From 546127f4ff4f340b8f407dc6cd6acceb086df280 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Sat, 10 Jan 2026 21:16:48 +0300 Subject: [PATCH] Add missing shebangs to exorcise Darwin sandbox heisenbug Adds missing shebangs that lead to unsafe forks that present themselves as SIGSEGV. See 7b3d7eb6343f33a14a9ec55be909f806ff6c49ab and https://github.com/NixOS/nixpkgs/issues/476794 Lix patch: https://gerrit.lix.systems/c/lix/+/4891 --- src/nix/nix-build/nix-build.cc | 4 ++-- tests/functional/user-envs.builder.sh | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) mode change 100644 => 100755 tests/functional/user-envs.builder.sh diff --git a/src/nix/nix-build/nix-build.cc b/src/nix/nix-build/nix-build.cc index 53dc46eaa6f..4aa6381ee30 100644 --- a/src/nix/nix-build/nix-build.cc +++ b/src/nix/nix-build/nix-build.cc @@ -616,7 +616,7 @@ static void main_nix_build(int argc, char ** argv) auto tz = getEnv("TZ"); auto tzExport = tz ? "export TZ=" + escapeShellArgAlways(*tz) + "; " : ""; std::string rc = fmt( - (R"(_nix_shell_clean_tmpdir() { command rm -rf %1%; };)"s + ("#!%8%\n" + R"(_nix_shell_clean_tmpdir() { command rm -rf %1%; };)"s "trap _nix_shell_clean_tmpdir EXIT; " "exitHooks+=(_nix_shell_clean_tmpdir); " "failureHooks+=(_nix_shell_clean_tmpdir); ") + @@ -649,7 +649,7 @@ static void main_nix_build(int argc, char ** argv) escapeShellArgAlways(dirOf(*shell)), escapeShellArgAlways(*shell), tzExport, - envCommand); + envCommand, *shell); vomit("Sourcing nix-shell with file %s and contents:\n%s", rcfile, rc); writeFile(rcfile, rc); diff --git a/tests/functional/user-envs.builder.sh b/tests/functional/user-envs.builder.sh old mode 100644 new mode 100755 index e875c2fe54d..7dd54111ab3 --- a/tests/functional/user-envs.builder.sh +++ b/tests/functional/user-envs.builder.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash # shellcheck shell=bash # shellcheck disable=SC2154 mkdir "$out"