lab/sx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bundling: fs/process stdlib + post-link callback + Apple .app in sx

Browse Source 
Campaign Weeks 3-6 of /Users/agra/.claude/plans/lets-plan-to-move-splendid-pumpkin.md
land in one push: the bundling pipeline that used to live in
src/target.zig (createBundle, embedFramework, extractEntitlements,
buildInfoPlist, codesign) now lives in
library/modules/platform/bundle.sx and runs in the IR interpreter
after target.link() returns.

New language-side surface:
- library/modules/fs.sx — POSIX libc bindings (open/read/write/close,
  mkdir/unlink/rmdir, chmod, rename, access, basename/dirname). Variadic
  open() lowers to C's varargs via the new args: ..T form. Direct libc
  calls bypass *File method dispatch so they work from the post-link
  IR interpreter.
- library/modules/process.sx — popen-based run(cmd) returning
  ProcessResult{ exit_code, stdout }, plus env() and find_executable().
- library/modules/std.sx — xml_escape(s) and variadic path_join(parts).
- library/modules/compiler.sx — BuildOptions grows
  set_post_link_callback / set_post_link_module / binary_path
  accessors; bundle_path/bundle_id/codesign_identity/provisioning_profile
  setters + accessors; per-target predicates is_macos/is_ios/
  is_ios_device/is_ios_simulator + target_triple; framework_count /
  framework_at(i) / framework_path_count / framework_path_at(i);
  add_asset_dir(src, dest) + asset_dir_count / src_at / dest_at.

Compiler-side wiring:
- src/ir/compiler_hooks.zig — BuildConfig now carries post_link_callback_fn,
  post_link_module, binary_path, bundle_*, target_triple,
  target_frameworks, target_framework_paths, asset_dirs. Hook registry
  exposes every accessor; getters return "" / 0 for unset fields so
  bundle.sx can treat absent values uniformly.
- src/ir/host_ffi.zig (new) — dlsym(RTLD_DEFAULT) + arity-switched cdecl
  trampolines so #foreign("c") declarations resolve through the host
  libc during #run / post-link interpretation.
- src/ir/interp.zig — callForeign dispatch; build_config pointer
  injection so accessor hooks see live state during re-entry.
- src/core.zig — keeps the IR module alive past generateCode; exposes
  invokeByName / invokeByFuncId so main.zig can re-enter the
  interpreter after linking.
- src/main.zig — wires bundle/codesign/provisioning CLI flags +
  target_triple + framework lists into BuildConfig; invokes the
  post-link callback (by FuncId or by <module>.bundle_main lookup) once
  target.link() returns. When --bundle is set but no callback is
  registered, auto-falls-back to post_link_module = "platform.bundle"
  so the legacy --bundle CLI keeps working for any program that imports
  modules/platform/bundle.sx.

Apple .app bundler (library/modules/platform/bundle.sx):
- Single bundle_main entry covers macOS, iOS simulator, iOS device.
  Per-target Info.plist switch keys off is_ios()/is_ios_simulator() —
  iOS emits UIDeviceFamily / LSRequiresIPhoneOS /
  UIApplicationSceneManifest / DTPlatformName (iPhoneOS or
  iPhoneSimulator); macOS emits the minimal CFBundle* set.
- iOS-only steps:
  - Provisioning embed: fs.read_file + fs.write_file to
    <bundle>/embedded.mobileprovision.
  - Framework embed: recursive cp -R per -F search path into
    <bundle>/Frameworks/<Name>.framework/ (until fs.sx grows list_dir).
  - Entitlements extraction: four process.run calls (security cms -D,
    plutil -extract Entitlements xml1, plutil -extract
    ApplicationIdentifierPrefix.0, plutil -replace application-identifier)
    resolving the wildcard <TEAM>.* -> <TEAM>.<bundle_id>.
  - Real codesign with --entitlements when present.
- Asset dirs (add_asset_dir): recursive cp -R src/. into <bundle>/dest/.
  Missing src is treated as "nothing to do" so projects can register
  add_asset_dir("assets", "assets") unconditionally.

Parser:
- parseStmt() now accepts #import \"path\"; and #framework \"Name\"; as
  statement-position tokens. Needed for top-level
  inline if OS == .android { #import \"modules/platform/android.sx\"; }
  blocks (issue-0042 flatten pass surfaces them); chess's
  inline-if-with-#import was rejected at parse time before this fix.

Removals from src/target.zig:
- createBundle, embedFramework, extractEntitlements, buildInfoPlist,
  codesign (~210 lines). main.zig no longer calls createBundle after
  link(); the sx callback is the single entry point.

