forked from lix-project/lix
Robert Hensing
d038a67bd3
This removes a dynamic stack allocation, making the derivation unparsing logic robust against overflows when large strings are added to a derivation. Overflow behavior depends on the platform and stack configuration. For instance, x86_64-linux/glibc behaves as (somewhat) expected: $ (ulimit -s 20000; nix-instantiate tests/lang/eval-okay-big-derivation-attr.nix) error: stack overflow (possible infinite recursion) $ (ulimit -s 40000; nix-instantiate tests/lang/eval-okay-big-derivation-attr.nix) error: expression does not evaluate to a derivation (or a set or list of those) However, on aarch64-darwin: $ nix-instantiate big-attr.nix ~ zsh: segmentation fault nix-instantiate big-attr.nix This indicates a slight flaw in the single stack protection page approach that is not encountered with normal stack frames. |
||
---|---|---|
.. | ||
ca | ||
config | ||
lang | ||
plugins | ||
add.sh | ||
bad.tar.xz | ||
big-derivation-attr.nix | ||
binary-cache-build-remote.sh | ||
binary-cache.sh | ||
brotli.sh | ||
build-dry.sh | ||
build-hook-ca-fixed.nix | ||
build-hook-ca-floating.nix | ||
build-hook.nix | ||
build-remote-content-addressed-fixed.sh | ||
build-remote-content-addressed-floating.sh | ||
build-remote-input-addressed.sh | ||
build-remote.sh | ||
build.sh | ||
ca-shell.nix | ||
case-hack.sh | ||
case.nar | ||
check-refs.nix | ||
check-refs.sh | ||
check-reqs.nix | ||
check-reqs.sh | ||
check.nix | ||
check.sh | ||
common.sh.in | ||
compression-levels.sh | ||
compute-levels.sh | ||
config.nix.in | ||
config.sh | ||
db-migration.sh | ||
dependencies.builder0.sh | ||
dependencies.nix | ||
dependencies.sh | ||
describe-stores.sh | ||
dummy | ||
dump-db.sh | ||
eval-store.sh | ||
export-graph.nix | ||
export-graph.sh | ||
export.sh | ||
failing.nix | ||
fetchGit.sh | ||
fetchGitRefs.sh | ||
fetchGitSubmodules.sh | ||
fetchMercurial.sh | ||
fetchurl.sh | ||
filter-source.nix | ||
filter-source.sh | ||
fixed.builder1.sh | ||
fixed.builder2.sh | ||
fixed.nix | ||
fixed.sh | ||
flake-local-settings.sh | ||
flake-searching.sh | ||
flakes.sh | ||
function-trace.sh | ||
gc-auto.sh | ||
gc-concurrent.builder.sh | ||
gc-concurrent.nix | ||
gc-concurrent.sh | ||
gc-concurrent2.builder.sh | ||
gc-non-blocking.sh | ||
gc-runtime.nix | ||
gc-runtime.sh | ||
gc.sh | ||
github-flakes.nix | ||
hash-check.nix | ||
hash.sh | ||
import-derivation.nix | ||
import-derivation.sh | ||
init.sh | ||
install-darwin.sh | ||
lang.sh | ||
linux-sandbox.sh | ||
local-store.sh | ||
local.mk | ||
logging.sh | ||
misc.sh | ||
multiple-outputs.nix | ||
multiple-outputs.sh | ||
nar-access.nix | ||
nar-access.sh | ||
nix-build-examples.nix | ||
nix-build.sh | ||
nix-channel.sh | ||
nix-copy-closure.nix | ||
nix-copy-ssh.sh | ||
nix-profile.sh | ||
nix-shell.sh | ||
nss-preload.nix | ||
optimise-store.sh | ||
parallel.builder.sh | ||
parallel.nix | ||
parallel.sh | ||
pass-as-file.sh | ||
path.nix | ||
placeholders.sh | ||
plugins.sh | ||
post-hook.sh | ||
pure-eval.nix | ||
pure-eval.sh | ||
push-to-store.sh | ||
readfile-context.builder.sh | ||
readfile-context.nix | ||
readfile-context.sh | ||
recursive.sh | ||
referrers.sh | ||
remote-builds.nix | ||
remote-store.sh | ||
repair.sh | ||
repl.sh | ||
restricted.nix | ||
restricted.sh | ||
search.nix | ||
search.sh | ||
secure-drv-outputs.nix | ||
secure-drv-outputs.sh | ||
setuid.nix | ||
shell-hello.nix | ||
shell.nix | ||
shell.sh | ||
shell.shebang.rb | ||
shell.shebang.sh | ||
signing.sh | ||
simple-failing.nix | ||
simple.builder.sh | ||
simple.nix | ||
simple.sh | ||
ssh-relay.sh | ||
structured-attrs-shell.nix | ||
structured-attrs.nix | ||
structured-attrs.sh | ||
substitute-with-invalid-ca.sh | ||
tarball.sh | ||
timeout.nix | ||
timeout.sh | ||
undefined-variable.nix | ||
user-envs.builder.sh | ||
user-envs.nix | ||
user-envs.sh | ||
zstd.sh |