Age | Commit message (Collapse) | Author | Files | Lines |
|
This is UB, even if the size is 0. See #1976.
Fixes #1976.
|
|
|
|
Note that this only requires headers from boost so it doesn't add a
runtime dependency.
Also, use Nixpkgs 18.03.
|
|
nix search: tests and fix #1893 and part of #1892
|
|
|
|
|
|
|
|
It was holding on to a Value* (i.e. a std::shared_ptr<ValidPathInfo>*)
outside of the pathInfoCache lock, so the std::shared_ptr could be
destroyed between the release of the lock and the decrement of the
std::shared_ptr refcount. This can happen if more than
'path-info-cache-size' paths are added in the meantime, *or* if
clearPathInfoCache() is called. The hydra-queue-runner queue monitor
thread periodically calls the later, so is likely to trigger a crash.
Fixes https://github.com/NixOS/hydra/issues/542.
|
|
Doing so prevents emacs tags from working, as well as makes the code extremely
confusing for a newbie.
In the prior state, if someone wants to find the definition of "ExprApp" for
example, a grep through the code reveals nothing. Since the definition could be
hiding in numerous ".h" files, it's really difficult to find. This personally
took me several hours to figure out.
|
|
|
|
rand() -> random(), since we use srandom().
|
|
rand() requires we call srand() instead,
but might as well use random().
|
|
Move definition of destructor to logging.cc for
access to util.hh's ignoreException.
|
|
This can be iterated on and currently leaves out settings we know we
want to forward, but it fixes #1713 and fixes #1935 and isn't
fundamentally broken like the status quo. Future changes are suggested
in a comment.
|
|
|
|
|
|
|
|
|
|
|
|
Otherwise, running e.g.
nix-instantiate --eval -E --strict 'builtins.replaceStrings [""] ["X"] "abc"'
would just hang in an infinite loop.
Found by afl-fuzz.
First attempt of this was reverted in e2d71bd1862cdda because it caused
another infinite loop, which is fixed now and a test added.
|
|
Note that clearenv() is not available on macOS.
Fixes #1907.
|
|
This is important since this is given as an example.
Other patterns containing "empty search string" will still
be handled differently on different platforms ("asdf|")
but that's less of an issue.
|
|
This is exposed by the tests added previously,
and resolves the error reported in #1892:
"expected JSON value".
|
|
E.g.
nix run --store ~/my-nix -f channel:nixos-17.03 hello -c hello
This problem was mentioned in #1897.
|
|
|
|
This reverts commit ddc58e789636e1b94149c342575d92583251fbf6.
https://hydra.nixos.org/eval/1435322
|
|
|
|
The overhead of sandbox builds is a problem on NixOS (since building a
NixOS configuration involves a lot of small derivations) but not for
typical non-NixOS use cases. So outside of NixOS we can enable it.
Issue #179.
|
|
|
|
Alos add a command "nix ping-store" to make it easier to see if Nix
can connect to a remote builder (e.g. 'nix ping-store --store
ssh://mac').
|
|
This reverts commit 4ea9707591beceacf9988b3c185faf50da238403.
It causes an infinite loop in Nixpkgs evaluation,
e.g. "nix-instantiate -A hello" hung.
PR #1886.
|
|
|
|
maybe a left-over from nix-store -r ?
|
|
The assertion is broken because there is no one-to-one mapping from
length of a base64 string to the length of the output.
E.g.
"1q69lz7Empb06nzfkj651413n9icx0njmyr3xzq1j9q=" results in a 32-byte output.
"1q69lz7Empb06nzfkj651413n9icx0njmyr3xzq1j9qy" results in a 33-byte output.
To reproduce, evaluate:
builtins.derivationStrict {
name = "0";
builder = "0";
system = "0";
outputHashAlgo = "sha256";
outputHash = "1q69lz7Empb06nzfkj651413n9icx0njmyr3xzq1j9qy";
}
Found by afl-fuzz.
|
|
Otherwise, running e.g.
nix-instantiate --eval -E --strict 'builtins.replaceStrings [""] ["X"] "abc"'
would just hang in an infinite loop.
Found by afl-fuzz.
|
|
E.g. nix-instantiate --eval -E 'abort "\r"' hangs.
Found by afl-fuzz.
|
|
Avoids ~180,000 string temporaries created when evaluating a headless
NixOS system.
|
|
https://hydra.nixos.org/eval/1434547#tabs-now-fail
|
|
Also add some examples to nix --help.
|
|
Don't silently succeed seccomp setup when !HAVE_SECCOMP.
|
|
|
|
Running Nix with build users without seccomp on Linux is dangerous,
and administrators should very explicitly opt-in to it.
|
|
|
|
|
|
configure.ac: check if lzma has MT support, fix deb build/etc.
|
|
This is needed for new arches where libseccomp support doesn't exist
yet.
Fixes #1878.
|
|
|
|
drvName is already assigned to the same value right at the start of the
function.
|
|
|
|
Boehm guarantees that memory returned by GC_malloc() is zeroed, so take
advantage of that.
|