aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-08-06libstore/linux: precompile and cache the seccomp BPFAlois Wohlschlager
The growth of the seccomp filter in 127ee1a101e3f5ebab39ad98cbe58fefcd52eca5 made its compilation time significant (roughly 10 milliseconds have been measured on one machine). For this reason, it is now precompiled and cached in the parent process so that this overhead is not hit for every single build. It is still not optimal when going through the daemon, because compilation still happens once per client, but it's better than before and doing it only once for the entire daemon requires excessive crimes with the current architecture. Fixes: https://git.lix.systems/lix-project/lix/issues/461 Change-Id: I2277eaaf6bab9bd74bbbfd9861e52392a54b61a3
2024-08-06libstore/linux: compile the seccomp BPF explicitlyAlois Wohlschlager
This is a preparation for precompiling the filter, which is done separately. The behaviour should be unchanged for now. Change-Id: I899aa7242962615949208597aca88913feba1cb8
2024-08-06libstore: add LocalDerivationGoal setupSyscallFilter hookAlois Wohlschlager
The seccomp setup code was a huge chunk of conditionally compiled platform-specific code. For this reason, it is appropriate to move it to the platform-specific implementation file. Ideally its setup could be moved a bit to make it happen at the same place as the Darwin restrictions, but that change is going to be less mechanical. Change-Id: I496aa3c4fabf34656aba1e32b0089044ab5b99f8
2024-08-06package: don't hide system-wide manual pagesAlois Wohlschlager
When MANPATH is unset or contains an empty component, a reasonable default is used. Previously (after 3dced96741816db01f9990e0884224d38ee58390), when MANPATH was unset, the shell hook would only place a location containing the Lix manual pages there, and system-wide manual pages would become unavailable in the development shell, which is undesired. Fix the issue by including an empty component in this case. Change-Id: Ib3c67a831d709fe2a87520e15917eebb59397bd1
2024-08-04tree-wide: fix various lint warningsJade Lovelace
Change-Id: I0fc80718eb7e02d84cc4b5d5deec4c0f41116134
2024-08-04flake & doxygen: update taglineJade Lovelace
This tagline was left over from CppNix and we should make it tastier. Change-Id: Ia182b86f6e751591be71a50521992ad73c7b38b5
2024-08-04nix flake metadata: print modified dates for input flakesJade Lovelace
This was always in the lock file and we can simply actually print it. The test for this is a little bit silly but it should correctly control for my daring to exercise timezone code *and* locale code in a test, which I strongly suspect nobody dared do before. Sample (abridged): ``` Path: /nix/store/gaxb42z68bcr8lch467shvmnhjjzgd8b-source Last modified: 1970-01-01 00:16:40 Inputs: ├───flake-compat: github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33 │ Last modified: 2023-10-04 13:37:54 ├───flake-utils: github:numtide/flake-utils/b1d9ab70662946ef0850d488da1c9019f3a9752a │ Last modified: 2024-03-11 08:33:50 │ └───systems: github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e │ Last modified: 2023-04-09 08:27:08 ``` Change-Id: I355f82cb4b633974295375ebad646fb6e2107f9b
2024-08-04cli: eat terminal codes from stdout alsoJade Lovelace
This *should* be sound, plus or minus the amount that the terminal code eating code is messed up already. This is useful for testing CLI output because it will strip the escapes enough to just shove the expected output in a file. Change-Id: I8a9b58fafb918466ac76e9ab585fc32fb9294819
2024-08-04Implement forcing CLI colour on, and document it betterJade Lovelace
This is necessary to make some old tests work when testing colour against non-interactive outputs. Change-Id: Id89f8a1f45c587fede35a69db85f7a52f2c0a981
2024-08-04manual: fix a syntax error in redirects.js that made it not do anythingJade Lovelace
lol lmao Let's put in a syntax checker in CI so we do not have to deal with this nonsense ever again. Change-Id: I0fe875e0cfc59ab1783087762e5bb07e09ded105
2024-08-04misc docs/meson tidyingJade Lovelace
