-
-
Notifications
You must be signed in to change notification settings - Fork 14.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
runInLinuxVM: fix for structured attrs #354535
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Many thanks for working on this problem!
d633c90
to
487dd26
Compare
Thanks for the review, squashed the changes into the previous commit. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tested with hello
made structured built with runInLinuxVM
. LGTM!
nix-build --no-out-link --expr "with (import ./. { }); vmTools.runInLinuxVM (hello.overrideAttrs { __structuredAttrs = true; })"
Adding a test under pkgs.tests
would be great, but that's not a blocker.
I'm unfamiliar with the implementation of vm.nix
-related build helpers. Having another pair of eyes from someone familiar with this topic would be safer.
Because my comments are naturally not on the right lines, when they didn't change, here's what I tested with: diff --git a/pkgs/build-support/vm/default.nix b/pkgs/build-support/vm/default.nix
index dc5c29fcb733..147a030ac139 100644
--- a/pkgs/build-support/vm/default.nix
+++ b/pkgs/build-support/vm/default.nix
@@ -169,6 +169,7 @@ rec {
stage2Init = writeScript "vm-run-stage2" ''
#! ${bash}/bin/sh
+ set -euo pipefail
source /build/xchg/saved-env
if [ -f "''${NIX_ATTRS_SH_FILE-}" ]; then
source "$NIX_ATTRS_SH_FILE"
@@ -183,7 +184,6 @@ rec {
export NIX_BUILD_TOP=/tmp
export TMPDIR=/tmp
export PATH=/empty
- out="$1"
cd "$NIX_BUILD_TOP"
if ! test -e /bin/sh; then
@@ -240,10 +240,6 @@ rec {
vmRunCommand = qemuCommand: writeText "vm-run" ''
- if [ -f "''${NIX_ATTRS_SH_FILE-}" ]; then
- source "$NIX_ATTRS_SH_FILE"
- fi
- source $stdenv/setup
export > saved-env
PATH=${coreutils}/bin
@@ -271,8 +267,6 @@ rec {
${qemuCommand}
EOF
- mkdir -p -m 0700 $out
-
chmod +x ./run-vm
source ./run-vm Removing the mkdir line is, what I was not sure about. Not sure about why it is needed in the first place, that is. |
The mkdir seems to have been added in aa5646f. |
I tried to build Having a fix for a very specific package in that place without a comment explaining why... seems entirely wrong. I think we should just remove the |
Closes NixOS#334705 Addresses NixOS#205690 The main issue was that the output variable (i.e. `$out` and friends) didn't exist. I figured the easiest way to add those is to source `stdenv` here. Given that we build another derivation in this builder, it's pretty likely that `stdenv` gets pulled already, so I don't expect a real overhead here. Also, this mounts `/build` into the VM: this is required to make sure `.attrs.json` & `.attrs.sh` are available. Dropped the mount of `xchg` into `/tmp` now since it's also part of `/build`.
487dd26
to
97ed6b4
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can't say anything about the temporary directory -> build directory part - I don't know enough about this code to understand the implications of that beyond the fact that it seems to fix things here ;)
Everything else LGTM. I didn't build again, just read through it.
It's a good change since $out is no longer arbitrarily occupied. Still, it needs a release note entry because of its backward incompatibility. I should have tested |
In addition, the disk creation functionality with |
I am seeing this failure when building
This doesn't look like "$out is empty". |
It's not " |
Ah ok, misunderstood. So it's this removed line that broke it?
