diff --git a/.version b/.version index 5506598e0f5..fb3a0677958 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.32.3 +2.32.4 diff --git a/nix-meson-build-support/common/meson.build b/nix-meson-build-support/common/meson.build index 595503f6149..23013d6ee2b 100644 --- a/nix-meson-build-support/common/meson.build +++ b/nix-meson-build-support/common/meson.build @@ -42,6 +42,26 @@ if cxx.get_id() == 'clang' add_project_arguments('-fpch-instantiate-templates', language : 'cpp') endif +# Detect if we're using libstdc++ (GCC's standard library) +# libstdc++ uses Intel TBB as backend for C++17 parallel algorithms when is included. +# boost::concurrent_flat_map includes , which would require linking against TBB. +# Since we don't actually use parallel algorithms, disable the TBB backend to avoid the dependency. +# TBB is a dependency of blake3 and leaking into our build environment. +is_using_libstdcxx = cxx.compiles( + ''' + #include + #ifndef __GLIBCXX__ + #error "not libstdc++" + #endif + int main() { return 0; } +''', + name : 'using libstdc++', +) + +if is_using_libstdcxx + add_project_arguments('-D_GLIBCXX_USE_TBB_PAR_BACKEND=0', language : 'cpp') +endif + # Darwin ld doesn't like "X.Y.ZpreABCD+W" nix_soversion = meson.project_version().split('+')[0].split('pre')[0] diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 98cb7f60480..10ced92bc07 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -2005,8 +2005,13 @@ static void prim_dirOf(EvalState & state, const PosIdx pos, Value ** args, Value NixStringContext context; auto path = state.coerceToString( pos, *args[0], context, "while evaluating the first argument passed to 'builtins.dirOf'", false, false); - auto dir = dirOf(*path); - v.mkString(dir, context); + auto pos = path->rfind('/'); + if (pos == path->npos) + v.mkStringMove(".", context); + else if (pos == 0) + v.mkStringMove("/", context); + else + v.mkString(path->substr(0, pos), context); } } diff --git a/src/libstore/include/nix/store/restricted-store.hh b/src/libstore/include/nix/store/restricted-store.hh index 8bbb2ff54d7..62cac385675 100644 --- a/src/libstore/include/nix/store/restricted-store.hh +++ b/src/libstore/include/nix/store/restricted-store.hh @@ -52,7 +52,21 @@ struct RestrictionContext * Add 'path' to the set of paths that may be referenced by the * outputs, and make it appear in the sandbox. */ - virtual void addDependency(const StorePath & path) = 0; + void addDependency(const StorePath & path) + { + if (isAllowed(path)) + return; + addDependencyImpl(path); + } + +protected: + + /** + * This is the underlying implementation to be defined. The caller + * will ensure that this is only called on newly added dependencies, + * and that idempotent calls are a no-op. + */ + virtual void addDependencyImpl(const StorePath & path) = 0; }; /** diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index cca142cd6b6..1477aac0c05 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -325,7 +325,7 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder protected: - void addDependency(const StorePath & path) override; + void addDependencyImpl(const StorePath & path) override; /** * Make a file owned by the builder. @@ -1186,11 +1186,8 @@ void DerivationBuilderImpl::stopDaemon() daemonSocket.close(); } -void DerivationBuilderImpl::addDependency(const StorePath & path) +void DerivationBuilderImpl::addDependencyImpl(const StorePath & path) { - if (isAllowed(path)) - return; - addedPaths.insert(path); } diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc index f6e910d08a9..b89c03890ab 100644 --- a/src/libstore/unix/build/linux-derivation-builder.cc +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -703,8 +703,11 @@ struct ChrootLinuxDerivationBuilder : ChrootDerivationBuilder, LinuxDerivationBu DerivationBuilderImpl::killSandbox(getStats); } - void addDependency(const StorePath & path) override + void addDependencyImpl(const StorePath & path) override { + if (isAllowed(path)) + return; + auto [source, target] = ChrootDerivationBuilder::addDependencyPrep(path); /* Bind-mount the path into the sandbox. This requires diff --git a/tests/functional/lang/eval-okay-builtins-dirOf.exp b/tests/functional/lang/eval-okay-builtins-dirOf.exp new file mode 100644 index 00000000000..e0093e93ab8 --- /dev/null +++ b/tests/functional/lang/eval-okay-builtins-dirOf.exp @@ -0,0 +1 @@ +{ pathDoesntExistNested1 = /totallydoesntexistreally; pathDoesntExistNested2 = /totallydoesntexistreally/subdir1; pathDoesntExistRoot = /; pathRoot = /; stringEmpty = "."; stringMultipleSeps = "a//"; stringNoSep = "."; stringRoot = "/"; stringRootA = "/"; stringRootSlash = "/"; stringRootSlashSlash = "//"; stringSingleDir = "a"; stringWithDot = "a/b/c/."; stringWithDotAndDotDot = "a/b/c/../."; stringWithDotAndDotDotSep2 = "a/b/c/.././"; stringWithDotDot = "a/b/c/.."; stringWithDotDotSep2 = "a/b/c/../"; stringWithDotSep2 = "a/b/c/./"; } diff --git a/tests/functional/lang/eval-okay-builtins-dirOf.nix b/tests/functional/lang/eval-okay-builtins-dirOf.nix new file mode 100644 index 00000000000..d2eae1c4ea5 --- /dev/null +++ b/tests/functional/lang/eval-okay-builtins-dirOf.nix @@ -0,0 +1,21 @@ +{ + stringEmpty = dirOf ""; + stringNoSep = dirOf "filename"; + stringSingleDir = dirOf "a/b"; + stringMultipleSeps = dirOf "a///b"; + stringRoot = dirOf "/"; + stringRootSlash = dirOf "//"; + stringRootSlashSlash = dirOf "///"; + stringRootA = dirOf "/a"; + stringWithDot = dirOf "a/b/c/./d"; + stringWithDotSep2 = dirOf "a/b/c/.//d"; + stringWithDotDot = dirOf "a/b/c/../d"; + stringWithDotDotSep2 = dirOf "a/b/c/..//d"; + stringWithDotAndDotDot = dirOf "a/b/c/.././d"; + stringWithDotAndDotDotSep2 = dirOf "a/b/c/.././/d"; + + pathRoot = dirOf /.; + pathDoesntExistRoot = dirOf /totallydoesntexistreally; + pathDoesntExistNested1 = dirOf /totallydoesntexistreally/subdir1; + pathDoesntExistNested2 = dirOf /totallydoesntexistreally/subdir1/subdir2; +}