about summary refs log tree commit diff
path: root/src/libexpr
AgeCommit message (Collapse)AuthorFilesLines
2020-01-04 EvalState::callFunction(): Make FunctionCallTrace use less stack spaceEelco Dolstra1-4/+3
The FunctionCallTrace object consumes a few hundred bytes of stack space, even when tracing is disabled. This was causing stack overflows: $ nix-instantiate '<nixpkgs> -A texlive.combined.scheme-full --dry-run error: stack overflow (possible infinite recursion) This is with the default stack size of 8 MiB. Putting the object on the heap reduces stack usage to < 5 MiB. (cherry picked from commit 98ef11677c43db9aa669768d9f0cbec704e8831c)
2019-10-09 Don't catch exceptions by valueEelco Dolstra2-3/+3
(cherry picked from commit 893be6f5e36abb58bbaa9c49055a5218114dd514) (cherry picked from commit bd79c1f6f6391786772a8a79962abe22f374cca4)
2019-10-09 Fix fetchTarball with chroot storesEelco Dolstra1-3/+3
Fixes #2405. (cherry picked from commit 168a8879165dd0deab1a93d343a6003146f37031)
2019-08-14 Track function start and ends for flame graphsGraham Christensen3-2/+34
With this patch, and this file I called `log.py`: #!/usr/bin/env nix-shell #!nix-shell -i python3 -p python3 --pure import sys from pprint import pprint stack = [] timestack = [] for line in open(sys.argv[1]): components = line.strip().split(" ", 2) if components[0] != "function-trace": continue direction = components[1] components = components[2].rsplit(" ", 2) loc = components[0] _at = components[1] time = int(components[2]) if direction == "entered": stack.append(loc) timestack.append(time) elif direction == "exited": dur = time - timestack.pop() vst = ";".join(stack) print(f"{vst} {dur}") stack.pop() and: nix-instantiate --trace-function-calls -vvvv ../nixpkgs/pkgs/top-level/release.nix -A unstable > log.matthewbauer 2>&1 ./log.py ./log.matthewbauer > log.matthewbauer.folded flamegraph.pl --title matthewbauer-post-pr log.matthewbauer.folded > log.matthewbauer.folded.svg I can make flame graphs like: http://gsc.io/log.matthewbauer.folded.svg --- Includes test cases around function call failures and tryEval. Uses RAII so the finish is always called at the end of the function.
2019-07-30 Allow builtins.pathExists to check the existence of /nix/store pathsBas van Dijk1-2/+8
This makes it consitent with builtins.readDir.
2019-07-02 Merge pull request #2582 from LnL7/fetchgit-refsEelco Dolstra1-1/+5
fetchGit: allow fetching explicit refs
2019-06-24 Fix 32-bit overflow with --no-netEelco Dolstra2-9/+6
--no-net causes tarballTtl to be set to the largest 32-bit integer, which causes comparison like 'time + tarballTtl < other_time' to fail on 32-bit systems. So cast them to 64-bit first. https://hydra.nixos.org/build/95076624 (cherry picked from commit 29ccb2e9697ee2184012dd13854e487928ae4441)
2019-06-24 Refactor downloadCached() interfaceEelco Dolstra3-15/+19
(cherry picked from commit df3f5a78d5ab0a1f2dc9d288b271b38a9b8b33b5)
2019-06-24 CachedDownloadResult: Include store pathEelco Dolstra2-2/+2
Also, make fetchGit and fetchMercurial update allowedPaths properly. (Maybe the evaluator, rather than the caller of the evaluator, should apply toRealPath(), but that's a bigger change.) (cherry picked from commit 5c34d665386f4053d666b0899ecca0639e500fbd)
2019-06-24 downloadCached: Return ETagEelco Dolstra3-3/+3
(cherry picked from commit 529add316c5356a8060c35f987643b7bf5c796dc)
2019-06-24 Fix abort in fromTOMLEelco Dolstra1-0/+13
Fixes #2969.
2019-05-28 Iterate over referencesEelco Dolstra1-6/+6
2019-05-28 Merge branch 'attrPaths' of https://github.com/NinjaTrappeur/nixEelco Dolstra1-3/+23
2019-05-03 Add builtins.hashFileDaniel Schaefer1-0/+15
For text files it is possible to do it like so: `builtins.hashString "sha256" (builtins.readFile /tmp/a)` but that doesn't work for binary files. With builtins.hashFile any kind of file can be conveniently hashed.
