Allow enabling core dumps from builds for nix & child processes

Fixes lix-project/lix#268

Change-Id: I3f1b0ddf064f891cca8b53229c5c31c74cea3d9f
This commit is contained in:
julia 2024-05-10 15:25:12 +10:00 committed by Jade Lovelace
parent 9322a1cbe7
commit 5b7dcb3005
8 changed files with 69 additions and 1 deletions

View file

@ -61,3 +61,8 @@ edolstra:
roberth:
display_name: Robert Hensing
github: roberth
midnightveil:
display_name: julia
forgejo: midnightveil
github: midnightveil

View file

@ -0,0 +1,13 @@
---
synopsis: "Add an option `enable-core-dumps` that enables core dumps from builds"
cls: 1088
credits: midnightveil
category: Features
---
In the past, Lix disabled core dumps by setting the soft `RLIMIT_CORE` to 0
unconditionally. Although this rlimit could be altered from the builder since
it is just the soft limit, this was kind of annoying to do. By passing
`--option enable-core-dumps true` to an offending build, one can now cause the
core dumps to be handled by the system in the normal way (winding up in
`coredumpctl`, say, on Linux).

View file

@ -1977,6 +1977,9 @@ void LocalDerivationGoal::runChild()
/* Disable core dumps by default. */
struct rlimit limit = { 0, RLIM_INFINITY };
if (settings.enableCoreDumps) {
limit.rlim_cur = RLIM_INFINITY;
}
setrlimit(RLIMIT_CORE, &limit);
// FIXME: set other limits to deterministic values?

View file

@ -290,6 +290,15 @@ public:
Setting<off_t> reservedSize{this, 8 * 1024 * 1024, "gc-reserved-space",
"Amount of reserved disk space for the garbage collector."};
Setting<bool> enableCoreDumps{
this, false, "enable-core-dumps",
R"(
If set to `false` (the default), `RLIMIT_CORE` has a soft limit of zero.
If set to `true`, the soft limit is infinite.
The hard limit is always infinite.
)"};
Setting<bool> fsyncMetadata{
this, true, "fsync-metadata",
R"(

View file

@ -0,0 +1,15 @@
let
inherit (import ../util.nix) mkNixBuildTest;
in mkNixBuildTest rec {
name = "coredumps";
extraMachineConfig = { pkgs, ... }: {
boot.kernel.sysctl."kernel.core_pattern" = "core";
};
expressionFile = ./package.nix;
testScriptPost = ''
# do a test, but this time with coredumps enabled.
machine.succeed('nix-build --option enable-core-dumps true --expr "let pkgs = import <nixpkgs> {}; in pkgs.callPackage ${expressionFile} { shouldBePresent = true; }"')
'';
}

View file

@ -0,0 +1,16 @@
{ lib, runCommand, shouldBePresent ? false }:
runCommand "core-dump-now" { } ''
set -m
sleep infinity &
# make a coredump
kill -SIGSEGV %1
if ${lib.optionalString (shouldBePresent) "!"} test -n "$(find . -maxdepth 1 -name 'core*' -print -quit)"; then
echo "core file was in wrong presence state, expected: ${if shouldBePresent then "present" else "missing"}"
exit 1
fi
touch $out
''

View file

@ -166,4 +166,6 @@ in
rootInSandbox = runNixOSTestFor "x86_64-linux" ./root-in-sandbox;
broken-userns = runNixOSTestFor "x86_64-linux" ./broken-userns.nix;
coredumps = runNixOSTestFor "x86_64-linux" ./coredumps;
}

View file

@ -1,5 +1,6 @@
{
mkNixBuildTest = { name, expressionFile, extraMachineConfig ? {} }:
mkNixBuildTest =
{ name, expressionFile, extraMachineConfig ? {}, testScriptPre ? "", testScriptPost ? "" }:
{ lib, pkgs, ... }:
{
inherit name;
@ -17,7 +18,11 @@
testScript = { nodes }: ''
start_all()
${testScriptPre}
machine.succeed('nix-build --expr "let pkgs = import <nixpkgs> {}; in pkgs.callPackage ${expressionFile} {}"')
${testScriptPost}
'';
};
}