about summary refs log tree commit diff
path: root/src/libstore/local-store.cc
AgeCommit message (Collapse)AuthorFilesLines
2012-07-11 Implement querySubstitutablePathInfos() in the daemonEelco Dolstra1-12/+0
Also removed querySubstitutablePathInfo().
2012-07-06 download-from-binary-cache: parallelise fetching of NAR info filesEelco Dolstra1-20/+40
Getting substitute information using the binary cache substituter has non-trivial latency overhead. A package or NixOS system configuration can have hundreds of dependencies, and in the worst case (when the local info cache is empty) we have to do a separate HTTP request for each of these. If the ping time to the server is t, getting N info files will take tN seconds; e.g., with a ping time of 0.1s to nixos.org, sequentially downloading 1000 info files (a typical NixOS config) will take at least 100 seconds. To fix this problem, the binary cache substituter can now perform requests in parallel. This required changing the substituter interface to support a function querySubstitutablePathInfos() that queries multiple paths at the same time, and rewriting queryMissing() to take advantage of parallelism. (Due to local caching, parallelising queryMissing() is sufficient for most use cases, since it's almost always called before building a derivation and thus fills the local info cache.) For example, parallelism speeds up querying all 1056 paths in a particular NixOS system configuration from 116s to 2.6s. It works so well because the eccentricity of the top-level derivation in the dependency graph is only 9. So we only need 10 round-trips (when using an unlimited number of parallel connections) to get everything. Currently we do a maximum of 150 parallel connections to the server. Thus it's important that the binary cache server (e.g. nixos.org) has a high connection limit. Alternatively we could use HTTP pipelining, but WWW::Curl doesn't support it and libcurl has a hard-coded limit of 5 requests per pipeline.
2012-05-29 Reserve some disk space for the garbage collectorEelco Dolstra1-1/+19
We can't open a SQLite database if the disk is full. Since this prevents the garbage collector from running when it's most needed, we reserve some dummy space that we can free just before doing a garbage collection. This actually revives some old code from the Berkeley DB days. Fixes #27.
2012-04-23 Merge pull request #2 from viric/masterEelco Dolstra1-0/+6
Again, adding the sync option
2012-03-26 Make the garbage collector more concurrentEelco Dolstra1-6/+1
Make the garbage collector more concurrent by deleting valid paths outside the region where we're holding the global GC lock. This should greatly reduce the time during which new builds are blocked, since the deletion accounts for the vast majority of the time spent in the GC. To ensure that this is safe, the valid paths are invalidated and renamed to some arbitrary path while we're holding the lock. This ensures that we when we finally delete the path, it's not a (newly) valid or locked path.
2012-03-22 Fixing the default of sync-before-registeringLluís Batlle i Rossell1-1/+5
Setting 'false' as default, as suggested by Eelco. I also added a comment about the setting in the code.
2012-03-22 Adding a nix option to sync before registering a path, for non-ext*Lluís Batlle i Rossell1-0/+2
filesystems.
2012-03-20 nix-store --clear-failed-paths: Clear derivation outputsEelco Dolstra1-1/+3
If the argument to ‘nix-store --clear-failed-paths’ is a derivation, then clear the failed state of its outputs.
2012-03-05 Restore progress indication during nix-copy-closureEelco Dolstra1-0/+2
2012-03-01 Remove dependency on sqlite3_table_column_metadataEelco Dolstra1-7/+0
Not all SQLite builds have the function sqlite3_table_column_metadata. We were only using it in a schema upgrade check for compatibility with databases that were probably never seen in the wild. So remove it.
2012-02-15 On Linux, make the Nix store really read-only by using the immutable bitEelco Dolstra1-0/+7
I was bitten one time too many by Python modifying the Nix store by creating *.pyc files when run as root. On Linux, we can prevent this by setting the immutable bit on files and directories (as in ‘chattr +i’). This isn't supported by all filesystems, so it's not an error if setting the bit fails. The immutable bit is cleared by the garbage collector before deleting a path. The only tricky aspect is in optimiseStore(), since it's forbidden to create hard links to an immutable file. Thus optimiseStore() temporarily clears the immutable bit before creating the link.
2012-02-15 Fix a broken guard around utime()Eelco Dolstra1-2/+5
Because of an outdated check for a timestamp of 0, we were calling utime() even when it wasn't necessary.
2011-12-30 * Reject a build if there is a cycle among the outputs. This isEelco Dolstra1-0/+8
necessary because existing code assumes that the references graph is acyclic.
