From c897fba787c0a0c829f384717ffdc152365a07b2 Mon Sep 17 00:00:00 2001 From: Jade Lovelace Date: Tue, 18 Jun 2024 19:13:40 -0700 Subject: store: fix null reference from DerivationGoal::waiteeDone This happened during a PathSubstitutionGoal of a .drv file: substitution of '/tmp/jade/nix-test/ca/eval-store/store/1lj7lsq5y0f25mfbnq6d3zd0bw5ay33n-dependencies-input-2.drv' What happened here is that since PathSubstitutionGoal is not a DerivationGoal, in production builds, the UB was not caught, since it would early-exit from failing a dynamic_cast to DerivationGoal * on the very next line, but before the null reference was ever used. This was nonetheless UB. The fix should be to just rearrange the two lines; I don't think there is a further bug there, since *substituting a .drv* **necessarily** means you cannot have the representation of the derivation as would be necessary for drv to not be null there. Test failure: ++(eval-store.sh:12) _RR_TRACE_DIR=/home/jade/.local/share/rr rr record -- nix build -f dependencies.nix --eval-store /tmp/jade/nix-test/ca/eval-store/eval-store -o /tmp/jade/nix-test/ca/eval-store/result don't know how to build these paths: /tmp/jade/nix-test/ca/eval-store/store/6y51mf0p57ggipgab6hdjabbvplzsicq-dependencies-top.drv copying 1 paths... copying path '/tmp/jade/nix-test/ca/eval-store/store/8027afyvqb87y1sf5xhdkqsflqn1ziy8-dependencies.builder0.sh' to 'local'... copying 1 paths... copying path '/tmp/jade/nix-test/ca/eval-store/store/7r5pqyncvfgrryf9gzy1z56z3xigi61x-builder-dependencies-input-0.sh' to 'local'... copying 1 paths... copying path '/tmp/jade/nix-test/ca/eval-store/store/nhmgm87zlqy3ks96dxrn7l37b72azi99-builder-dependencies-input-1.sh' to 'local'... copying 1 paths... copying path '/tmp/jade/nix-test/ca/eval-store/store/nq4qa2j6y8ajqazlfq6h46ck637my1n6-builder-dependencies-input-2.sh' to 'local'... copying 1 paths... copying path '/tmp/jade/nix-test/ca/eval-store/store/6vh0vna9l5afck01y7iaks3hm9ikwqyj-builder-fod-input.sh' to 'local'... building '/tmp/jade/nix-test/ca/eval-store/store/gy91pqymf2nc5v7ld1bad94xpwxdi25s-dependencies-input-0.drv'... building '/tmp/jade/nix-test/ca/eval-store/store/w7wlkjx97ivmnrymkac5av3nyp94hzvq-dependencies-input-1.drv'... ../src/libstore/build/derivation-goal.cc:1556:22: runtime error: reference binding to null pointer of type 'Derivation' 0 0x734ba59a6886 in nix::DerivationGoal::waiteeDone(std::shared_ptr, nix::Goal::ExitCode) /home/jade/lix/lix2/build/src/libstore/build/derivation-goal.cc:1556:12 1 0x734ba59c0962 in nix::Goal::amDone(nix::Goal::ExitCode, std::optional) /home/jade/lix/lix2/build/src/libstore/build/goal.cc:95:25 2 0x734ba5a1c44a in nix::PathSubstitutionGoal::done(nix::Goal::ExitCode, nix::BuildResult::Status, std::optional, std::allocator>>) /home/jade/lix/lix2/build/src/libstore/build/substitution-goal.cc:38:5 3 0x734ba5a1b454 in nix::PathSubstitutionGoal::init() /home/jade/lix/lix2/build/src/libstore/build/substitution-goal.cc:56:9 4 0x734ba5a2a6c6 in nix::Worker::run(std::set, nix::CompareGoalPtrs, std::allocator>> const&) /home/jade/lix/lix2/build/src/libstore/build/worker.cc:320:23 5 0x734ba59b93d8 in nix::Store::buildPathsWithResults(std::vector> const&, nix::BuildMode, std::shared_ptr) /home/jade/lix/lix2/build/src/libstore/build/entry-points.cc:60:12 6 0x734ba663c107 in nix::Installable::build2(nix::ref, nix::ref, nix::Realise, std::vector, std::allocator>> const&, nix::BuildMode) /home/jade/lix/lix2/build/src/libcmd/installables.cc:637:36 Change-Id: Id0e651e480bebf6356733b01bc639e9bb59c7bd0 --- src/libstore/build/derivation-goal.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/libstore') diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc index 97ba994ad..46399b0a8 100644 --- a/src/libstore/build/derivation-goal.cc +++ b/src/libstore/build/derivation-goal.cc @@ -1553,11 +1553,12 @@ void DerivationGoal::waiteeDone(GoalPtr waitee, ExitCode result) Goal::waiteeDone(waitee, result); if (!useDerivation) return; - auto & fullDrv = *dynamic_cast(drv.get()); auto * dg = dynamic_cast(&*waitee); if (!dg) return; + auto & fullDrv = *dynamic_cast(drv.get()); + auto * nodeP = fullDrv.inputDrvs.findSlot(DerivedPath::Opaque { .path = dg->drvPath }); if (!nodeP) return; auto & outputs = nodeP->value; -- cgit v1.2.3