The docs page has an incorrect escape that leads to a backslash appearing in output. Meson stuff is self-explanatory, just shortens and simplifies a bit. Change-Id: Ib63adf934efd3caeb82ca82988f230e8858a79f9
2024-08-04build: implement clang-tidy using our pluginJade Lovelace
The principle of this is that you can either externally build it with Nix (actual implementation will be in a future commit), or it can be built with meson if the Nix one is not passed in. The idea I have is that dev shells don't receive the one from Nix to avoid having to build it, but CI can use the one from Nix and save some gratuitous rebuilds. The design of this is that you can run `ninja -C build clang-tidy` and it will simply correctly clang-tidy the codebase in spite of PCH bullshit caused by the cc-wrapper. This is a truly horrendous number of hacks in a ball, caused by bugs in several pieces of software, and I am not even getting started. I don't consider this to fix the clang-tidy issue filing, since we still have a fair number of issues to fix even on the existing minimal configuration, and I have not yet implemented it in CI. Realistically we will need to do something like https://github.com/Ericsson/codechecker to be able to silence warnings without physically touching the code, or at least *diff* reports between versions. Also, the run-clang-tidy output design is rather atrocious and must not be inflicted upon anyone I have respect for, since it buries the diagnostics in a pile of invocation logs. We would do really well to integrate with the Gerrit SARIF stuff so we can dump the reports on people in a user-friendly manner. Related: https://git.lix.systems/lix-project/lix/issues/147 Change-Id: Ifefe533f3b56874795de231667046b2da6ff2461
2024-08-03fix: warn and document when advanced attributes will have no impact due to ↵Tom Bereknyei
__structuredAttrs Backport of https://github.com/NixOS/nix/pull/10884. Change-Id: I82cc2794730ae9f4a9b7df0185ed0aea83efb65a
2024-08-03package: improve support for building without BDW-GCAlois Wohlschlager
Expose an option for disabling the BDW-GC build dependency entirely. Fix the place where one of its headers was included (unnecessarily) without proper guarding. Finally, use this machinery to exclude BDW-GC from the ASAN builds entirely (its usage has already been disabled due to compatibility issues anyway), to ensure this configuration is not regressed again. Change-Id: I2ebe8094abf67e7d1e99eed971de3e99d071c10b
2024-08-03libstore: move Goal::waiteeDone into Worker::goalFinishedeldritch horrors
this begins a long and arduous journey to remove all result state from Goal, to eventually drop the std::enable_shared_from_this base, and to completely eliminate all unsynchronized modification of states of both Goal and Worker. by the end of this we will hopefully be able to start and reap multiple derivation builds in parallel, which should speed up the process quite a bit (at least for short local builds, others might not notice a large difference. the build hooks will remain a problem.) Change-Id: I57dcd9b2cab4636ed4aa24cdec67124fef883345
2024-08-02Merge "libstore/ssh: only resume the logger when we paused it" into mainalois31
2024-08-02libstore/ssh: only resume the logger when we paused itAlois Wohlschlager
In the SSH code, the logger was conditionally paused, but unconditionally resumed. This was fine as long as resuming the logger was idempotent. Starting with 0dd1d8ca1cdccfc620644a7f690ed35bcd2d1e74, it isn't any more, and the behaviour of the code in question was missed. Consequently, an assertion failure is triggered for example when performing builds against an "SSH" store on localhost. Fix the issue by only resuming the logger when it has actually been paused. Fixes: https://git.lix.systems/lix-project/lix/issues/458 Change-Id: Ib1e4d047744a129f15730b7216f9c9368c2f4211
2024-08-02libstore: move Goal::amDone to Workereldritch horrors