2011-12-16 * Sync with the trunk.Eelco Dolstra1-20/+46
2011-12-16 * importPath() -> importPaths(). Because of buffering of the inputEelco Dolstra1-2/+15
stream it's now necessary for the daemon to process the entire sequence of exported paths, rather than letting the client do it.
2011-12-16 * Make the import operation through the daemon much more efficientEelco Dolstra1-3/+4
(way fewer roundtrips) by allowing the client to send data in bigger chunks. * Some refactoring.
2011-12-15 * Refactoring: move sink/source buffering into separate classes.Eelco Dolstra1-6/+3
* Buffer the HashSink. This speeds up hashing a bit because it prevents lots of calls to the hash update functions (e.g. nix-hash went from 9.3s to 8.7s of user time on the closure of my /var/run/current-system).
2011-12-05 * Remove unnecessary quotes. showPaths() already adds quotes.Eelco Dolstra1-1/+1
2011-12-02 * In ‘nix-store --verify --check-contents’, repair missing hashesEelco Dolstra1-4/+20
rather than complain about them.
2011-11-23 * Add an API function exportPaths() that provides the functionality ofEelco Dolstra1-1/+1
‘nix-store --export’. * Add a Perl module that provides the functionality of ‘nix-copy-closure --to’. This is used by build-remote.pl so it no longer needs to start a separate nix-copy-closure process. Also, it uses the Perl API to do the export, so it doesn't need to start a separate nix-store process either. As a result, nix-copy-closure and build-remote.pl should no longer fail on very large closures due to an "Argument list too long" error. (Note that having very many dependencies in a single derivation can still fail because the environment can become too large. Can't be helped though.)
2011-11-07 * Boldly make SQLite WAL mode the default again. Hopefully theEelco Dolstra1-4/+3
intermittent problems are gone by now. WAL mode is preferrable because it does way fewer fsyncs.
2011-11-06 Include all outputs of derivations in the closure of explicitly-passed ↵Shea Levy1-0/+22
derivation paths This required adding a queryOutputDerivationNames function in the store API
2011-09-12 * Ouch. A store upgrade could cause a substituter to be triggered,Eelco Dolstra1-3/+3
causing a deadlock.
2011-08-31 * Eliminate all uses of the global variable ‘store’ from libstore.Eelco Dolstra1-1/+1
This should also fix: nix-instantiate: ./../boost/shared_ptr.hpp:254: T* boost::shared_ptr<T>::operator->() const [with T = nix::StoreAPI]: Assertion `px != 0' failed. which was caused by hashDerivationModulo() calling the ‘store’ object (during store upgrades) before openStore() assigned it.
2011-07-20 * Fix a huuuuge security hole in the Nix daemon. It didn't check thatEelco Dolstra1-0/+51
derivations added to the store by clients have "correct" output paths (meaning that the output paths are computed by hashing the derivation according to a certain algorithm). This means that a malicious user could craft a special .drv file to build *any* desired path in the store with any desired contents (so long as the path doesn't already exist). Then the attacker just needs to wait for a victim to come along and install the compromised path. For instance, if Alice (the attacker) knows that the latest Firefox derivation in Nixpkgs produces the path /nix/store/1a5nyfd4ajxbyy97r1fslhgrv70gj8a7-firefox-5.0.1 then (provided this path doesn't already exist) she can craft a .drv file that creates that path (i.e., has it as one of its outputs), add it to the store using "nix-store --add", and build it with "nix-store -r". So the fake .drv could write a Trojan to the Firefox path. Then, if user Bob (the victim) comes along and does $ nix-env -i firefox $ firefox he executes the Trojan injected by Alice. The fix is to have the Nix daemon verify that derivation outputs are correct (in addValidPath()). This required some refactoring to move the hash computation code to libstore.
2010-12-17 * Do a short sleep after SQLITE_BUSY.Eelco Dolstra1-0/+11
2010-12-14 * I forgot to catch SQLiteBusy in registerValidPaths(). SoEelco Dolstra1-38/+31
registerValidPaths() now handles busy errors and registerValidPath() is simply a wrapper around it.
2010-12-13 * Create /nix/var/nix/db if it's missing.Eelco Dolstra1-0/+1
2010-12-08 * Ignore the result of sqlite3_reset().Eelco Dolstra1-3/+4
2010-12-06 * `nix-store --verify --check-contents': don't hold the global GC lockEelco Dolstra1-11/+46
while checking the contents, since this operation can take a very long time to finish. Also, fill in missing narSize fields in the DB while doing this.
