maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nix-copy-closure: Fix race condition

Browse source 
There is a long-standing race condition when copying a closure to a
remote machine, particularly affecting build-remote.pl: the client
first asks the remote machine which paths it already has, then copies
over the missing paths. If the garbage collector kicks in on the
remote machine between the first and second step, the already-present
paths may be deleted. The missing paths may then refer to deleted
paths, causing nix-copy-closure to fail. The client now performs both
steps using a single remote Nix call (using ‘nix-store --serve’),
locking all paths in the closure while querying.

I changed the --serve protocol a bit (getting rid of QueryCommand), so
this breaks the SSH substituter from older versions. But it was marked
experimental anyway.

Fixes #141.
This commit is contained in:
Eelco Dolstra 2014-07-10 11:51:22 +02:00
parent 2c3a8f787b
commit 04170d06bf
4 changed files with 137 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

98
src/nix-store/nix-store.cc
View file

@ -869,8 +869,12 @@ static void opClearFailedPaths(Strings opFlags, Strings opArgs)
/* Serve the nix store in a way usable by a restricted ssh user. */
static void opServe(Strings opFlags, Strings opArgs)
{
if (!opArgs.empty() || !opFlags.empty())
throw UsageError("no arguments or flags expected");
bool writeAllowed = false;
foreach (Strings::iterator, i, opFlags)
if (*i == "--write") writeAllowed = true;
else throw UsageError(format("unknown flag `%1%'") % *i);
if (!opArgs.empty()) throw UsageError("no arguments expected");
FdSource in(STDIN_FILENO);
FdSink out(STDOUT_FILENO);
@ -883,50 +887,56 @@ static void opServe(Strings opFlags, Strings opArgs)
out.flush();
readInt(in); // Client version, unused for now
ServeCommand cmd = (ServeCommand) readInt(in);
switch (cmd) {
case cmdQuery:
while (true) {
QueryCommand qCmd;
try {
qCmd = (QueryCommand) readInt(in);
} catch (EndOfFile & e) {
break;
}
switch (qCmd) {
case qCmdHave: {
PathSet paths = readStorePaths<PathSet>(in);
writeStrings(store->queryValidPaths(paths), out);
break;
}
case qCmdInfo: {
PathSet paths = readStorePaths<PathSet>(in);
// !!! Maybe we want a queryPathInfos?
foreach (PathSet::iterator, i, paths) {
if (!store->isValidPath(*i))
continue;
ValidPathInfo info = store->queryPathInfo(*i);
writeString(info.path, out);
writeString(info.deriver, out);
writeStrings(info.references, out);
// !!! Maybe we want compression?
writeLongLong(info.narSize, out); // downloadSize
writeLongLong(info.narSize, out);
}
writeString("", out);
break;
}
default:
throw Error(format("unknown serve query `%1%'") % cmd);
}
while (true) {
ServeCommand cmd;
try {
cmd = (ServeCommand) readInt(in);
} catch (EndOfFile & e) {
break;
}
switch (cmd) {
case cmdQueryValidPaths: {
bool lock = readInt(in);
PathSet paths = readStorePaths<PathSet>(in);
if (lock && writeAllowed)
for (auto & path : paths)
store->addTempRoot(path);
writeStrings(store->queryValidPaths(paths), out);
out.flush();
break;
}
break;
case cmdSubstitute:
dumpPath(readStorePath(in), out);
break;
default:
throw Error(format("unknown serve command `%1%'") % cmd);
case cmdQueryPathInfos: {
PathSet paths = readStorePaths<PathSet>(in);
// !!! Maybe we want a queryPathInfos?
foreach (PathSet::iterator, i, paths) {
if (!store->isValidPath(*i))
continue;
ValidPathInfo info = store->queryPathInfo(*i);
writeString(info.path, out);
writeString(info.deriver, out);
writeStrings(info.references, out);
// !!! Maybe we want compression?
writeLongLong(info.narSize, out); // downloadSize
writeLongLong(info.narSize, out);
}
writeString("", out);
out.flush();
break;
}
case cmdDumpStorePath:
dumpPath(readStorePath(in), out);
out.flush();
break;
case cmdImportPaths:
if (!writeAllowed) throw Error("importing paths not allowed");
store->importPaths(false, in);
writeInt(1, out); // indicate success
out.flush();
break;
default:
throw Error(format("unknown serve command %1%") % cmd);
}
}
}