we still mutate goal state to store the results of any given goal run, but now we also have that information in Worker and could in theory do something else with it. we could return a map of goal to goal results, which would also let us better diagnose failures of subgoals (at all). Change-Id: I1df956bbd9fa8cc9485fb6df32918d68dda3ff48
2024-08-02libstore: return finishedness from Goal methodseldritch horrors
this is the first step towards removing all result-related mutation of Goal state from goal implementations themselves, and into Worker state instead. once that is done we can treat all non-const Goal fields like private state of the goal itself, and make threading of goals possible Change-Id: I69ff7d02a6fd91a65887c6640bfc4f5fb785b45c
2024-08-02libstore: encapsulate worker build hook stateeldritch horrors
once goals run on multiple threads these fields must by synchronized as one, or we try to run build hooks to often (or worse, not often enough) Change-Id: I47860e46fe5c6db41755b2a3a1d9dbb5701c4ca4
2024-08-02libutil: make RunningProgram::wait more resilienteldritch horrors
this will usually be used either directly (which is always fine) or in Finally blocks (where it must never throw execptions). make sure that, exceptions being handled or not, the calling wait() in Finally doesn't cause crashes due to the Finally no-nested-exceptions-thrown assertion Change-Id: Ib83a5d9483b1fe83b9a957dcefeefce5d088f06d
2024-08-02Merge "package: make aws-sdk-cpp build input optional" into mainJeremy List
2024-08-02Merge "nix flake show: add the description if it exists" into mainIsabel
2024-08-02Merge "Reapply "libfetchers: make attribute / URL query handling ↵Maximilian Bosch
consistent"" into main
2024-08-01Reapply "libfetchers: make attribute / URL query handling consistent"Maximilian Bosch
The original attempt at this introduced a regression; this commit reverts the revert and fixes the regression. This reverts commit 3e151d4d77b5296b9da8c3ad209932d1dfa44c68. Fix to the regression: flakeref: fix handling of `?dir=` param for flakes in subdirs As reported in #419[1], accessing a flake in a subdir of a Git repository fails with the previous commit[2] applied with the error error: unsupported Git input attribute 'dir' The problem is that the `dir`-param is inserted into the parsed URL if a flake is fetched from the subdir of a Git repository. However, for the fetching part this isn't even needed. The fix is to just pass `subdir` as second argument to `FlakeRef` (which needs a `basedir` that can be empty) and leave the parsedURL as-is. Added a regression test to make sure we don't run into this again. [1] https://git.lix.systems/lix-project/lix/issues/419 [2] e22172aaf6b6a366cecd3c025590e68fa2b91bcc, originally 3e151d4d77b5296b9da8c3ad209932d1dfa44c68 Change-Id: I2c72d5a32e406a7ca308e271730bd0af01c5d18b
2024-08-01Merge "flake: remove control character from file by using fromJSON" into mainjade
2024-08-02package: make aws-sdk-cpp build input optionalJeremy List
I have added an option to turn off this build input because I'm much more comfortable when I don't have that type of thing on my computer. Its default value is true in order to avoid impacting anyone who depends on AWS features. Change-Id: Ic57f3c9b9468f422e9fbdcf3ba0fe96177631067
2024-08-01Merge changes Icc4747ae,Id4717b5b,Ie3ddb3d0,Ic4d93a08,I00d9ff70 into mainQyriad
* changes: remove unused headers in installable-attr-path libexpr: include the type of the non-derivation value in the type error libexpr: mild cleanup to getDerivations libexpr: DrvInfo: remove unused bad-citizen constructor cleanup and slightly refactor DrvInfo::queryOutputs
2024-07-31flake: remove control character from file by using fromJSONJade Lovelace
I was reminded by various evil things puck did to the evaluator involving null bytes that you can get funny bytes by abusing JSON parsing. It's neater than putting binary in the source file, so let's do it. Change-Id: I1ff2e0d829eb303fbed81fa2ebb3a39412e89ff1
2024-08-01Merge changes from topic "undefined-behaviour" into mainjade
* changes: releng: move officialRelease to version.json Add -Werror CI job ci: add a asan+ubsan test run on x86_64-linux tree-wide: add support for asan!
