about summary refs log tree commit diff
path: root/src/libexpr
AgeCommit message (Collapse)AuthorFilesLines
2018-12-13 Support SRI hashesEelco Dolstra1-6/+4
SRI hashes (https://www.w3.org/TR/SRI/) combine the hash algorithm and a base-64 hash. This allows more concise and standard hash specifications. For example, instead of import <nix/fetchurl.nl> { url = https://nixos.org/releases/nix/nix-2.1.3/nix-2.1.3.tar.xz; sha256 = "5d22dad058d5c800d65a115f919da22938c50dd6ba98c5e3a183172d149840a4"; }; you can write import <nix/fetchurl.nl> { url = https://nixos.org/releases/nix/nix-2.1.3/nix-2.1.3.tar.xz; hash = "sha256-XSLa0FjVyADWWhFfkZ2iKTjFDda6mMXjoYMXLRSYQKQ="; }; In fixed-output derivations, the outputHashAlgo is no longer mandatory if outputHash specifies the hash (either as an SRI or in the old "<type>:<hash>" format). 'nix hash-{file,path}' now print hashes in SRI format by default. I also reverted them to use SHA-256 by default because that's what we're using most of the time in Nixpkgs. Suggested by @zimbatm.
2018-12-06 Solve hg "abandoned transaction" issueCHEIKH Chawki1-1/+16
2018-11-20 fetchGit: Drop unnecessary localRefEelco Dolstra1-4/+4
2018-11-20 Merge branch 'better-git-cache' of https://github.com/graham-at-target/nixEelco Dolstra1-1/+3
2018-10-31 Fix typo in commentsJan Path1-1/+1
2018-10-27 simplify handling of extra '}'Guillaume Maudoux1-18/+15
2018-09-13 Merge branch 'dirOf-relative' of https://github.com/lheckemann/nixEelco Dolstra1-1/+1
2018-09-05 Convert NIX_COUNT_CALLS to JSON tooEelco Dolstra1-35/+41
2018-09-05 Log stats to stderrEelco Dolstra1-7/+2
We shouldn't pollute stdout.
2018-09-02 remove the old text format outputMichael Bishop1-34/+4
2018-09-01 add JSON to NIX_SHOW_STATSMichael Bishop1-24/+90
2018-09-01 improve the stats when profilingMichael Bishop1-7/+8
2018-09-01 fetchGit/fetchMercurial: Don't absolutize pathsEelco Dolstra2-4/+0
This is already done by coerceToString(), provided that the argument is a path (e.g. 'fetchGit ./bla'). It fixes the handling of URLs like git@github.com:owner/repo.git. It breaks 'fetchGit "./bla"', but that was never intended to work anyway and is inconsistent with other builtin functions (e.g. 'readFile "./bla"' fails).
2018-08-29 libexpr: Use int64_t for NixIntaszlig2-3/+7
Using a 64bit integer on 32bit systems will come with a bit of a performance overhead, but given that Nix doesn't use a lot of integers compared to other types, I think the overhead is negligible also considering that 32bit systems are in decline. The biggest advantage however is that when we use a consistent integer size across all platforms it's less likely that we miss things that we break due to that. One example would be: https://github.com/NixOS/nixpkgs/pull/44233 On Hydra it will evaluate, because the evaluator runs on a 64bit machine, but when evaluating the same on a 32bit machine it will fail, so using 64bit integers should make that consistent. While the change of the type in value.hh is rather easy to do, we have a few more options available for doing the conversion in the lexer: * Via an #ifdef on the architecture and using strtol() or strtoll() accordingly depending on which architecture we are. For the #ifdef we would need another AX_COMPILE_CHECK_SIZEOF in configure.ac. * Using istringstream, which would involve copying the value. * As we're already using boost, lexical_cast might be a good idea. Spoiler: I went for the latter, first of all because lexical_cast does have an overload for const char* and second of all, because it doesn't involve copying around the input string. Also, because istringstream seems to come with a bigger overhead than boost::lexical_cast: https://www.boost.org/doc/libs/release/doc/html/boost_lexical_cast/performance.html The first method (still using strtol/strtoll) also wasn't something I pursued further, because it is also locale-aware which I doubt is what we want, given that the regex for int is [0-9]+. Signed-off-by: aszlig <aszlig@nix.build> Fixes: #2339
2018-08-23 Revert "Fix parser/lexer generation with parallel make"Eelco Dolstra1-6/+2
This reverts commit d277442df53a01343ba7c1df0bbd2a294058dcba. Make sucks.
2018-08-19 FIx floating point evaluationEelco Dolstra1-0/+9
Fixes #2361.
2018-08-17 fetchGit: use a better caching schemeGraham Christensen1-1/+3
The current usage technically works by putting multiple different repos in to the same git directory. However, it is very slow as Git tries very hard to find common commits between the two repositories. If the two repositories are large (like Nixpkgs and another long-running project,) it is maddeningly slow. This change busts the cache for existing deployments, but users will be promptly repaid in per-repository performance.
2018-08-17 Fix parser/lexer generation with parallel makeEelco Dolstra1-2/+6
Fun fact: rules with multiple targets don't work properly with 'make -j'. For example, a rule like a b: c touch a b is equivalent to a: c touch a b b: c touch a b so with 'make -j', the 'touch' command will be run twice. See e.g. https://stackoverflow.com/questions/2973445/gnu-makefile-rule-generating-a-few-targets-from-a-single-source-file.