Tests / regression markers (all run under sx run host JIT):
- examples/115-post-link-callback.sx — callback registration round-trip.
- examples/116-fs-roundtrip.sx — fs.write_file -> fs.read_file -> exists.
- examples/117-process-roundtrip.sx — process.run + env + find_executable.
- examples/118-macos-bundle.sx — macOS .app via bundle_main callback.
- examples/119-interp-cast-ptr-cmp.sx — cast(T) val under interpreter.
- examples/120-interp-variadic-any.sx — variadic ..Any indexing in IR
  interpreter.
- examples/121-ios-sim-bundle.sx — iOS-sim cross-compile + .app with
  iOS-shaped Info.plist (added to tests/cross_compile.sh as the
  ios-sim tuple).
- examples/122-ios-device-bundle.sx — iOS device cross-compile +
  full codesign pipeline (provisioning embed + entitlements
  extraction + --entitlements codesign). Manually verified end-to-end:
  installed via xcrun devicectl device install app + launched
  successfully on iPhone 17 Pro.
- examples/123-inline-if-import-in-body.sx — locks in the parser fix.

zig build && zig build test && bash tests/run_examples.sh => 141 passed,
0 failed; bash tests/cross_compile.sh => 7 passed, 0 failed.
This commit is contained in:
agra
2026-05-22 19:03:31 +03:00
parent 30fed66616
commit 5cc62e63c3
50 changed files with 2827 additions and 589 deletions
Download Patch File Download Diff File Expand all files Collapse all files