2024-08-01remove unused headers in installable-attr-pathQyriad
Change-Id: Icc4747aed195e3855b128c73df82e202405af6a8
2024-08-01libexpr: include the type of the non-derivation value in the type errorQyriad
Change-Id: Id4717b5b0df7c09b0dbf17e642d8713a0a3efbae
2024-08-01libexpr: mild cleanup to getDerivationsQyriad
Shuffled the logic around a bit so the shorter code paths are early returns, added comments, etc. Should be NFC. Change-Id: Ie3ddb3d0eddd614d6f8c37bf9a4d5a50282084ea
2024-08-01libexpr: DrvInfo: remove unused bad-citizen constructorQyriad
DrvInfo's constructor that only takes `EvalState` leaves everything else empty; a DrvInfo which has no iota of information about the derivation it represents is not useful, and was not used anywhere. Change-Id: Ic4d93a08cb2748b8cef9a61e41e70404834b23f9
2024-08-01cleanup and slightly refactor DrvInfo::queryOutputsQyriad
Change-Id: I00d9ff707fe61995737b86af6d2eaa1e4d8116ff
2024-07-31releng: move officialRelease to version.jsonJade Lovelace
This was causing a few bits of suffering downstream, in particular, in the NixOS module, which, after this change, can have the `officialRelease` stuff in *it* completely deleted since we now have correct defaulting in package.nix for it. It also eliminates some automated editing of Nix files, which is certainly always welcome to eliminate. Fixes: https://git.lix.systems/lix-project/lix/issues/406 Change-Id: Id12f3018cff4633e379dbfcbe26b7bc84922bdaf
2024-07-31Add -Werror CI jobJade Lovelace
We should cause CLs that introduce compiler warnings to fail CI. Sadly this will only cover Clang, but it will cover Clang for free, so it's truly impossible to say if it's bad or not. Change-Id: I45ca20d77251af9671d5cbe0d29cb08c5f1d03c2
2024-07-31ci: add a asan+ubsan test run on x86_64-linuxJade Lovelace
This should at least catch out blatantly bad patches that don't pass the test suite with ASan. We don't do this to the integration tests since they run on relatively limited-memory VMs and so it may not be super safe to run an evaluator with leak driven garbage collection for them. Fixes: https://git.lix.systems/lix-project/lix/issues/403 Fixes: https://git.lix.systems/lix-project/lix/issues/319 Change-Id: I5267b02626866fd33e8b4d8794344531af679f78
2024-07-31tree-wide: add support for asan!Jade Lovelace
What if you could find memory bugs in Lix without really trying very hard? I've had variously scuffed patches to do this, but this is blocked on boost coroutines removal at this point tbh. Change-Id: Id762af076aa06ad51e77a6c17ed10275929ed578
2024-07-31libexpr: implement actual constructors for nix::ValueQyriad
Change-Id: Iebc2bb4e4ea5e93045afe47677df756de4ec4d05
2024-07-30Merge changes I609a5898,I7afb53c9 into mainV.
* changes: devendor pegtl update flake.lock
2024-07-30libstore: move Goal::getBuildResult to BuildResulteldritch horrors
there are no other uses for this yet, but asking for just a subset of outputs does seem at least somewhat useful to have as a generic thing Change-Id: I30ff5055a666c351b1b086b8d05b9d7c9fb1c77a
2024-07-30Merge "src/libcmd/repl.cc: avoid unneeded reload after :e" into mainMax Siling
2024-07-30src/libcmd/repl.cc: avoid unneeded reload after :eGoldstein
If `:edit`ing a store path, don't reload repl afterwards to avoid losing local variables: store is immutable, so "editing" a store path is always just viewing it. Resolves: https://git.lix.systems/lix-project/lix/issues/341 Change-Id: I3747f75ce26e0595e953069c39ddc3ee80699718
2024-07-30libstore: count all substitutions toward the same limiteldritch horrors
limiting CA substitutions was a rather recent addition, and it used a dedicated counter to not interfere with regular substitutions. though this works fine it somewhat contradicts the documentation; job limits should apply to all kinds of substitutions, or be one limit for each. Change-Id: I1505105b14260ecc1784039b2cc4b7afcf9115c8
2024-07-30libstore: always wake up goals on EOFeldritch horrors
all goals do this. it makes no sense to not notify a goal of EOF conditions because this is the universal signal for "child done" Change-Id: Ic3980de312547e616739c57c6248a8e81308b5ee
2024-07-30libstore: simplify substitution handleEOFeldritch horrors
both substitution goals add only this single fd to their wait set. Change-Id: Ibf921f5bb3919106208a0871523b32c8f67fb3d3
2024-07-29libstore: remove Worker::updateProgresseldritch horrors
just update progress every time a goal has returned from work(). there seem to be no performance penalties, and the code is much simpler now. Change-Id: I288ee568b764ee61f40a498d986afda49987cb50
2024-07-26Merge "releng: Remove workaround for skopeo feature we didn't know about" ↵jade
into main
2024-07-26devendor pegtlvigress8
Change-Id: I609a58985fc5210806d0959049a48976ae079c30