aboutsummaryrefslogtreecommitdiff
path: root/src/libstore
AgeCommit message (Collapse)Author
2024-10-12worker: respect C-c on `sudo nix-build`Maximilian Bosch
While debugging something else I observed that latest `main` ignores `Control-C` on `sudo nix-build`. After reading through the capnproto docs, it seems as if the promise must be fulfilled to actually terminate the `promise.wait()` below. This also applies to scenarios such as stopping the client (`nix-build`), but the builders on the daemon-side are still running, i.e. closes #540 Co-authored-by: eldritch horrors <pennae@lix.systems> Change-Id: I9634d14df4909fc1b65d05654aad0309bcca8a0a
2024-10-08Fix gcc warning -Wmissing-field-initializersLulu
The approach that was taken here was to add default values to the type definitions rather than specify them whenever they are missing. Now the only remaining warning is '-Wunused-parameter' which @jade said is usually counterproductive and that we can just disable it: https://git.lix.systems/lix-project/lix/issues/456#issuecomment-6617 So this change adds the flags '-Wall', '-Wextra' and '-Wno-unused-parameter', so that all warnings are enabled except for '-Wunused-parameter'. Change-Id: Ic223a964d67ab429e8da804c0721ba5e25d53012
2024-10-08Merge "Avoid calling memcpy when len == 0 in filetransfer.cc" into mainLulu
2024-10-08Fix gcc warning -Wsign-compareLulu
Add the compile flag '-Wsign-compare' and adapt the code to fix all cases of this warning. Change-Id: I26b08fa5a03e4ac294daf697d32cf9140d84350d
2024-10-08Avoid calling memcpy when len == 0 in filetransfer.ccLulu
There was a bug report about a potential call to `memcpy` with a null pointer which is not reproducible: https://git.lix.systems/lix-project/lix/issues/492 This occurred in `src/libstore/filetransfer.cc` in `InnerSource::read`. To ensure that this doesn't happen, an early return is added before calling `memcpy` if the length of the data to be copied is 0. This change also adds a test that ensures that when `InnerSource::read` is called with an empty file, it throws an `EndOfFile` exception. Change-Id: Ia18149bee9a3488576c864f28475a3a0c9eadfbb
2024-10-05libstore: remove Worker::{childStarted, goalFinished}eldritch horrors
these two functions are now nearly trivial and much better inline into makeGoalCommon. keeping them separate also separates information about goal completion flows and how failure information ends up in `Worker`. Change-Id: I6af86996e4a2346583371186595e3013c88fb082
2024-10-05libstore: remove Worker::removeGoaleldritch horrors
we can use our newfound powers of Goal::work Is A Real Promise to remove completed goals from continuation promises. apart from being much easier to follow it's also a lot more efficient because we have the iterator to the item we are trying to remove, skipping a linear search of the cache. Change-Id: Ie0190d051c5f4b81304d98db478348b20c209df5
2024-10-05libstore: remove Goal::notifyeldritch horrors
Goal::work() is a fully usable promise that does not rely on the worker to report completion conditions. as such we no longer need the `notify` field that enabled this interplay. we do have to clear goal caches when destroying the worker though, otherwise goal promises may (incorrectly) keep goals alive due to strong shared pointers created by childStarted. Change-Id: Ie607209aafec064dbdf3464fe207d70ba9ee158a
2024-10-05libstore: move Goal::ex to WorkResulteldritch horrors
yet another duplicated field. it's the last one though. Change-Id: I352df8d306794d262d8c9066f3be78acd40e82cf
2024-10-05libstore: move Goal::buildResult to WorkResulteldritch horrors
derivation goals still hold a BuildResult member variable since parts of these results of accumulated in different places, but the Goal class now no longer has such a field. substitution goals don't need it at all, and derivation goals should also be refactored to not drop their buildResult Change-Id: Ic6d3d471cdbe790a6e09a43445e25bedec6ed446
2024-10-05libstore: move Goal::exitCode to WorkResulteldritch horrors
the field is simply duplicated between the two, and now that we can return WorkResults from Worker::run we no longer need both of them. Change-Id: I82fc47d050b39b7bb7d1656445630d271f6c9830
2024-10-05libstore: return goal results from Worker::run()eldritch horrors