2018-08-13 dirOf: allow use on non-absolute pathsLinus Heckemann1-1/+1
2018-08-03 Merge pull request #2326 from aszlig/fix-symlink-leakEelco Dolstra1-4/+10
Fix symlink leak in restricted eval mode
2018-08-03 Fix symlink leak in restricted eval modeaszlig1-4/+10
In EvalState::checkSourcePath, the path is checked against the list of allowed paths first and later it's checked again *after* resolving symlinks. The resolving of the symlinks is done via canonPath, which also strips out "../" and "./". However after the canonicalisation the error message pointing out that the path is not allowed prints the symlink target in the error message. Even if we'd suppress the message, symlink targets could still be leaked if the symlink target doesn't exist (in this case the error is thrown in canonPath). So instead, we now do canonPath() without symlink resolving first before even checking against the list of allowed paths and then later do the symlink resolving and checking the allowed paths again. The first call to canonPath() should get rid of all the "../" and "./", so in theory the only way to leak a symlink if the attacker is able to put a symlink in one of the paths allowed by restricted evaluation mode. For the latter I don't think this is part of the threat model, because if the attacker can write to that path, the attack vector is even larger. Signed-off-by: aszlig <aszlig@nix.build>
2018-07-31 Merge branch 'prim_mapAttr-fix' of https://github.com/volth/nixEelco Dolstra2-8/+3
2018-07-23 Merge pull request #2303 from volth/patch-4Eelco Dolstra1-2/+2
parser.y: fix assoc of -> and < > <= >=
2018-07-23 parser.y: right-associativity of ->volth1-1/+1
2018-07-21 parser.y: fix assoc of -> and < > <= >=volth1-2/+2
The parser allowed senseless `a > b > c` but disallowed `a -> b -> c` which seems valid It might be a typo
2018-07-21 prim_foldlStrict: call forceValue() before value is copiedvolth1-6/+7
forceValue() were called after a value is copied effectively forcing only one of the copies keeping another copy not evaluated. This resulted in its evaluation of the same lazy value more than once (the number of hits is not big though)
2018-07-11 Fix build on 32-bit systems and macOSEelco Dolstra1-1/+1
Apparently, on macOS, 'long' != 'int64_t'. https://hydra.nixos.org/build/77100756
2018-07-11 Shup up a warningEelco Dolstra1-1/+1
2018-07-11 Remove unused function printStats2()Eelco Dolstra2-15/+0
Closes #2282.
2018-07-07 prim_map, prim_genList: no need to force function argument which will be ↵volth1-2/+0
stored in mkApp
2018-07-06 prim_mapAttrs: `f' must be evaluated lazily to avoid infinite recursionvolth2-6/+3
2018-07-05 prim_concatMap: no need to force valuevolth1-1/+0
2018-07-05 prim_mapAttrs: must be lazy to avoid infinite recursionvolth1-4/+5
2018-07-05 prim_concatMap: allocate intermediate list on stackvolth1-7/+15
2018-07-05 primops.cc: fix commentvolth1-1/+1
2018-07-05 lib.concatMap and lib.mapAttrs to be builtinsvolth1-0/+42
2018-07-03 Include cpptoml for build simplicityEelco Dolstra1-1/+1
2018-07-03 Add a fromTOML primopEelco Dolstra1-0/+77
This is primarily useful for processing Cargo.lock files.
2018-07-03 Store floating point numbers in double precisionEelco Dolstra1-1/+1
Even on 32-bit systems, Value has enough space to hold a double.
2018-06-12 GC_malloc -> GC_MALLOCEelco Dolstra2-9/+3
This makes it possible to build with -DGC_DEBUG.
2018-06-12 Don't scan for roots in dynamic librariesEelco Dolstra1-0/+7
This reduces the risk of object liveness misdetection. For example, Glibc has an internal variable "mp_" that often points to a Boehm object, keeping it alive unnecessarily. Since we don't store any actual roots in global variables, we can just disable data segment scanning. With this, the max RSS doing 100 evaluations of nixos.tests.firefox.x86_64-linux.drvPath went from 718 MiB to 455 MiB.
2018-06-12 Add temporary statsEelco Dolstra2-1/+28
2018-06-12 Cache parse treesEelco Dolstra2-2/+19
This prevents EvalState::resetFileCache() from parsing everything all over again.
2018-06-12 Remove duplicate definition of allocBytes()Eelco Dolstra3-29/+15
2018-05-30 Fix static assertion failure on 32-bit systemsEelco Dolstra1-1/+1
2018-05-30 Move evaluator-specific settings out of libstoreEelco Dolstra5-14/+41
2018-05-28 Merge pull request #2187 from bgamari/stoi-exceptionsEelco Dolstra1-1/+1
json-to-value: Use strtol instead of strtoi
2018-05-26 json-to-value: Use strtol instead of strtoiBen Gamari1-1/+1
NixInt is long, so strtoi is too restrictive.
2018-05-26 eval.cc: add message to static_assert, message can be omitted w/c++17Will Dietz1-1/+1
2018-05-24 Merge pull request #2157 from volth/bitwiseEelco Dolstra1-0/+17
add builtins: __bitAnd, __bitOr, __bitXor