| 5 Oct 2025 |
 Mic92 | for sunsetting mergify | 05:31:23 |
|  Miku joined the room. | 09:31:43 |
 Sergei Zimmerman (xokdvium) | Ok managed to hit this locally at least once. My suspicion is that it's a use-after-free and with musl those blow up more predictably. | 12:29:17 |
 Taeer Bar-Yam | don't we run things through ASAN at some point? | 14:04:58 |
| Sergei Zimmerman (xokdvium) | Yeah we do now, but that's not enough it seems | 14:05:22 |
| Sergei Zimmerman (xokdvium) | I think clang-tidy managed to dig up something relevant:
../src/libstore/build/derivation-check.cc:85:35: warning: Dereference of undefined pointer value [clang-analyzer-core.NullDereference]
85 | if (checks.maxSize && info.narSize > *checks.maxSize)
../src/libstore/build/derivation-check.cc:117:31: warning: 4th function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
117 | throw BuildError(
../src/libstore/build/derivation-check.cc:181:45: warning: 2nd function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
181 | if (auto outputChecks = get(checksPerOutput, outputName))
| 14:08:22 |
| Sergei Zimmerman (xokdvium) | Yeah turned out to be false-positives | 19:22:42 |
| Sergei Zimmerman (xokdvium) | Considering just how hard it's to reproduce (1/50 runs if lucky) I've opened reverts for the prime suspects https://github.com/NixOS/nix/pull/14159. John Ericson | 19:24:35 |
| 6 Oct 2025 |
| Mic92 | I was wondering what we should fuzz with nix, but now I think fuzzing nixpkgs evaluations would be a good start. | 09:12:38 |
| Mic92 | Do we eval nixpkgs/flake-regressions with ASAN enabled? | 09:14:24 |
|  Akshay Sachdeva joined the room. | 13:45:39 |
 fzakaria | fuzz with AFLP? | 16:46:18 |
| fzakaria | can you compile Nix using the AFLP gcc ? | 16:46:38 |
| fzakaria | I mean AFL* | 16:47:16 |
| fzakaria | I think im running AFL on nix eval | 17:24:45 |
|  lovesegfault changed their profile picture. | 17:33:01 |
| lovesegfault changed their profile picture. | 17:33:46 |
| fzakaria | how do you build it with ASAN too? | 18:04:35 |
| fzakaria | oh i see it in doc | 18:05:55 |
| fzakaria | i was trying to build just 'debug' but i was hitting those FORTIFY_SOURCE warnings and build failures | 22:40:41 |
| fzakaria | would be nice to document how to get past that. | 22:40:48 |
| Sergei Zimmerman (xokdvium) | NIX_HARDENING_ENABLE=$(printLines $NIX_HARDENING_ENABLE | grep -v fortify) (ref eelco) | 22:42:38 |
| fzakaria | okay let me try that because debugoptimized | 22:43:59 |
| fzakaria | still skips stuff | 22:44:01 |
| Sergei Zimmerman (xokdvium) | ma27: thanks for the gdb fix btw. Very much appreciated to be able to use boost's pretty-printers out of the box. I hate how many hoops one has to jump through to get rid of -Wa,--compress-debug-sections though | 23:21:53 |
| 7 Oct 2025 |
| lovesegfault | could one reasonably write a nix evaluator without a GC and use refcounting, or would there be too many leaks due to cycles? | 04:07:54 |
 K900 | Definitely too many cycles without any form of GC | 04:16:48 |
| K900 | But you can probably get something out of refcounting compared to baseline | 04:17:27 |
| lovesegfault | that's a shame, i was thinking that conceptually it'd be nice to write an evaluator around rust futures | 04:17:31 |
| lovesegfault | but no gc there | 04:17:55 |