|
I think so. It's a good change, as most people would |
Grepping for
I can only find two uses of Is it used more often outside of nixpkgs? |
A search across GitHub could inform us about that. Do you know how to exclude forked repositories from the GitHub code search result? |
I think that's because of this: createEmptyImage = {
# Disk image size in MiB
size,
# Name that will be written to ${destination}/nix-support/full-name
fullName,
# Where to write the image files, defaulting to $out
destination ? "$out"
}: ''
mkdir -p ${destination}
diskImage=${destination}/disk-image.qcow2
${qemu}/bin/qemu-img create -f qcow2 $diskImage "${toString size}M"
mkdir ${destination}/nix-support
echo "${fullName}" > ${destination}/nix-support/full-name
''; This needs With my proposal in #354535 (comment) we removed the So I guess we should add those lines back: vmRunCommand = qemuCommand: writeText "vm-run" ''
+ if [ -f "''${NIX_ATTRS_SH_FILE-}" ]; then
+ source "$NIX_ATTRS_SH_FILE"
+ fi
+ source $stdenv/setup WDYT? |
I don't know how to exclude forks, but I browsed through the results and randomly picked uses of I didn't see anyone removing the existing |
It's used in I think the only broken case is indeed |
I see. Thank you for checking it out. |
If it is needed to make |
This broke systemd-boot tests, and probably all tests built with disk images. |
Just to double-check, this is with #358705 included, yes? Can you give me a quick reproducer line what I need to build to see the failing test? |
|
It does build fine right before this PR. Relevant log when it succeeds:
The same part when it fails:
This is happening in stage 2. When I revert the In fact when I only remove the This means that the current tests throw an error somewhere - but silently so. Imho, this PR just revealed a different problem. I am investigating further. |
Ah, it's in the logs already:
So, this means that this command is actually returning an error:
|
It would be great to understand when the hwclock command started to fail. |
Thanks for tracking it down, was busy investigating a production issue at work. I think this might be a channel-blocker, so I guess if I don't get to a solution quickly, I'd temporarily remove the |
Alternatively, just swallow the error for hwclock manually with |
I'm not 100% that |
+1 for just removing those hacks. |
Commit 97ed6b4 broke the systemd-boot tests (among others) because of the `hwclock -s` invocation. This was broken for a while, but not noticed because we didn't have a `set -e` before. The error hwclock: select() to /dev/rtc0 to wait for clock tick timed out MAY be related to an open QEMU bug[1]: I can't reproduce the error on aarch64-linux and x86_64-linux with `partitionTableType = "legacy";`. Also, the issue disappears on x86_64-linux when adding `--directisa`. However, the invocation was added in f73ff05 10 years ago which didn't give any reasoning or pointer to what KVM bug this may be. Given that this must have happened on an ancient version, we agreed on removing it altogether[2]. [1] https://gitlab.com/qemu-project/qemu/-/issues/1762 [2] NixOS#354535 (comment)
@@ -223,11 +229,12 @@ rec { | |||
-nographic -no-reboot \ | |||
-device virtio-rng-pci \ | |||
-virtfs local,path=${storeDir},security_model=none,mount_tag=store \ | |||
-virtfs local,path=/build,security_model=none,mount_tag=sa \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, this isn't backwards compatible and creates quite a few annoyances. Right now, it breaks disko, see nix-community/disko#900
Formatting 'main.raw', fmt=raw size=10737418240
qemu-kvm: -virtfs local,path=/build,security_model=none,mount_tag=sa: cannot initialize fsdev 'sa': failed to open '/build': No such file or directory
The other paths in this invocation are configurable, but /build
requires me to do a switch_root
before. I would like to allow adding a custom prefix in front of this path. I'll submit a PR for this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm currently looking into this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you! I don't have the bandwidth for it this weekend, can take a look at this on ~Monday if needed (please ping me here if that's the case).
Fixes #900 This was caused by NixOS/nixpkgs#354535 originally. The breaking changes introduced there have been resolved by NixOS/nixpkgs#360413, but one addition survived, which was the line `source $stdenv/setup`. Because we used `>` instead of `>>`, `saved-env` was overwritten, so even with the second PR, the script failed with the following error: /nix/store/pw...ykc-vm-run-stage2: line 16: stdenv: unbound variable Once this and the second PR mentioned above are merged, #903 will be unblocked.
Closes #334705
Addresses #205690
The main issue was that the output variable (i.e.
$out
and friends) didn't exist. I figured the easiest way to add those is to sourcestdenv
here. Given that we build another derivation in this builder, it's pretty likely thatstdenv
gets pulled already, so I don't expect a real overhead here.Also, this mounts
/build
into the VM: this is required to make sure.attrs.json
&.attrs.sh
are available. Dropped the mount ofxchg
into/tmp
now since it's also part of/build
.cc @ShamrockLee
Things done
nix.conf
? (See Nix manual)sandbox = relaxed
sandbox = true
nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"
. Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/
)Add a 👍 reaction to pull requests you find important.