this will be needed to move all interesting result fields out of Goal proper and into WorkResult. once that is done we can treat goals as a totally internal construct of the worker mechanism, which also allows us to fully stop exposing unclear intermediate state to Worker users. Change-Id: I98d7778a4b5b2590b7b070bdfc164a22a0ef7190
2024-10-05libstore: remove Worker::topGoalseldritch horrors
since we now propagate goal exceptions properly we no longer need to check topGoals for a reason to abort early. any early abort reasons, whether by exception or a clean top goal failure, can now be handled by inspecting the goal result in the main loop. this greatly reduces goal-to-goal interactions that do not happen at the main loop level. since the underscore-free name is now available for use as variables we'll migrate to that where we currently use `_topGoals` for locals. Change-Id: I5727c5ea7799647c0a69ab76975b1a03a6558aa6
2024-10-05libstore: propagate goal exceptions using promiseseldritch horrors
drop childException since it's no longer needed. also makes waitForInput, childFinished, and childTerminated redundant. Change-Id: I05d88ffd323c5b5c909ac21056162f69ffb0eb9f
2024-10-05libstore: have goals promise WorkResults, not voideldritch horrors
Change-Id: Idd218ec1572eda84dc47accc0dcd8a954d36f098
2024-10-05libstore: extract Worker::goalFinished specificseldritch horrors
there's no reason to have the worker set information on goals that the goals themselves return from their entry point. doing this in the goal `work()` function is much cleaner, and a prerequisite to removing more implicit strong shared references to goals that are currently running. Change-Id: Ibb3e953ab8482a6a21ce2ed659d5023a991e7923
2024-10-05libstore: check for interrupts in parallel promiseeldritch horrors
this simplifies the worker loop, and lets us remove it entirely later. note that ideally only one promise waiting for interrupts should exist in the entire system. not one per event loop, one per *process*. extra interrupt waiters make interrupt response nondeterministic and as such aren't great for user experience. if anything wants to react to aborts caused by explicit interruptions, or anything else, those things would be much better served using RAII guards such as Finally (or KJ_DEFER). Change-Id: I41d035ff40172d536e098153c7375b0972110d51
2024-10-05libstore: remove Goal::StillAliveeldritch horrors
this was a triumph. i'm making a note here: huge success. it's hard to overstate my satisfaction! i'm not even angry. i'm being so sincere ri actually, no. we *are* angry. this was one dumbass odyssey. nobody has asked for this. but not doing it would have locked us into old, broken protocols forever or (possibly worse) forced us to write our own async framework building on the old did-you-mean-continuations in Worker. if we had done that we'd be locked into ever more, and ever more complex, manual state management all over the place. this just could not stand. Change-Id: I43a6de1035febff59d2eff83be9ad52af4659871
2024-10-05Merge "Split ignoreException to avoid suppressing CTRL-C" into mainrebecca “wiggles” turner
2024-10-04libstore: forbid addWantedGoals when finishedeldritch horrors
due to event loop scheduling behavior it's possible for a derivation goal to fully finish (having seen all paths it was asked to create), but to not notify the worker of this in time to prevent another goal asking the recently-finished goal for more outputs. if this happened the finished goal would ignore the request for more outputs since it considered itself fully done, and the delayed result reporting would cause the requesting goal to assume its request had been honored. if the requested goal had finished *properly* the worker would recreate it instead of asking for more outputs, and this would succeed. it is thus safe to always recreate goals once they are done, so we now do. Change-Id: Ifedd69ca153372c623abe9a9b49cd1523588814f
2024-10-01Split ignoreException to avoid suppressing CTRL-CRobert Hensing
This splits `ignoreException` into `ignoreExceptionExceptInterrupt` (which ignores all exceptions except `Interrupt`, which indicates a SIGINT/CTRL-C) and `ignoreExceptionInDestructor` (which ignores all exceptions, so that destructors do not throw exceptions). This prevents many cases where Nix ignores CTRL-C entirely. See: https://github.com/NixOS/nix/issues/7245 Upstream-PR: https://github.com/NixOS/nix/pull/11618 Change-Id: Ie7d2467eedbe840d1b9fa2e88a4e88e4ab26a87b
2024-10-01libstore: turn DerivationGoal::work into *one* promiseeldritch horrors
