@philiptaron's lix workspace
Find a file
jade 917c9bdee7 language: cleanly ban integer overflows
This also bans various sneaking of negative numbers from the language
into unsuspecting builtins as was exposed while auditing the
consequences of changing the Nix language integer type to a newtype.

It's unlikely that this change comprehensively ensures correctness when
passing integers out of the Nix language and we should probably add a
checked-narrowing function or something similar, but that's out of scope
for the immediate change.

During the development of this I found a few fun facts about the
language:
- You could overflow integers by converting from unsigned JSON values.
- You could overflow unsigned integers by converting negative numbers
  into them when going into Nix config, into fetchTree, and into flake
  inputs.

  The flake inputs and Nix config cannot actually be tested properly
  since they both ban thunks, however, we put in checks anyway because
  it's possible these could somehow be used to do such shenanigans some
  other way.

Note that Lix has banned Nix language integer overflows since the very
first public beta, but threw a SIGILL about them because we run with
-fsanitize=signed-overflow -fsanitize-undefined-trap-on-error in
production builds. Since the Nix language uses signed integers, overflow
was simply undefined behaviour, and since we defined that to trap, it
did.

Trapping on it was a bad UX, but we didn't even entirely notice
that we had done this at all until it was reported as a bug a couple of
months later (which is, to be fair, that flag working as intended), and
it's got enough production time that, aside from code that is IMHO buggy
(and which is, in any case, not in nixpkgs) such as
lix-project/lix#445, we don't think
anyone doing anything reasonable actually depends on wrapping overflow.

Even for weird use cases such as doing funny bit crimes, it doesn't make
sense IMO to have wrapping behaviour, since two's complement arithmetic
overflow behaviour is so *aggressively* not what you want for *any* kind
of mathematics/algorithms. The Nix language exists for package
management, a domain where bit crimes are already only dubiously in
scope to begin with, and it makes a lot more sense for that domain for
the integers to never lose precision, either by throwing errors if they
would, or by being arbitrary-precision.

This change will be ported to CppNix as well, to maintain language
consistency.

Fixes: lix-project/lix#423

Change-Id: I51f253840c4af2ea5422b8a420aa5fafbf8fae75
2024-07-13 00:59:33 +02:00
.github .github: clean up stale things and wrong references 2024-06-12 15:34:23 -07:00
bench Add benchmarking scripts 2024-04-08 19:50:24 -07:00
clang-tidy clang-tidy: work with angle brackets and external projects 2024-05-24 02:22:58 +00:00
contrib function-trace: always show the trace 2019-09-18 23:23:21 +02:00
doc Merge changes I81552018,Ieb65c133 into main 2024-07-10 17:45:17 +00:00
lix-doc lix-doc: update dependencies and refactor 2024-07-10 02:25:48 +00:00
maintainers Merge changes I476a2516,I8a274227 into main 2024-06-26 17:34:45 +00:00
meson libexpr: rewrite the parser with pegtl instead of flex/bison 2024-06-25 12:24:58 +00:00
misc libexpr: rewrite the parser with pegtl instead of flex/bison 2024-06-25 12:24:58 +00:00
nix-support Move version to a JSON file so we can have release names 2024-06-06 15:08:12 -07:00
perl libutil: allow draining Generator<Bytes> into sinks 2024-07-03 11:46:53 +00:00
releng releng: add releaseTests flake output, test script 2024-07-09 22:50:51 +02:00
scripts remove the autoconf+Make buildsystem 2024-05-07 17:04:30 -06:00
src language: cleanly ban integer overflows 2024-07-13 00:59:33 +02:00
subprojects/aws_sdk build: fix static aws-cpp-sdk 2024-05-30 00:40:25 -06:00
tests language: cleanly ban integer overflows 2024-07-13 00:59:33 +02:00
.clang-format Add pre-commit checks 2024-03-29 22:57:40 -07:00
.clang-tidy Add basic clang-tidy config 2024-03-29 20:26:38 -07:00
.dir-locals.el .dir-locals.el: Set c-block-comment-prefix 2020-07-10 11:21:06 +02:00
.editorconfig add editorconfig for markdown 2024-05-24 02:22:44 +00:00
.envrc .envrc: remove MAKEFLAGS and use clang environment by default 2024-06-25 12:36:18 -06:00
.gitignore Put into place initial release engineering 2024-06-06 20:53:08 -07:00
.this-is-lix devShell: guard against running from another directory 2024-06-24 13:41:38 -07:00
boehmgc-coroutine-sp-fallback.diff [resubmit] flake: update nixpkgs pin 23.11->24.05 (+ boehmgc compat changes) 2024-06-12 15:34:22 -07:00
CONTRIBUTING.md chore: re-work the contribution guide 2024-05-07 01:28:35 +00:00
COPYING Add pre-commit checks 2024-03-29 22:57:40 -07:00
default.nix Format Nix code with nixfmt 2024-04-08 13:00:00 -07:00
docker.nix releng: support multiarch docker images 2024-06-09 20:33:24 -07:00
flake.lock [resubmit] flake: update nixpkgs pin 23.11->24.05 (+ boehmgc compat changes) 2024-06-12 15:34:22 -07:00
flake.nix releng: add releaseTests flake output, test script 2024-07-09 22:50:51 +02:00
justfile justfile: accept extra options to just setup and pass them to meson 2024-06-24 13:37:01 -07:00
meson.build libutil: generator type with on-yield value mapping 2024-07-03 11:46:53 +00:00
meson.options build: expose option to enable or disable precompiled std headers 2024-06-06 12:46:26 -06:00
package.nix Merge "lix-doc: update dependencies and refactor" into main 2024-07-10 17:47:27 +00:00
README.md chore: rebrand Nix to Lix when it makes sense 2024-06-01 20:31:24 +02:00
shell.nix shell.nix: conform to documentation 2024-05-27 16:47:40 +02:00
treefmt.toml Format Nix code with nixfmt 2024-04-08 13:00:00 -07:00
version.json version: update to 2.91-dev for main 2024-06-15 18:46:18 -07:00

Lix

Lix is an implementation of Nix, a powerful package management system for Linux and other Unix systems that makes package management reliable and reproducible.

Read more about us at https://lix.systems.

Installation

On Linux and macOS the easiest way to install Lix is to run the following shell command (as a user other than root):

$ curl -sSf -L https://install.lix.systems/lix | sh -s -- install

For systems that already have a Nix implementation installed, such as NixOS systems, read our install page

Building And Developing

See our Hacking guide in our manual for instruction on how to to set up a development environment and build Lix from source.

Additional Resources

License

Lix is released under the LGPL v2.1.