241
src/target.zig
View File

@@ -926,243 +926,10 @@ pub fn link(allocator: std.mem.Allocator, io: std.Io, output_obj: []const u8, ex
if (result.exited != 0) return error.LinkError;
}
/// Move `binary_path` into a freshly-created `<bundle_path>` directory,
/// write a minimal Info.plist, and ad-hoc codesign for simulator runs.
/// The executable inside the bundle is named after the basename of
/// `binary_path` (also used as CFBundleExecutable).
pub fn createBundle(allocator: std.mem.Allocator, io: std.Io, binary_path: []const u8, target_config: TargetConfig, frameworks: []const []const u8) !void {
const bundle_path = target_config.bundle_path orelse return error.NoBundlePath;
const bundle_id = target_config.bundle_id orelse {
std.debug.print("error: --bundle requires --bundle-id (e.g. co.swipelab.app)\n", .{});
return error.MissingBundleId;
};
// Device builds without a real identity will be rejected by the device,
// so fail fast with a clear hint.
if (target_config.isIOSDevice() and target_config.codesign_identity == null) {
std.debug.print("error: --target ios requires --codesign-identity (e.g. \"Apple Development: ...\") and --provisioning-profile <path>\n", .{});
return error.MissingCodesignIdentity;
}
const cwd = std.Io.Dir.cwd();
cwd.deleteTree(io, bundle_path) catch {};
try cwd.createDirPath(io, bundle_path);
const exe_name = std.fs.path.basename(binary_path);
const exe_dest = try std.fs.path.join(allocator, &.{ bundle_path, exe_name });
cwd.rename(binary_path, cwd, exe_dest, io) catch return error.BundleMoveFailed;
// Info.plist
const plist = try buildInfoPlist(allocator, exe_name, bundle_id, target_config);
const plist_path = try std.fs.path.join(allocator, &.{ bundle_path, "Info.plist" });
try cwd.writeFile(io, .{ .sub_path = plist_path, .data = plist });
// Embed provisioning profile if supplied. Required for device installs.
if (target_config.provisioning_profile) |pp| {
const profile_data = std.Io.Dir.readFileAlloc(.cwd(), io, pp, allocator, .limited(1 * 1024 * 1024)) catch {
std.debug.print("error: cannot read provisioning profile: {s}\n", .{pp});
return error.ProvisioningProfileNotFound;
};
const embedded_path = try std.fs.path.join(allocator, &.{ bundle_path, "embedded.mobileprovision" });
try cwd.writeFile(io, .{ .sub_path = embedded_path, .data = profile_data });
}
// Embed any dynamic frameworks the binary links against. iOS apps load
// frameworks from `<bundle>.app/Frameworks/<Name>.framework/<Name>` via
// the `@executable_path/Frameworks` rpath we set at link time. For each
// framework, look it up in `framework_paths` and copy the bundle in.
if (target_config.isIOS() and frameworks.len > 0) {
const fw_dir = try std.fs.path.join(allocator, &.{ bundle_path, "Frameworks" });
try cwd.createDirPath(io, fw_dir);
for (frameworks) |fw| {
try embedFramework(allocator, io, fw, target_config.framework_paths, fw_dir);
}
}
// Codesign: real identity for device, ad-hoc otherwise.
const identity: []const u8 = target_config.codesign_identity orelse "-";
const ent_path: ?[]const u8 = if (target_config.entitlements_path) |e| e else blk: {
if (target_config.provisioning_profile) |pp| {
break :blk try extractEntitlements(allocator, io, pp, bundle_id);
}
break :blk null;
};
try codesign(allocator, io, bundle_path, identity, ent_path);
}
/// Find `<name>.framework` in one of `framework_paths` and copy it into
/// `<dest_dir>/<name>.framework`. Shells out to `cp -R` because Zig's std
/// doesn't expose a recursive-copy primitive on `Io.Dir` yet.
fn embedFramework(allocator: std.mem.Allocator, io: std.Io, name: []const u8, framework_paths: []const []const u8, dest_dir: []const u8) !void {
const cwd = std.Io.Dir.cwd();
const subdir = try std.fmt.allocPrint(allocator, "{s}.framework", .{name});
for (framework_paths) |fp| {
const candidate = try std.fs.path.join(allocator, &.{ fp, subdir });
if (cwd.openDir(io, candidate, .{})) |d| {
d.close(io);
const dest = try std.fs.path.join(allocator, &.{ dest_dir, subdir });
const r = std.process.run(allocator, io, .{
.argv = &.{ "cp", "-R", candidate, dest },
}) catch return error.FrameworkCopyFailed;
defer allocator.free(r.stdout);
defer allocator.free(r.stderr);
if (r.term != .exited or r.term.exited != 0) {
std.debug.print("error: cp -R {s} -> {s} failed: {s}\n", .{ candidate, dest, r.stderr });
return error.FrameworkCopyFailed;
}
return;
} else |_| {}
}
std.debug.print("warning: framework '{s}' not found in any -F path; runtime load will fail\n", .{name});
}
/// Extract entitlements XML from a `.mobileprovision` and resolve the
/// `application-identifier` wildcard (`<TEAM>.*`) to the concrete bundle ID
/// (`<TEAM>.<bundle_id>`). Without this substitution the device installer
/// rejects the app with `MIInstallerErrorDomain error 13` /
/// `0xe8008015 (A valid provisioning profile ... was not found)`.
/// Writes the resolved entitlements to `.sx-tmp/entitlements.plist`.
fn extractEntitlements(allocator: std.mem.Allocator, io: std.Io, profile_path: []const u8, bundle_id: []const u8) ![]const u8 {
const cwd = std.Io.Dir.cwd();
cwd.createDirPath(io, ".sx-tmp") catch {};
const profile_plist_path = ".sx-tmp/profile.plist";
const ent_path = ".sx-tmp/entitlements.plist";
// 1. security cms -D -i <profile> -o profile.plist (decode CMS to plist)
const r1 = std.process.run(allocator, io, .{
.argv = &.{ "security", "cms", "-D", "-i", profile_path, "-o", profile_plist_path },