Change-Id: Ic2f7bc2bd6a1879ad614e4be81a7214f64eb0e85
2024-10-01libstore: turn DrvOutputSubstitutionGoal::work into *one* promiseeldritch horrors
Change-Id: I2d4dcedff0a278d2d8f3d264a9186dfb399275e2
2024-10-01libstore: make PathSubstitutionGoal::work *one* promiseeldritch horrors
Change-Id: I38cfe8c7059251b581f1013c4213804f36b985ea
2024-10-01libstore: turn Worker::updateStatistics into a promiseeldritch horrors
we'll now loop to update displayed statistics, and use this loop to limit the update rate to 50 times per second. we could have updated much more frequently before this (once per iteration of `runImpl`), much faster than would ever be useful in practice. aggressive stats updates can even impede progress due to terminal or network delays. Change-Id: Ifba755a2569f73c919b1fbb06a142c0951395d6d
2024-10-01libstore: remove Worker::wakeUp()eldritch horrors
Worker::run() is now entirely based on the kj event loop and promises, so we need not handle awakeness of goals manually any more. every goal can instead, once it has finished a partial work call, defer itself to being called again in the next iteration of the loop. same end effect. Change-Id: I320eee2fa60bcebaabd74d1323fa96d1402c1d15
2024-10-01libstore: turn periodic gc attempt into a promiseeldritch horrors
notably we will check whether we want to do GC at all only once during startup, and we'll only attempt GC every ten seconds rather than every time a goal has finished a partial work call. this shouldn't cause any problems in practice since relying on auto-gc is not deterministic and stores in which builds can fill all remaining free space in merely ten seconds are severely troubled even when gargage collection runs a lot. Change-Id: I1175a56bf7f4e531f8be90157ad88750ff2ddec4
2024-10-01libstore: turn Worker::run() main loop into a promiseeldritch horrors
Change-Id: Ib112ea9a3e67d5cb3d7d0ded30bbd25c96262470
2024-10-01libstore: turn waitForInput into a promiseeldritch horrors
Change-Id: I8355d8d3f6c43a812990c1912b048e5735b07f7b
2024-10-01Revert "libstore: remove worker removeGoal"Raito Bezarius
Revert submission 1946 Reason for revert: regression in building (found via bisection) Reported by users: > error: path '/nix/store/04ca5xwvasz6s3jg0k7njz6rzi0d225w-jq-1.7.1-dev' does not exist in the store Reverted changes: /q/submissionid:1946 Change-Id: I6f1a4b2f7d7ef5ca430e477fc32bca62fd97036b
2024-09-29libstore: merge ContinueImmediately and StillAliveeldritch horrors
nothing needs to signal being still active but not actively pollable, only that immediate polling for the next goal work phase is in order. Change-Id: Ia43c1015e94ba4f5f6b9cb92943da608c4a01555
2024-09-29libstore: remove worker removeGoaleldritch horrors
this was immensely inefficient on large caches, as can exist when many derivations are buildable simultaneously. since we have smart pointers to goals we can do cache maintenance in goal deleters instead, and use the exact iterators instead of doing a linear search. this *does* rely on goals being deleted to remove them from the cache, which isn't true for toplevel goals. those would have previously been removed when done in all cases, removing the cache entry when keep-going is set. this is arguably incorrect since it might result in those goals being retried, although that could only happen with dynamic derivations or the likes. (luckily dynamic derivations not complete enough to allow this at all) Change-Id: I8e750b868393588c33e4829333d370f2c509ce99
2024-09-29libstore: extract a real makeGoalCommoneldritch horrors
makeDerivationGoalCommon had the right idea, but it didn't quite go far enough. let's do the rest and remove the remaining factory duplication. Change-Id: I1fe32446bdfb501e81df56226fd962f85720725b
2024-09-29libstore: remove Goal::keyeldritch horrors
this was a debugging aid from day one that should not have any impact on build semantics, and if it *does* have an impact on build semantics then build semantics are seriously broken. keeping the order imposed by these keys will be impossible once we let a real event loop schedule our jobs. Change-Id: I5c313324e1f213ab6453d82f41ae5e59de809a5b
2024-09-29libstore: make non-cache goal pointers strongeldritch horrors
