tests.nixpkgs-check-by-name: Fix for symlinked tempdirs#254435
tests.nixpkgs-check-by-name: Fix for symlinked tempdirs#254435infinisil merged 2 commits intoNixOS:masterfrom
Conversation
ofborg
bot
added
6.topic: darwin
|
For context, what this PR intends to fix is a bug discovered on Darwin where the generated attrs list is put into a location that is behind a symlink. Including that location in the NIX_PATH and then trying to access it results in an error like this: On Darwin, This might also be a Nix bug. |
infinisil
force-pushed
the
fix-by-name-check-on-darwin
branch
from
ad578fa to
d5a6a8b
Compare
infinisil
changed the title
infinisil
force-pushed
the
fix-by-name-check-on-darwin
branch
2 times, most recently
from
8658742 to
db44976
Compare
|
Thanks, I added the error message to the code and commit message. I also added a test to make sure we don't run into this again. |
Atemu
left a comment
Atemu
left a comment
There was a problem hiding this comment.
With my limited rust knowledge the diff LGTM but at runtime I get:
Executing cargoCheckHook
++ cargo test -j 10 --release --target aarch64-apple-darwin --frozen -- --test-threads=10
Compiling nixpkgs-check-by-name v0.1.0 (/private/tmp/nix-build-nixpkgs-check-by-name.drv-0/source)
Finished release [optimized] target(s) in 0.79s
Running unittests src/main.rs (target/aarch64-apple-darwin/release/deps/nixpkgs_check_by_name-c15b59f9dc020547)
running 3 tests
test tests::test_case_sensitive ... ok(B
error: creating symlink from '/private/tmp/nix-build-nixpkgs-check-by-name.drv-0/source/test-tmp/var/nix/gcroots/profiles' to '/private/tmp/nix-build-nixpkgs-check-by-name.drv-0/source/test-tmp/var/nix/profiles': File exists
test tests::tests_dir ... FAILED(B
test tests::test_symlinked_tmpdir ... ok(B
failures:
---- tests::tests_dir stdout ----
Error: Failed test case override-different-file
Caused by:
Failed to run command "nix-instantiate" "--eval" "--json" "--strict" "--readonly-mode" "--restrict-eval" "--show-trace" "--expr" "# Takes a path to nixpkgs and a path to the json-encoded list of attributes to check.\n# Returns an attribute set containing information on each requested attribute.\n# If the attribute is missing from Nixpkgs it\'s also missing from the result.\n#\n# The returned information is an attribute set with:\n# - call_package_path: The <path> from `<attr> = callPackage <path> { ... }`,\n# or null if it\'s not defined as with callPackage, or if the <path> is not a path\n# - is_derivation: The result of `lib.isDerivation <attr>`\n{\n attrsPath,\n nixpkgsPath,\n}:\nlet\n attrs = builtins.fromJSON (builtins.readFile attrsPath);\n\n # This overlay mocks callPackage to persist the path of the first argument\n callPackageOverlay = self: super: {\n callPackage = fn: args:\n let\n result = super.callPackage fn args;\n in\n if builtins.isAttrs result then\n # If this was the last overlay to be applied, we could just only return the `_callPackagePath`,\n # but that\'s not the case because stdenv has another overlays on top of user-provided ones.\n # So to not break the stdenv build we need to return the mostly proper result here\n result // {\n _callPackagePath = fn;\n }\n else\n # It\'s very rare that callPackage doesn\'t return an attribute set, but it can occur.\n {\n _callPackagePath = fn;\n };\n };\n\n pkgs = import nixpkgsPath {\n # Don\'t let the users home directory influence this result\n config = { };\n overlays = [ callPackageOverlay ];\n };\n\n attrInfo = attr: {\n # These names are used by the deserializer on the Rust side\n call_package_path =\n if pkgs.${attr} ? _callPackagePath && builtins.isPath pkgs.${attr}._callPackagePath then\n toString pkgs.${attr}._callPackagePath\n else\n null;\n is_derivation = pkgs.lib.isDerivation pkgs.${attr};\n };\n\n attrInfos = builtins.listToAttrs (map (name: {\n inherit name;\n value = attrInfo name;\n }) attrs);\n\nin\n# Filter out attributes not in Nixpkgs\nbuiltins.intersectAttrs pkgs attrInfos\n" "--arg" "attrsPath" "/private/tmp/nix-build-nixpkgs-check-by-name.drv-0/.tmpsmDyqP/actual/.tmpMJuBGU" "-I" "/private/tmp/nix-build-nixpkgs-check-by-name.drv-0/.tmpsmDyqP/actual/.tmpMJuBGU" "--arg" "nixpkgsPath" "/private/tmp/nix-build-nixpkgs-check-by-name.drv-0/source/tests/override-different-file" "-I" "/private/tmp/nix-build-nixpkgs-check-by-name.drv-0/source/tests/override-different-file" "-I" "tests/mock-nixpkgs.nix"
failures:
tests::tests_dir
test result: FAILED(B. 2 passed; 1 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.37s
error: test failed, to rerun pass `--bin nixpkgs-check-by-name`
error: builder for '/nix/store/krq0s9qg8ll4rzy46ih1mfbqj0lg2p8s-nixpkgs-check-by-name.drv' failed with exit code 101;
I assume this doesn't repro on Linux?
|
Interesting, this looks a bit like NixOS/nix#2706, though I don't fully understand it yet. @Atemu Is this reproducible? Edit: I can reproduce it on Linux too! Only happens in the |
|
@ofborg build tests.nixpkgs-check-by-name |
On Darwin, /tmp is sometimes a symlink to /private/tmp, which couldn't
be handled before:
error: access to canonical path '/private/var/folders/xp/9_ry6h9x6l9gh_g32qspz0_40000gp/T/.tmpFbcNO0' is forbidden in restricted mode
This both fixes that and adds a test to make sure it can't happen again
We seem to have enough tests to run into this now:
error: creating symlink from '/private/tmp/nix-build-nixpkgs-check-by-name.drv-0/source/test-tmp/var/nix/gcroots/profiles' to '/private/tmp/nix-build-nixpkgs-check-by-name.drv-0/source/test-tmp/var/nix/profiles': File exists
infinisil
force-pushed
the
fix-by-name-check-on-darwin
branch
from
db44976 to
9c9a7e0
Compare
Indeed this was it. Apparently cargo runs tests in parallel by default, which triggers this, combined with the fact that the Nix store in the One way to fix this would be to make cargo run tests sequentially, which could be done with Instead I'm going to copy the fix for this from https://github.com/tweag/lorri/pull/58: Initialising the store beforehand. Btw I'm not sure why this wasn't a problem before when we already had two separate tests, we have three now, oh well 🤷 This should be good now! Note to self: Use |
infinisil
changed the title
|
@ofborg build tests.nixpkgs-check-by-name |
|
There are some ofborg failures but those are unrelated, they reference something that was removed a while ago, see NixOS/ofborg#650 |
delroth
added
the
12.approvals: 1
This was an oversight in NixOS#254435
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: |
This was an oversight in NixOS/nixpkgs#254435
4 participants
Description of changes
Reported by @Atemu at NixCon :).
Things done
sandbox = trueset innix.conf? (See Nix manual)nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)