2019-04-11 Add environment variable NIX_SHOW_SYMBOLS for dumping the symbol tableEelco Dolstra2-0/+13
2019-03-27 Fix Bison 3.3 warningEelco Dolstra1-1/+1
2019-03-24 Add isPath primopzimbatm1-0/+7
this is added for completeness' sake since all the other possible `builtins.typeOf` results have a corresponding `builtins.is<Type>`
2019-03-21 eval: improve type description for primops and applied primopsLinus Heckemann1-2/+14
This can make type errors a little easier to understand.
2019-03-14 pkg-config files: Use c++17Eelco Dolstra1-1/+1
2019-03-14 experimental/optional -> optionalEelco Dolstra5-6/+6
2019-01-31 Add builtins.appendContext.Shea Levy1-2/+57
A partner of builtins.getContext, useful for the same reasons.
2019-01-14 Add builtins.getContext.Shea Levy3-38/+135
This can be very helpful when debugging, as well as enabling complex black magic like surgically removing a single dependency from a string's context.
2019-01-13 Treat plain derivation paths in context as normal paths.Shea Levy1-17/+3
Previously, plain derivation paths in the string context (e.g. those that arose from builtins.storePath on a drv file, not those that arose from accessing .drvPath of a derivation) were treated somewhat like derivaiton paths derived from .drvPath, except their dependencies weren't recursively added to the input set. With this change, such plain derivation paths are simply treated as paths and added to the source inputs set accordingly, simplifying context handling code and removing the inconsistency. If drvPath-like behavior is desired, the .drv file can be imported and then .drvPath can be accessed. This is a backwards-incompatibility, but storePath is never used on drv files within nixpkgs and almost never used elsewhere.
2019-01-10 Merge pull request #2608 from dtzWill/fix/issue-2546Eelco Dolstra1-0/+1
EvalState::resetFileCache: clear parse cache as well as eval cache
2019-01-05 Remove mentions of `libformat`, it no longer existsJohn Ericson1-1/+1
2018-12-31 EvalState::resetFileCache: clear parse cache as well as eval cacheWill Dietz1-0/+1
Fixes #2546. (at least the basic reproduction I've been testing)
2018-12-14 fetchGit: allow fetching explicit refsDaiderd Jordan1-1/+5
Trying to fetch refs that are not in refs/heads currently fails because it looks for refs/heads/refs/foo instead of refs/foo. eg. builtins.fetchGit { url = https://github.com/NixOS/nixpkgs.git; ref = "refs/pull/1024/head; }
2018-12-13 Support SRI hashesEelco Dolstra1-6/+4
SRI hashes (https://www.w3.org/TR/SRI/) combine the hash algorithm and a base-64 hash. This allows more concise and standard hash specifications. For example, instead of import <nix/fetchurl.nl> { url = https://nixos.org/releases/nix/nix-2.1.3/nix-2.1.3.tar.xz; sha256 = "5d22dad058d5c800d65a115f919da22938c50dd6ba98c5e3a183172d149840a4"; }; you can write import <nix/fetchurl.nl> { url = https://nixos.org/releases/nix/nix-2.1.3/nix-2.1.3.tar.xz; hash = "sha256-XSLa0FjVyADWWhFfkZ2iKTjFDda6mMXjoYMXLRSYQKQ="; }; In fixed-output derivations, the outputHashAlgo is no longer mandatory if outputHash specifies the hash (either as an SRI or in the old "<type>:<hash>" format). 'nix hash-{file,path}' now print hashes in SRI format by default. I also reverted them to use SHA-256 by default because that's what we're using most of the time in Nixpkgs. Suggested by @zimbatm.
2018-12-06 Solve hg "abandoned transaction" issueCHEIKH Chawki1-1/+16
2018-11-20 fetchGit: Drop unnecessary localRefEelco Dolstra1-4/+4
2018-11-20 Merge branch 'better-git-cache' of https://github.com/graham-at-target/nixEelco Dolstra1-1/+3
2018-10-31 Fix typo in commentsJan Path1-1/+1
2018-10-27 simplify handling of extra '}'Guillaume Maudoux1-18/+15
2018-09-13 Merge branch 'dirOf-relative' of https://github.com/lheckemann/nixEelco Dolstra1-1/+1
2018-09-05 Convert NIX_COUNT_CALLS to JSON tooEelco Dolstra1-35/+41
2018-09-05 Log stats to stderrEelco Dolstra1-7/+2
We shouldn't pollute stdout.