2010-12-05 * Retry a transaction if SQLite returns SQLITE_BUSY. This can happenEelco Dolstra1-61/+83
even with a very long busy timeout, because SQLITE_BUSY is also returned to resolve deadlocks. This should get rid of random "database is locked" errors. This is kind of hard to test though. * Fix a horrible bug in deleteFromStore(): deletePathWrapped() should be called after committing the transaction, not before, because the commit might not succeed.
2010-11-17 * Before a build, show the disk space that the downloaded store pathsEelco Dolstra1-0/+1
will approximately require.
2010-11-17 * Add an operation `nix-store -q --size'.Eelco Dolstra1-2/+12
2010-11-16 * Store the size of a store path in the database (to be precise, theEelco Dolstra1-26/+46
size of the NAR serialisation of the path, i.e., `nix-store --dump PATH'). This is useful for Hydra.
2010-10-14 * Wrap deleteFromStore() in a transaction. Otherwise there might be aEelco Dolstra1-5/+8
race with other processes that add new referrers to a path, resulting in the garbage collector crashing with "foreign key constraint failed". (Nix/4) * Make --gc --print-dead etc. interruptible.
2010-09-01 * Only do "pragma journal_mode = ..." if the current journal modeEelco Dolstra1-1/+10
differs from the desired mode. There is an open SQLite ticket `Executing "PRAGMA journal_mode" may delete journal file while it is in use.'
2010-08-31 `nix-store --verify' improvements:Eelco Dolstra1-16/+53
* If a path has disappeared, check its referrers first, and don't try to invalidate paths that have valid referrers. Otherwise we get a foreign key constraint violation. * Read the whole Nix store directory instead of statting each valid path, which is slower. * Acquire the global GC lock.
2010-08-24 * Don't complain if the stored hash of a path is zero (unknown).Eelco Dolstra1-2/+3
2010-08-04 * Use SQLite 3.7.0's write-ahead logging (WAL mode). This is a lotEelco Dolstra1-2/+12
faster than the old mode when fsyncs are enabled, because it only performs an fsync() when doing a checkpoint, rather than at every commit. Some timings for doing a "nix-instantiate /etc/nixos/nixos -A system" after modifying the stdenv setup script: 42.5s - SQLite 3.6.23 with truncate mode and fsync 3.4s - SQLite 3.6.23 with truncate mode and no fsync 32.1s - SQLite 3.7.0 with truncate mode and fsync 16.8s - SQLite 3.7.0 with WAL mode and fsync, auto-checkpoint every 1000 pages 8.3s - SQLite 3.7.0 with WAL mode and fsync, auto-checkpoint every 8192 pages 1.7s - SQLite 3.7.0 with WAL mode and no fsync The default is now to use WAL mode with fsyncs. Because WAL doesn't work on remote filesystems such as NFS (as it uses shared memory), truncate mode can be re-enabled by setting the "use-sqlite-wal" option to false.
2010-06-21 * Okay, putting a lock on the temporary directory used by importPath()Eelco Dolstra1-6/+18
doesn't work because the garbage collector doesn't actually look at locks. So r22253 was stupid. Use addTempRoot() instead. Also, locking the temporary directory in exportPath() was silly because it isn't even in the store.
2010-06-21 * Sync with the trunk.Eelco Dolstra1-0/+4
2010-06-14 * In importPath() and exportPath(), lock the temporary directory toEelco Dolstra1-0/+4
prevent it from being deleted by the garbage collector.
2010-06-08 * Replacing ValidPath rows doesn't work because it causes a constraintEelco Dolstra1-2/+5
violation of the Refs table. So don't do that.
2010-05-12 * Sync with the trunk.Eelco Dolstra1-4/+1
2010-04-26 * Added a command `nix-store --clear-failed-paths <PATHS>' to clearEelco Dolstra1-0/+17
the "failed" status of the given store paths. The special value `*' clears all failed paths.
2010-04-26 * Add an command `nix-store --query-failed-paths' to list the cachedEelco Dolstra1-0/+21
failed paths (when using the `build-cache-failure' option).
2010-04-19 * Don't use the ATerm library for parsing/printing .drv files.Eelco Dolstra1-2/+0
2010-03-10 * Remove a debug statement.Eelco Dolstra1-1/+0
2010-03-09 * In `nix-store --export', abort if the contents of a path hasEelco Dolstra1-6/+17
changed. This prevents corrupt paths from spreading to other machines. Note that checking the hash is cheap because we're hashing anyway (because of the --sign feature).
2010-03-08 * Increase the sqlite timeout.Eelco Dolstra1-1/+1