about summary refs log tree commit diff
path: root/src/libstore/build.cc
AgeCommit message (Collapse)AuthorFilesLines
2014-11-17 Fix messageEelco Dolstra1-1/+1
2014-11-14 Don't use ADDR_LIMIT_3GBEelco Dolstra1-1/+1
This gives 32-bit builds on x86_64-linux more memory.
2014-11-12 Make ~DerivationGoal more reliableEelco Dolstra1-7/+3
2014-10-29 Remove comments claiming we use a private PID namespaceEelco Dolstra1-8/+1
This is no longer the case since 524f89f1399724e596f61faba2c6861b1bb7b9c5.
2014-09-17 On Linux, disable address space randomizationEelco Dolstra1-5/+9
2014-09-17 Settings: Add bool get()Eelco Dolstra1-2/+2
2014-08-28 Add disallowedReferences / disallowedRequisitesEelco Dolstra1-26/+29
For the "stdenv accidentally referring to bootstrap-tools", it seems easier to specify the path that we don't want to depend on, e.g. disallowedRequisites = [ bootstrapTools ];
2014-08-28 Introduce allowedRequisites featureGergely Risko1-1/+18
2014-08-21 fix disappearing bash argumentsJoel Taylor1-2/+7
2014-08-21 Use unshare() instead of clone()Eelco Dolstra1-55/+35
It turns out that using clone() to start a child process is unsafe in a multithreaded program. It can cause the initialisation of a build child process to hang in setgroups(), as seen several times in the build farm: The reason is that Glibc thinks that the other threads of the parent exist in the child, so in setxid_mark_thread() it tries to get a futex that has been acquired by another thread just before the clone(). With fork(), Glibc runs pthread_atfork() handlers that take care of this (in particular, __reclaim_stacks()). But clone() doesn't do that. Fortunately, we can use fork()+unshare() instead of clone() to set up private namespaces. See also https://www.mail-archive.com/lxc-devel@lists.linuxcontainers.org/msg03434.html.
2014-08-20 Use proper quotes everywhereEelco Dolstra1-87/+87
2014-08-20 Add some colorEelco Dolstra1-37/+1
2014-08-20 Filter Nix-specific ANSI escape sequences from stderrEelco Dolstra1-1/+37
The Nixpkgs stdenv prints some custom escape sequences to denote nesting and stuff like that. Most terminals (e.g. xterm, konsole) ignore them, but some do not (e.g. xfce4-terminal). So for the benefit of the latter, filter them out.
2014-08-19 Make hook shutdown more reliableEelco Dolstra1-1/+1
2014-08-18 DohEelco Dolstra1-4/+1
2014-08-17 Reduce verbosityEelco Dolstra1-1/+2
2014-08-17 Propagate remote timeouts properlyEelco Dolstra1-21/+33
2014-08-04 RefactorEelco Dolstra1-2/+2
2014-08-04 Add option ‘build-extra-chroot-dirs’Eelco Dolstra1-4/+7
This is useful for extending (rather than overriding) the default set of chroot paths.
2014-08-04 Get rid of "killing <pid>" message for unused build hooksEelco Dolstra1-1/+1
2014-08-01 Remove ugly hack for detecting build environment setup errorsEelco Dolstra1-13/+10
2014-08-01 Call commonChildInit() before doing chroot initEelco Dolstra1-4/+6
This ensures that daemon clients see error messages from the chroot setup.
2014-07-31 Restore default SIGPIPE handler before invoking ‘man’Eelco Dolstra1-12/+0
Fixes NixOS/nixpkgs#3410.
2014-07-19 Revert old useBuildHook behaviourEelco Dolstra1-1/+1
2014-07-11 Allow $NIX_BUILD_HOOK to be relative to Nix libexec directoryEelco Dolstra1-2/+4
2014-07-10 Remove tabsEelco Dolstra1-3/+3
2014-07-10 Refactoring: Move all fork handling into a higher-order functionEelco Dolstra1-50/+23
C++11 lambdas ftw.
2014-07-10 Remove maybeVforkEelco Dolstra1-2/+2
2014-04-03 Fix compile errors on IllumosDanny Wilson1-0/+1
2014-04-03 Make sure /dev/pts/ptmx is world-writableLudovic Courtès1-0/+4
While running Python 3’s test suite, we noticed that on some systems /dev/pts/ptmx is created with permissions 0 (that’s the case with my Nixpkgs-originating 3.0.43 kernel, but someone with a Debian-originating 3.10-3 reported not having this problem.) There’s still the problem that people without CONFIG_DEVPTS_MULTIPLE_INSTANCES=y are screwed (as noted in build.cc), but I don’t see how we could work around it.