2018-09-02 remove the old text format outputMichael Bishop1-34/+4
2018-09-01 add JSON to NIX_SHOW_STATSMichael Bishop1-24/+90
2018-09-01 improve the stats when profilingMichael Bishop1-7/+8
2018-09-01 fetchGit/fetchMercurial: Don't absolutize pathsEelco Dolstra2-4/+0
This is already done by coerceToString(), provided that the argument is a path (e.g. 'fetchGit ./bla'). It fixes the handling of URLs like git@github.com:owner/repo.git. It breaks 'fetchGit "./bla"', but that was never intended to work anyway and is inconsistent with other builtin functions (e.g. 'readFile "./bla"' fails).
2018-08-29 libexpr: Use int64_t for NixIntaszlig2-3/+7
Using a 64bit integer on 32bit systems will come with a bit of a performance overhead, but given that Nix doesn't use a lot of integers compared to other types, I think the overhead is negligible also considering that 32bit systems are in decline. The biggest advantage however is that when we use a consistent integer size across all platforms it's less likely that we miss things that we break due to that. One example would be: https://github.com/NixOS/nixpkgs/pull/44233 On Hydra it will evaluate, because the evaluator runs on a 64bit machine, but when evaluating the same on a 32bit machine it will fail, so using 64bit integers should make that consistent. While the change of the type in value.hh is rather easy to do, we have a few more options available for doing the conversion in the lexer: * Via an #ifdef on the architecture and using strtol() or strtoll() accordingly depending on which architecture we are. For the #ifdef we would need another AX_COMPILE_CHECK_SIZEOF in configure.ac. * Using istringstream, which would involve copying the value. * As we're already using boost, lexical_cast might be a good idea. Spoiler: I went for the latter, first of all because lexical_cast does have an overload for const char* and second of all, because it doesn't involve copying around the input string. Also, because istringstream seems to come with a bigger overhead than boost::lexical_cast: https://www.boost.org/doc/libs/release/doc/html/boost_lexical_cast/performance.html The first method (still using strtol/strtoll) also wasn't something I pursued further, because it is also locale-aware which I doubt is what we want, given that the regex for int is [0-9]+. Signed-off-by: aszlig <aszlig@nix.build> Fixes: #2339
2018-08-23 Revert "Fix parser/lexer generation with parallel make"Eelco Dolstra1-6/+2
This reverts commit d277442df53a01343ba7c1df0bbd2a294058dcba. Make sucks.
2018-08-19 FIx floating point evaluationEelco Dolstra1-0/+9
Fixes #2361.
2018-08-17 fetchGit: use a better caching schemeGraham Christensen1-1/+3
The current usage technically works by putting multiple different repos in to the same git directory. However, it is very slow as Git tries very hard to find common commits between the two repositories. If the two repositories are large (like Nixpkgs and another long-running project,) it is maddeningly slow. This change busts the cache for existing deployments, but users will be promptly repaid in per-repository performance.
2018-08-17 Fix parser/lexer generation with parallel makeEelco Dolstra1-2/+6
Fun fact: rules with multiple targets don't work properly with 'make -j'. For example, a rule like a b: c touch a b is equivalent to a: c touch a b b: c touch a b so with 'make -j', the 'touch' command will be run twice. See e.g. https://stackoverflow.com/questions/2973445/gnu-makefile-rule-generating-a-few-targets-from-a-single-source-file.
2018-08-13 dirOf: allow use on non-absolute pathsLinus Heckemann1-1/+1
2018-08-03 Merge pull request #2326 from aszlig/fix-symlink-leakEelco Dolstra1-4/+10
Fix symlink leak in restricted eval mode
2018-08-03 Fix symlink leak in restricted eval modeaszlig1-4/+10
In EvalState::checkSourcePath, the path is checked against the list of allowed paths first and later it's checked again *after* resolving symlinks. The resolving of the symlinks is done via canonPath, which also strips out "../" and "./". However after the canonicalisation the error message pointing out that the path is not allowed prints the symlink target in the error message. Even if we'd suppress the message, symlink targets could still be leaked if the symlink target doesn't exist (in this case the error is thrown in canonPath). So instead, we now do canonPath() without symlink resolving first before even checking against the list of allowed paths and then later do the symlink resolving and checking the allowed paths again. The first call to canonPath() should get rid of all the "../" and "./", so in theory the only way to leak a symlink if the attacker is able to put a symlink in one of the paths allowed by restricted evaluation mode. For the latter I don't think this is part of the threat model, because if the attacker can write to that path, the attack vector is even larger. Signed-off-by: aszlig <aszlig@nix.build>
2018-07-31 Merge branch 'prim_mapAttr-fix' of https://github.com/volth/nixEelco Dolstra2-8/+3
2018-07-23 Merge pull request #2303 from volth/patch-4Eelco Dolstra1-2/+2
parser.y: fix assoc of -> and < > <= >=