| 4 Oct 2025 |
 Sergei Zimmerman (xokdvium) | Mic92: | 21:33:25 |
| Sergei Zimmerman (xokdvium) | * Mic92, John Ericson my suspect for https://hydra.nixos.org/build/308585653/nixlog/3 (https://github.com/NixOS/nix/issues/14141) is https://github.com/NixOS/nix/commit/e06968ec2586a9ccd18e58d1796de6d9ac628bc6 | 21:34:17 |
| Sergei Zimmerman (xokdvium) | Trying to repro with sanitizers, but not much luck yet. Seems to be fucky UB. | 21:35:54 |
| Sergei Zimmerman (xokdvium) | I think I've run into a very fucky store path corruption as well while dogfooding master. Must be the same root cause | 21:47:58 |
| Sergei Zimmerman (xokdvium) | Or was it https://github.com/NixOS/nix/pull/14022/commits maybe? | 22:12:01 |
| Sergei Zimmerman (xokdvium) | Alternate theory. There's UB somewhere in the code base and with the switch to -fno-semantic-interposition GCC is happily optimising the heck out of things. | 23:42:23 |
| 5 Oct 2025 |
 Mic92 | @xokdvium:matrix.org: would that be catched if someone runs nix with ubsan in their hosy daemon? | 04:44:34 |
| Mic92 | Sergei Zimmerman (xokdvium): https://github.com/NixOS/nix/pull/14155 | 05:31:15 |
| Mic92 | for sunsetting mergify | 05:31:23 |
|  Miku joined the room. | 09:31:43 |
| Sergei Zimmerman (xokdvium) | Ok managed to hit this locally at least once. My suspicion is that it's a use-after-free and with musl those blow up more predictably. | 12:29:17 |
 Taeer Bar-Yam | don't we run things through ASAN at some point? | 14:04:58 |
| Sergei Zimmerman (xokdvium) | Yeah we do now, but that's not enough it seems | 14:05:22 |
| Sergei Zimmerman (xokdvium) | I think clang-tidy managed to dig up something relevant:
../src/libstore/build/derivation-check.cc:85:35: warning: Dereference of undefined pointer value [clang-analyzer-core.NullDereference]
85 | if (checks.maxSize && info.narSize > *checks.maxSize)
../src/libstore/build/derivation-check.cc:117:31: warning: 4th function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
117 | throw BuildError(
../src/libstore/build/derivation-check.cc:181:45: warning: 2nd function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
181 | if (auto outputChecks = get(checksPerOutput, outputName))
| 14:08:22 |
| Sergei Zimmerman (xokdvium) | Yeah turned out to be false-positives | 19:22:42 |
| Sergei Zimmerman (xokdvium) | Considering just how hard it's to reproduce (1/50 runs if lucky) I've opened reverts for the prime suspects https://github.com/NixOS/nix/pull/14159. John Ericson | 19:24:35 |
| 6 Oct 2025 |
| Mic92 | I was wondering what we should fuzz with nix, but now I think fuzzing nixpkgs evaluations would be a good start. | 09:12:38 |
| Mic92 | Do we eval nixpkgs/flake-regressions with ASAN enabled? | 09:14:24 |
|  Akshay Sachdeva joined the room. | 13:45:39 |
 fzakaria | fuzz with AFLP? | 16:46:18 |
| fzakaria | can you compile Nix using the AFLP gcc ? | 16:46:38 |
| fzakaria | I mean AFL* | 16:47:16 |
| fzakaria | I think im running AFL on nix eval | 17:24:45 |
|  lovesegfault changed their profile picture. | 17:33:01 |
| lovesegfault changed their profile picture. | 17:33:46 |
| fzakaria | how do you build it with ASAN too? | 18:04:35 |
| fzakaria | oh i see it in doc | 18:05:55 |
| fzakaria | i was trying to build just 'debug' but i was hitting those FORTIFY_SOURCE warnings and build failures | 22:40:41 |