without circular references we do not need weak goal pointers except for caches, which should not prevent goal destructors running. caches though cannot create circular references even when they keep strong references. if we removed goals from caches when their work() is fully finished, not when their destructors are run, we could keep strong pointers in caches. since we do not gain much from this we keep those pointers weak for now. Change-Id: I1d4a6850ff5e264443c90eb4531da89f5e97a3a0
2024-09-29libstore: remove Goal::WaitForWorldeldritch horrors
have DerivationGoal and its subclasses produce a wrapper promise for their intermediate results instead, and return this wrapper promise. Worker already handles promises that do not complete immediately, so we do not have to duplicate this into an entire result type variant. Change-Id: Iae8dbf63cfc742afda4d415922a29ac5a3f39348
2024-09-29libstore: fix build testseldritch horrors
the new event loop could very occasionally notice that a dependency of some goal has failed, process the failure, cause the depending goal to fail accordingly, and in the doing of the latter two steps let further dependencies that previously have not been reported as failed do their reporting anyway. in such cases a goal could fail with "1 dependencies failed", but more than one dependency failure message was shown. we'll now report the correct number of failed dependency goals in all cases. Change-Id: I5aa95dcb2db4de4fd5fee8acbf5db833531d81a8
2024-09-29libstore: have makeLocalDerivationGoal return unique_ptrseldritch horrors
these can be unique rather than shared because shared_ptr has a converting constructor. preparatory refactor for something else and not necessary on its own, and the extra allocations we must do for shared_ptr control blocks isn't usually relevant anyway. Change-Id: I5391715545240c6ec8e83a031206edafdfc6462f
2024-09-27libstore: turn Goal::WaitForGoals into a promiseeldritch horrors
also gets rid of explicit strong references to dependencies of any goal, and weak references to dependers as well. those are now only held within promises representing goal completion and thus independent of the goal's relation to each other. the weak references to dependers was only needed for notifications, and that's much better handled entirely by kj itself. Change-Id: I00d06df9090f8d6336ee4bb0c1313a7052fb016b
2024-09-27libstore: replace Goal::WaitForSlot with semaphoreseldritch horrors
now that we have an event loop in the worker we can use it and its magical execution suspending properties to replace the slot counts we managed explicitly with semaphores and raii tokens. technically this would not have needed an event loop base to be doable, but it is a whole lot easier to wait for a token to be available if there is a callback mechanism ready for use that doesn't require a whole damn dedicated abstract method in Goal to work, and specific calls to that dedicated method strewn all over the worker implementation Change-Id: I1da7cf386d94e2bbf2dba9b53ff51dbce6a0cff7
2024-09-27libstore: simplify Worker::waitForInputeldritch horrors
with waitForAWhile turned into promised the core functionality of waitForInput is now merely to let gc run every so often if needed Change-Id: I68da342bbc1d67653901cf4502dabfa5bc947628
2024-09-27libstore: make waiting for a while a promiseeldritch horrors
this simplifies waitForInput quite a lot, and at the same time makes polling less thundering-herd-y. it even fixes early polling wakeups! Change-Id: I6dfa62ce91729b8880342117d71af5ae33366414
2024-09-27libstore: turn builder output processing into event loopeldritch horrors
this removes the rather janky did-you-mean-async poll loop we had so far. sadly kj does not play well with pty file descriptors, so we do have to add our own async input stream that does not eat pty EIO and turns it into an exception. that's still a *lot* better than the old code, and using a real even loop makes everything else easier later. Change-Id: Idd7e0428c59758602cc530bcad224cd2fed4c15e
2024-09-26Merge changes Iaa2e0e9d,Ia973420f into mainjade
* changes: Fix passing custom CA files into the builtin:fetchurl sandbox [security] builtin:fetchurl: Enable TLS verification
2024-09-26Fix passing custom CA files into the builtin:fetchurl sandboxPuck Meerburg
Without this, verifying TLS certificates would fail on macOS, as well as any system that doesn't have a certificate file at /etc/ssl/certs/ca-certificates.crt, which includes e.g. Fedora. Change-Id: Iaa2e0e9db3747645b5482c82e3e0e4e8f229f5f9
2024-09-25[security] builtin:fetchurl: Enable TLS verificationEelco Dolstra