2014-03-30 boost::shared_ptr -> std::shared_ptrEelco Dolstra1-20/+26
2014-03-29 Fix potential segfault in waitForInput()Eelco Dolstra1-3/+5
Since the addition of build-max-log-size, a call to handleChildOutput() can result in cancellation of a goal. This invalidated the "j" iterator in the waitForInput() loop, even though it was still used afterwards. Likewise for the maxSilentTime handling. Probably fixes #231. At least it gets rid of the valgrind warnings.
2014-03-29 restoreSIGPIPE(): Fill in sa_maskEelco Dolstra1-0/+1
Issue #231.
2014-03-21 Make /dev/kvm optionalLudovic Courtès1-1/+4
The daemon now creates /dev deterministically (thanks!). However, it expects /dev/kvm to be present. The patch below restricts that requirement (1) to Linux-based systems, and (2) to systems where /dev/kvm already exists. I’m not sure about the way to handle (2). We could special-case /dev/kvm and create it (instead of bind-mounting it) in the chroot, so it’s always available; however, it wouldn’t help much since most likely, if /dev/kvm missing, then KVM support is missing.
2014-02-27 Set up a private /dev/pts in the chrootEelco Dolstra1-1/+14
2014-02-27 Set up a minimal /dev in chrootsEelco Dolstra1-3/+22
Not bind-mounting the /dev from the host also solves the problem with /dev/shm being a symlink to something not in the chroot.
2014-02-27 Fix deadlock in SubstitutionGoalEelco Dolstra1-0/+1
We were relying on SubstitutionGoal's destructor releasing the lock, but if a goal is a top-level goal, the destructor won't run in a timely manner since its reference count won't drop to zero. So release it explicitly. Fixes #178.
2014-02-18 Slight simplificationEelco Dolstra1-17/+10
2014-02-18 Add a flag ‘--check’ to verify build determinismEelco Dolstra1-44/+78
The flag ‘--check’ to ‘nix-store -r’ or ‘nix-build’ will cause Nix to redo the build of a derivation whose output paths are already valid. If the new output differs from the original output, an error is printed. This makes it easier to test if a build is deterministic. (Obviously this cannot catch all sources of non-determinism, but it catches the most common one, namely the current time.) For example: $ nix-build '<nixpkgs>' -A patchelf ... $ nix-build '<nixpkgs>' -A patchelf --check error: derivation `/nix/store/1ipvxsdnbhl1rw6siz6x92s7sc8nwkkb-patchelf-0.6' may not be deterministic: hash mismatch in output `/nix/store/4pc1dmw5xkwmc6q3gdc9i5nbjl4dkjpp-patchelf-0.6.drv' The --check build fails if not all outputs are valid. Thus the first call to nix-build is necessary to ensure that all outputs are valid. The current outputs are left untouched: the new outputs are either put in a chroot or diverted to a different location in the store using hash rewriting.
2014-02-17 Make --repair work on DarwinEelco Dolstra1-3/+3
Mac OS X doesn't allow renaming a read-only directory. http://hydra.nixos.org/build/9113895
2014-02-17 RefactoringEelco Dolstra1-29/+36
2014-02-17 When using a build hook, only copy missing pathsEelco Dolstra1-9/+6
2014-02-17 Move some code aroundEelco Dolstra1-92/+82
In particular, do replacing of valid paths during repair later. This prevents us from replacing a valid path after the build fails.
2014-02-17 Heuristically detect if a build may have failed due to a full diskEelco Dolstra1-3/+26
This will allow Hydra to detect that a build should not be marked as "permanently failed", allowing it to be retried later.
2014-01-21 Fix some clang warningsEelco Dolstra1-4/+1
2014-01-08 Fix checking of NAR hashesEelco Dolstra1-0/+1
*headdesk* *headdesk* *headdesk* So since commit 22144afa8d9f8968da351618a1347072a93bd8aa, Nix hasn't actually checked whether the content of a downloaded NAR matches the hash specified in the manifest / NAR info file. Urghhh...
2014-01-06 wordingDomen Kožar1-1/+1
2013-12-05 Print a trace message if a build fails due to the platform being unknownEelco Dolstra1-1/+4
2013-11-14 Remove nix-setuid-helperEelco Dolstra1-141/+26
AFAIK, nobody uses it, it's not maintained, and it has no tests.
2013-09-02 Only show trace messages when tracing is enabledEelco Dolstra1-4/+3