!VRULIdgoKmKPzJZzjj:nixos.org

Nix Hackers

892 Members
For people hacking on the Nix package manager itself189 Servers

Load older messages

SenderMessageTime
11 Nov 2024
@vcunat:matrix.orgVladimír Čunát(same output, though as usual, on Hydra this got overwritten, but I remember)09:01:55
@vcunat:matrix.orgVladimír Čunát Mic92: now I tried the same derivation on a machine outside NixOS infra and there this issue won't reproduce. Hard to guess what's the key difference, though. 09:08:50
@vcunat:matrix.orgVladimír Čunát * Mic92: now I tried the same-hashed derivation on a machine outside NixOS infra and there this issue won't reproduce. Hard to guess what's the key difference, though. 09:09:12
@mschwaig:matrix.orgMartin Schwaighofer
In reply to @joerg:thalheim.io
Martin Schwaighofer: both would be fine. If it requires a lot of back and forth, meeting might work better. Checkout this: https://github.com/NixOS/nix/tree/master/maintainers#meeting-protocol
Is the meeting link https://jitsi.lassul.us/nix-maintainers or something else? The link to the google calendar entry for the work meeting is a dead link. 😅 		13:02:47
@gr_h_m:matrix.orggr_h_m joined the room.20:04:08
12 Nov 2024
@Ericson2314:matrix.orgJohn Ericson
In reply to @mschwaig:matrix.org

Hi 👋 my name is Martin, I'm new in this channel!

I have two things that I would like to discuss with someone from the Nix team.

* My comment on https://github.com/NixOS/nix/pull/11749#issuecomment-2462223730 and
* my paper on Extending Cloud Build Systems to Eliminate Transitive Trust, also covered by my talk about that work at NixCon 2024.

Would one of the regular meetings be suitable to discuss this, or would some other way be better? 😊

Hi @mschwaig:matrix.org have you looked at CA derivations? From a lightening quick skim of your paper, sounds like we've had some similar ideas on how to retrofit the benefits of content addressed derivation outputs for input-addressed derivation outputs 		01:45:29
@Ericson2314:matrix.orgJohn EricsonI would be happy to talk to you about this more 01:45:55
@mschwaig:matrix.orgMartin Schwaighofer
In reply to @Ericson2314:matrix.org
Hi @mschwaig:matrix.org have you looked at CA derivations? From a lightening quick skim of your paper, sounds like we've had some similar ideas on how to retrofit the benefits of content addressed derivation outputs for input-addressed derivation outputs

Yes I have looked at CA derivations! 😊
In fact they close T3 in my threat model. To make what I am proposing work with input addressed derivations as well, it would be necessary to retrofit some of their benefits in terms of trust onto input addressed derivations by making dependency resolution a bit more strict, which I think would be possible.

I'd be interested in you ideas on this topic and how similarly/differently we see those things!

If you're looking for specifics in the paper, I think besides T3/M3 the sections relevant to the content addressing vs input addressing issue are 6.3.2, the first half of 6.4.2, and 4.1.1.

02:07:32
@mschwaig:matrix.orgMartin Schwaighofer
In reply to @Ericson2314:matrix.org
I would be happy to talk to you about this more
Sounds great, let's do that. 😊 		02:08:05
@pfhuh:matrix.orgpfhuh joined the room.05:53:47
@jade_:matrix.orgjade_
In reply to @vcunat:matrix.org
Any idea: build input /nix/store/foo does not exist (link)
That's... some Nix bug?
can happen if the scheduler fucks up (we had this bug in lix HEAD recently because of a big scheduler refactor) 		09:47:49
@jade_:matrix.orgjade_also maybe a remote builds GC related bug09:48:02
@jade_:matrix.orgjade_since the remote build system does not keep paths live properly09:48:14
@jade_:matrix.orgjade_ * since the remote build system does not keep paths live properly often09:48:16
@jade_:matrix.orgjade_https://git.lix.systems/lix-project/lix/issues/505 see09:50:48
@hexa:lossy.networkhexaI did run a full GC in the mac builders last night09:52:12
@joerg:thalheim.ioMic92 hexa: maybe we need to take out machines out of hydra when doing a GC. Machines are under load when this happen anyway. 11:45:10
@p14:matrix.orgp14I am having a problem with a http tarball URL used as a flake input somehow resulting in an incomplete unpack on disk. Are there known bugs in this area? Out of 70k files I am missing 1k in the unpack; these are present if I run ‘tar xf’ manually but not in the nix store for the flake input outPath.12:26:07
@p14:matrix.orgp14It is repeatable in that the same problem seems to have occurred with two different tarballs12:51:32
@puck:puck.moepuckare the files in the tarball ordered?15:04:05
@azahi:azahi.ccazahi changed their profile picture.18:51:18
@jade_:matrix.orgjade_
In reply to @joerg:thalheim.io
hexa: maybe we need to take out machines out of hydra when doing a GC. Machines are under load when this happen anyway.
unless the gc system was rewritten in cppnix, it is merely running one deleter thread and is not going to be loading the machine that hard 		22:03:56
@jade_:matrix.orgjade_but yes, probably would not be too absurd to take machines out while gc'ing them22:04:14
@hexa:lossy.networkhexayeah, it didn't seem to affect the mac much22:04:16
@hexa:lossy.networkhexaand all other builders regularly run gcs as well22:04:51
@hexa:lossy.networkhexaif this was a substantial problem we'd know22:05:07
@jade_:matrix.orgjade_i have a prototype for multithreaded gc deletion in lix, but i haven't finished it. it is an area where nix scales badly, anyhow.22:04:58
@jade_:matrix.orgjade_the gc root bug has affected lix's CI infrastructure pretty badly, but it is somewhat unclear if it is fully resolvable without either significant perf problems or protocol changes (which in the lix case are impossible)22:06:08
@jade_:matrix.orgjade_since you would have to potentially send a gcroot request for every build input of a derivation which would be a nasty latency stackup22:06:34
@jade_:matrix.orgjade_ alternative is to send the .drv file or something else that has the things as dependency and have that cause gcroots 22:07:01

Show newer messages

Back to Room ListRoom Version: 6