}) catch return error.SecurityCommandFailed;
defer allocator.free(r1.stdout);
defer allocator.free(r1.stderr);
if (r1.term != .exited or r1.term.exited != 0) {
std.debug.print("error: failed to decode provisioning profile: {s}\n", .{r1.stderr});
return error.SecurityCommandFailed;
}
// 2. plutil -extract Entitlements xml1 -o entitlements.plist profile.plist
const r2 = std.process.run(allocator, io, .{
.argv = &.{ "plutil", "-extract", "Entitlements", "xml1", "-o", ent_path, profile_plist_path },
}) catch return error.PlutilCommandFailed;
defer allocator.free(r2.stdout);
defer allocator.free(r2.stderr);
if (r2.term != .exited or r2.term.exited != 0) {
std.debug.print("error: failed to extract entitlements: {s}\n", .{r2.stderr});
return error.PlutilCommandFailed;
}
// 3. Read the team identifier so we can resolve the wildcard. The profile
// stores it as `ApplicationIdentifierPrefix.0` (an array). We use that
// path because `com.apple.developer.team-identifier` would confuse
// plutil — dots in plutil paths are interpreted as path separators.
const r3 = std.process.run(allocator, io, .{
.argv = &.{ "plutil", "-extract", "ApplicationIdentifierPrefix.0", "raw", "-o", "-", profile_plist_path },
}) catch return error.PlutilCommandFailed;
defer allocator.free(r3.stdout);
defer allocator.free(r3.stderr);
if (r3.term != .exited or r3.term.exited != 0) {
std.debug.print("error: profile missing ApplicationIdentifierPrefix: {s}\n", .{r3.stderr});
return error.PlutilCommandFailed;
}
const team = std.mem.trimEnd(u8, r3.stdout, " \t\r\n");
const resolved_app_id = try std.fmt.allocPrint(allocator, "{s}.{s}", .{ team, bundle_id });
defer allocator.free(resolved_app_id);
// 4. plutil -replace application-identifier -string "<team>.<bundle_id>" entitlements.plist
const r4 = std.process.run(allocator, io, .{
.argv = &.{ "plutil", "-replace", "application-identifier", "-string", resolved_app_id, ent_path },
}) catch return error.PlutilCommandFailed;
defer allocator.free(r4.stdout);
defer allocator.free(r4.stderr);
if (r4.term != .exited or r4.term.exited != 0) {
std.debug.print("error: failed to resolve application-identifier: {s}\n", .{r4.stderr});
return error.PlutilCommandFailed;
}
return try allocator.dupe(u8, ent_path);
}
fn buildInfoPlist(allocator: std.mem.Allocator, exe_name: []const u8, bundle_id: []const u8, target_config: TargetConfig) ![]const u8 {
const min_os: []const u8 = "14.0";
const is_sim = target_config.isIOSSimulator();
const platform_key: []const u8 = if (is_sim) "iPhoneSimulator" else "iPhoneOS";
// UIApplicationSceneManifest opts the app into the iOS 13+ scene-based
// lifecycle. Without it, iOS 26 boots the app in `[rb-legacy]` mode and
// the CAMetalLayer never reaches the compositor. With the manifest
// declared (no UISceneDelegate listed), iOS auto-connects an implicit
// scene that our SxAppDelegate can find via `[app connectedScenes]`.
return std.fmt.allocPrint(allocator,
\\<?xml version="1.0" encoding="UTF-8"?>
\\<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
\\<plist version="1.0">
\\<dict>
\\ <key>CFBundleIdentifier</key>
\\ <string>{s}</string>
\\ <key>CFBundleName</key>
\\ <string>{s}</string>
\\ <key>CFBundleExecutable</key>
\\ <string>{s}</string>
\\ <key>CFBundlePackageType</key>
\\ <string>APPL</string>
\\ <key>CFBundleVersion</key>
\\ <string>1</string>
\\ <key>CFBundleShortVersionString</key>
\\ <string>0.1</string>
\\ <key>MinimumOSVersion</key>
\\ <string>{s}</string>
\\ <key>UIDeviceFamily</key>
\\ <array>
\\ <integer>1</integer>
\\ </array>
\\ <key>LSRequiresIPhoneOS</key>
\\ <true/>
\\ <key>UILaunchScreen</key>
\\ <dict/>
\\ <key>UIApplicationSceneManifest</key>
\\ <dict>
\\ <key>UIApplicationSupportsMultipleScenes</key>
\\ <false/>
\\ <key>UISceneConfigurations</key>
\\ <dict>
\\ <key>UIWindowSceneSessionRoleApplication</key>
\\ <array>
\\ <dict>
\\ <key>UISceneConfigurationName</key>
\\ <string>Default Configuration</string>
\\ <key>UISceneDelegateClassName</key>
\\ <string>SxSceneDelegate</string>
\\ </dict>
\\ </array>
\\ </dict>
\\ </dict>
\\ <key>DTPlatformName</key>
\\ <string>{s}</string>
\\</dict>
\\</plist>
\\
, .{ bundle_id, exe_name, exe_name, min_os, platform_key });
}
fn codesign(allocator: std.mem.Allocator, io: std.Io, bundle_path: []const u8, identity: []const u8, entitlements: ?[]const u8) !void {
var argv = std.ArrayList([]const u8).empty;
defer argv.deinit(allocator);
try argv.appendSlice(allocator, &.{ "codesign", "--force", "--sign", identity, "--timestamp=none" });
if (entitlements) |ep| {
try argv.appendSlice(allocator, &.{ "--entitlements", ep });
}
try argv.append(allocator, bundle_path);
const r = std.process.run(allocator, io, .{ .argv = argv.items }) catch |e| {
std.debug.print("error: failed to run codesign: {}\n", .{e});
return error.CodesignFailed;
};
defer allocator.free(r.stdout);
defer allocator.free(r.stderr);
if (r.term != .exited or r.term.exited != 0) {
std.debug.print("codesign failed: {s}\n", .{r.stderr});
return error.CodesignFailed;
}
}
// Apple .app bundling (createBundle, embedFramework, extractEntitlements,
// buildInfoPlist, codesign) has moved to
// `library/modules/platform/bundle.sx`. `src/main.zig` invokes it
// post-link via the BuildOptions callback registered from sx code.
/// After emcc produces HTML output, inject cache-busting hashes into the
/// generated <script> tag and add Module.locateFile for .wasm/.data files.