This is better for privacy and to avoid leaking netrc credentials in a MITM attack, but also the assumption that we check the hash no longer holds in some cases (in particular for impure derivations). Partially reverts https://github.com/NixOS/nix/commit/5db358d4d78aea7204a8f22c5bf2a309267ee038. (cherry picked from commit c04bc17a5a0fdcb725a11ef6541f94730112e7b6) (cherry picked from commit f2f47fa725fc87bfb536de171a2ea81f2789c9fb) (cherry picked from commit 7b39cd631e0d3c3d238015c6f450c59bbc9cbc5b) Upstream-PR: https://github.com/NixOS/nix/pull/11585 Change-Id: Ia973420f6098113da05a594d48394ce1fe41fbb9
2024-09-25main: log stack traces for std::terminateJade Lovelace
These stack traces kind of suck for the reasons mentioned on the CppTrace page here (no symbols for inline functions is a major one): https://github.com/jeremy-rifkin/cpptrace I would consider using CppTrace if it were packaged, but to be honest, I think that the more reasonable option is actually to move entirely to out-of-process crash handling and symbolization. The reason for this is that if you want to generate anything of substance on SIGSEGV or really any deadly signal, you are stuck in async-signal-safe land, which is not a place to be trying to run a symbolizer. LLVM does it anyway, probably carefully, and chromium *can* do it on debug builds but in general uses crashpad: https://source.chromium.org/chromium/chromium/src/+/main:base/debug/stack_trace_posix.cc;l=974;drc=82dff63dbf9db05e9274e11d9128af7b9f51ceaa;bpv=1;bpt=1 However, some stack traces are better than *no* stack traces when we get mystery exceptions falling out the bottom of the program. I've also promoted the path for "mystery exceptions falling out the bottom of the program" to hard crash and generate a core dump because although there's been some months since the last one of these, these are nonetheless always *atrociously* diagnosed. We can't improve the crash handling further until either we use Crashpad (which involves more C++ deps, no thanks) or we put in the ostensibly work in progress Rust minidump infrastructure, in which case we need to finish full support for Rust in libutil first. Sample report: Lix crashed. This is a bug. We would appreciate if you report it at https://git.lix.systems/lix-project/lix/issues with the following information included: Exception: std::runtime_error: lol Stack trace: 0# nix::printStackTrace() in /home/jade/lix/lix3/build/src/nix/../libutil/liblixutil.so 1# 0x000073C9862331F2 in /home/jade/lix/lix3/build/src/nix/../libmain/liblixmain.so 2# 0x000073C985F2E21A in /nix/store/p44qan69linp3ii0xrviypsw2j4qdcp2-gcc-13.2.0-lib/lib/libstdc++.so.6 3# 0x000073C985F2E285 in /nix/store/p44qan69linp3ii0xrviypsw2j4qdcp2-gcc-13.2.0-lib/lib/libstdc++.so.6 4# nix::handleExceptions(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::function<void ()>) in /home/jade/lix/lix3/build/src/nix/../libmain/liblixmain.so 5# 0x00005CF65B6B048B in /home/jade/lix/lix3/build/src/nix/nix 6# 0x000073C985C8810E in /nix/store/dbcw19dshdwnxdv5q2g6wldj6syyvq7l-glibc-2.39-52/lib/libc.so.6 7# __libc_start_main in /nix/store/dbcw19dshdwnxdv5q2g6wldj6syyvq7l-glibc-2.39-52/lib/libc.so.6 8# 0x00005CF65B610335 in /home/jade/lix/lix3/build/src/nix/nix Change-Id: I1a9f6d349b617fd7145a37159b78ecb9382cb4e9
2024-09-21Merge "local-store: make extended attribute handling more robust" into mainalois31
2024-09-18util: fix brotli decompression of empty inputJade Lovelace
This caused an infinite loop before since it would just keep asking the underlying source for more data. In practice this happened because an HTTP server served a response to a HEAD request (for which curl will not retrieve any body or call our write callback function) with Content-Encoding: br, leading to decompressing nothing at all and going into an infinite loop. This adds a test to make sure none of our compression methods do that again, as well as just patching the HTTP client to never feed empty data into a compression algorithm (since they absolutely have the right to throw CompressionError on unexpectedly-short streams!). Reported on Matrix: https://matrix.to/#/!lymvtcwDJ7ZA9Npq:lix.systems/$8BWQR_zKxCQDJ40C5NnDo4bQPId3pZ_aoDj2ANP7Itc?via=lix.systems&via=matrix.org&via=tchncs.de Change-Id: I027566e280f0f569fdb8df40e5ecbf46c211dad1
2024-09-14Merge "store: add a hint on how to fix Lix installs broken by macOS Sequoia" ↵jade
into main