}/include $out/include
-      '';
-      extraInstall = ''
-        export named_cc="icx"
-        export named_cxx="icpx"
-        export named_fc="ifx"
-      '';
-    };
-  };
-
-}))
+  })
+)

pkgs/onemath/default.nix

@@ -1,30 +1,33 @@
-{ lib
-, fetchFromGitHub
-, cmake
-, withCFlags
-, intelPackages
+{
+  lib,
+  fetchFromGitHub,
+  cmake,
+  withCFlags,
+  intelPackages,
 
-, mklSupport ? true
+  mklSupport ? true,
 
-, config
+  config,
 
-, cudaSupport ? config.cudaSupport
-, cudaPackages ? { }
+  cudaSupport ? config.cudaSupport,
+  cudaPackages ? { },
 
-, rocmSupport ? config.rocmSupport
-, hipTargets ? null # only one target at a time supported
-, rocmPackages ? { }
+  rocmSupport ? config.rocmSupport,
+  hipTargets ? null, # only one target at a time supported
+  rocmPackages ? { },
 }:
 
 let
   # rocmSupport is not enough, we need a specific target
   enableHip = rocmSupport && hipTargets != null;
 
-  stdenv = withCFlags (lib.optionals cudaSupport [ "--cuda-path=${cudaPackages.cudatoolkit}" ]) intelPackages.stdenv;
+  stdenv = withCFlags (lib.optionals cudaSupport [
+    "--cuda-path=${cudaPackages.cudatoolkit}"
+  ]) intelPackages.stdenv;
 in
 
-  # at least one backend has to be enabled
-  assert mklSupport || cudaSupport || enableHip;
+# at least one backend has to be enabled
+assert mklSupport || cudaSupport || enableHip;
 
 stdenv.mkDerivation rec {
   pname = "oneMath";
@@ -38,47 +41,51 @@ stdenv.mkDerivation rec {
   };
 
   cmakeFlags = [
-    (lib.cmakeBool "ENABLE_MKLCPU_BACKEND"    mklSupport)
-    (lib.cmakeBool "ENABLE_MKLGPU_BACKEND"    mklSupport)
+    (lib.cmakeBool "ENABLE_MKLCPU_BACKEND" mklSupport)
+    (lib.cmakeBool "ENABLE_MKLGPU_BACKEND" mklSupport)
 
-    (lib.cmakeBool "ENABLE_CUBLAS_BACKEND"    cudaSupport)
-    (lib.cmakeBool "ENABLE_CUFFT_BACKEND"     cudaSupport)
-    (lib.cmakeBool "ENABLE_CURAND_BACKEND"    cudaSupport)
-    (lib.cmakeBool "ENABLE_CUSOLVER_BACKEND"  cudaSupport)
-    (lib.cmakeBool "ENABLE_CUSPARSE_BACKEND"  cudaSupport)
+    (lib.cmakeBool "ENABLE_CUBLAS_BACKEND" cudaSupport)
+    (lib.cmakeBool "ENABLE_CUFFT_BACKEND" cudaSupport)
+    (lib.cmakeBool "ENABLE_CURAND_BACKEND" cudaSupport)
+    (lib.cmakeBool "ENABLE_CUSOLVER_BACKEND" cudaSupport)
+    (lib.cmakeBool "ENABLE_CUSPARSE_BACKEND" cudaSupport)
 
-    (lib.cmakeBool "ENABLE_ROCBLAS_BACKEND"   enableHip)
-    (lib.cmakeBool "ENABLE_ROCFFT_BACKEND"    enableHip)
+    (lib.cmakeBool "ENABLE_ROCBLAS_BACKEND" enableHip)
+    (lib.cmakeBool "ENABLE_ROCFFT_BACKEND" enableHip)
     (lib.cmakeBool "ENABLE_ROCSOLVER_BACKEND" enableHip)
-    (lib.cmakeBool "ENABLE_ROCRAND_BACKEND"   enableHip)
+    (lib.cmakeBool "ENABLE_ROCRAND_BACKEND" enableHip)
     (lib.cmakeBool "ENABLE_ROCSPARSE_BACKEND" enableHip)
 
     (lib.cmakeBool "BUILD_FUNCTIONAL_TESTS" false)
     (lib.cmakeBool "BUILD_EXAMPLES" false)
-  ] ++ lib.optionals enableHip [
+  ]
+  ++ lib.optionals enableHip [
     (lib.cmakeFeature "HIP_TARGETS" hipTargets)
   ];
 
   nativeBuildInputs = [ cmake ];
-  buildInputs = lib.optionals (mklSupport) [
-    intelPackages.mkl
-    intelPackages.tbb
-  ] ++ lib.optionals (enableHip) [
-    rocmPackages.rocmPath
-    rocmPackages.rocblas
-    rocmPackages.rocfft
-    rocmPackages.rocsolver
-    rocmPackages.rocrand
-    rocmPackages.rocsparse
-  ] ++ lib.optionals (cudaSupport) [
-    (lib.getDev cudaPackages.cuda_cudart)
-    cudaPackages.cudatoolkit
+  buildInputs =
+    lib.optionals (mklSupport) [
+      intelPackages.mkl
+      intelPackages.tbb
+    ]
+    ++ lib.optionals (enableHip) [
+      rocmPackages.rocmPath
+      rocmPackages.rocblas
+      rocmPackages.rocfft
+      rocmPackages.rocsolver
+      rocmPackages.rocrand
+      rocmPackages.rocsparse
+    ]
+    ++ lib.optionals (cudaSupport) [
+      (lib.getDev cudaPackages.cuda_cudart)
+      cudaPackages.cudatoolkit
 
-    cudaPackages.libcublas
-    cudaPackages.libcurand
-    cudaPackages.libcufft
-    cudaPackages.libcusparse
-    cudaPackages.libcusolver
-  ];
+      cudaPackages.libcublas
+      cudaPackages.libcurand
+      cudaPackages.libcufft
+      cudaPackages.libcusparse
+      cudaPackages.libcusolver
+    ];
 
 }

test/compilers/hello-sycl.nix

@@ -1,4 +1,8 @@
-{ intelPackages,  writeText, strace }:
+{
+  intelPackages,
+  writeText,
+  strace,
+}:
 
 let
   stdenv = intelPackages.stdenv;
@@ -26,7 +30,7 @@ let
         return 0;
     } catch (sycl::exception &e) {
         std::cout << "SYCL exception: " << e.what() << std::endl;
-        return 0; // we excpect to fail since no devices should be available;
+        return 0; // we expect to fail since no devices should be available;
     }
   '';
 in
@@ -34,7 +38,10 @@ in
 stdenv.mkDerivation {
   version = "0.0.1";
   name = "hello-sycl";
-  buildInputs = [ stdenv strace ];
+  buildInputs = [
+    stdenv
+    strace
+  ];
   src = hello_sycl;
   dontUnpack = true;
   dontConfigure = true;

test/compilers/icpx-ompss2.nix

@@ -1,4 +1,11 @@
-{ writeText, intelPackages, nodes, nosv, clangOmpss2Nodes, strace }:
+{
+  writeText,
+  intelPackages,
+  nodes,
+  nosv,
+  clangOmpss2Nodes,
+  strace,
+}:
 
 let
   hello_cpp = writeText "hello.cpp" ''