Build broken for `aarch64-darwin`

[NobbZ]

Hi!

It seems as if aarch64-darwin builds are broken since cf182a8ca4760fae402af31002526634f5d4cad4.

A first glance on the output seems to indicate a missing nix binary when the tests are ran:

nil-unstable>    Compiling builtin v0.0.0 (/private/tmp/nix-build-nil-unstable-2022-09-22.drv-0/source/crates/builtin)
nil-unstable> error: failed to run custom build command for `builtin v0.0.0 (/private/tmp/nix-build-nil-unstable-2022-09-22.drv-0/source/crates/builtin)`
nil-unstable> Caused by:
nil-unstable>   process didn't exit successfully: `/private/tmp/nix-build-nil-unstable-2022-09-22.drv-0/source/target/release/build/builtin-cf5af01c00b80a80/build-script-build` (exit status: 101)
nil-unstable>   --- stdout
nil-unstable>   cargo:rerun-if-changed=build.rs
nil-unstable>   --- stderr
nil-unstable>   thread 'main' panicked at 'Failed to get builtins: Os { code: 2, kind: NotFound, message: "No such file or directory" }', crates/builtin/build.rs:13:10
nil-unstable>   note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
nil-unstable> warning: build failed, waiting for other jobs to finish...

(Only showing relevant output of nix build . within the bisected first bad commit.

Latest commit on main shows the same issue.

[oxalica]

cf182a8ca4760fae402af31002526634f5d4cad4 is known to be bad. But on latest commit, nix is already listed as a build input.

https://github.com/oxalica/nil/blob/3fa46cc956ebd67d77b61a0b7333edd2077c34dd/flake.nix#L27

Could you paste the build log on latest commit? Also you can also try running manually this command, which is used to get all Nix builtins. nix eval --experimental-features nix-command --store dummy:// --json --expr 'builtins.attrNames builtins'

[NobbZ]

I checked again, and newer versions do have indeed a different error message, and I have to admit, I haven't looked carefully. I actually thought I were pasting the error message that I now attach here:

nil-unstable>    Compiling builtin v0.0.0 (/private/tmp/nix-build-nil-unstable-2022-11-14.drv-0/source/crates/builtin)
nil-unstable> error: failed to run custom build command for `builtin v0.0.0 (/private/tmp/nix-build-nil-unstable-2022-11-14.drv-0/source/crates/builtin)`
nil-unstable> Caused by:
nil-unstable>   process didn't exit successfully: `/private/tmp/nix-build-nil-unstable-2022-11-14.drv-0/source/target/release/build/builtin-85c15f4d0ed9324b/build-script-build` (exit status: 101)
nil-unstable>   --- stdout
nil-unstable>   cargo:rerun-if-changed=build.rs
nil-unstable>   --- stderr
nil-unstable>   thread 'main' panicked at 'Failed to get builtins. Is `nix` accessible?: "Command \"nix\" \"eval\" \"--experimental-features\" \"nix-command\" \"--store\" \"dummy://\" \"--json\" \"--expr\" \"builtins.attrNames builtins\" failed: Output { status: ExitStatus(unix_wait_status(6)), stdout: \"\", stderr: \"libc++abi: terminating with uncaught exception of type nix::SysError: \\u{1b}[31;1merror:\\u{1b}[0m getting status of \\u{1b}[35;1m/nix/var/nix/profiles/per-user/root/channels/nixpkgs\\u{1b}[0m: \\u{1b}[35;1mOperation not permitted\\u{1b}[0m\\n\" }"', crates/builtin/build.rs:23:10
nil-unstable>   note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
nil-unstable> warning: build failed, waiting for other jobs to finish...

The error is the same independently of enabling or disabling the sandbox.

The commit I used for build right now was 3fa46cc956ebd67d77b61a0b7333edd2077c34dd. Which seems to be HEAD after a git pull origin.

The command you gave me ran directly gives this:

$ nix eval --experimental-features nix-command --store dummy:// --json --expr 'builtins.attrNames builtins'
["abort","add","addErrorContext","all","any","appendContext","attrNames","attrValues","baseNameOf","bitAnd","bitOr","bitXor","break","builtins","catAttrs","ceil","compareVersions","concatLists","concatMap","concatStringsSep","deepSeq","derivation","derivationStrict","dirOf","div","elem","elemAt","false","fetchGit","fetchMercurial","fetchTarball","fetchTree","fetchurl","filter","filterSource","findFile","floor","foldl'","fromJSON","fromTOML","functionArgs","genList","genericClosure","getAttr","getContext","getEnv","groupBy","hasAttr","hasContext","hashFile","hashString","head","import","intersectAttrs","isAttrs","isBool","isFloat","isFunction","isInt","isList","isNull","isPath","isString","langVersion","length","lessThan","listToAttrs","map","mapAttrs","match","mul","nixPath","nixVersion","null","parseDrvName","partition","path","pathExists","placeholder","readDir","readFile","removeAttrs","replaceStrings","scopedImport","seq","sort","split","splitVersion","storeDir","storePath","stringLength","sub","substring","tail","throw","toFile","toJSON","toPath","toString","toXML","trace","traceVerbose","true","tryEval","typeOf","unsafeDiscardOutputDependency","unsafeDiscardStringContext","unsafeGetAttrPos","zipAttrsWith"]

[NobbZ]

Having read the error with more detail now, it seems as if my first analyzis has been plain wrong.

It is not that nix wasn't found, it seems as if there is a permission error accessing channels outside of the build.

The error is the same, regardless of building with or without a sandbox.

Using --option extra-sandbox-paths /nix/var/nix/profiles/per-user/root/channels/nixpkgs doesn't seem to help either.

Adding or removing channels to make that folder (dis)appear in an act of desperation didn't change anything.

[oxalica]

nil-unstable>   thread 'main' panicked at 'Failed to get builtins. Is `nix` accessible?: "Command \"nix\" \"eval\" \"--experimental-features\" \"nix-command\" \"--store\" \"dummy://\" \"--json\" \"--expr\" \"builtins.attrNames builtins\" failed: Output { status: ExitStatus(unix_wait_status(6)), stdout: \"\", stderr: \"libc++abi: terminating with uncaught exception of type nix::SysError: \\u{1b}[31;1merror:\\u{1b}[0m getting status of \\u{1b}[35;1m/nix/var/nix/profiles/per-user/root/channels/nixpkgs\\u{1b}[0m: \\u{1b}[35;1mOperation not permitted\\u{1b}[0m\\n\" }"', crates/builtin/build.rs:23:10

The error is the same independently of enabling or disabling the sandbox.

The command you gave me ran directly gives this:

$ nix eval --experimental-features nix-command --store dummy:// --json --expr 'builtins.attrNames builtins'
["abort","add","addErrorContext","all","any",...

:thinking: This is strange. They are the same command and are not supposed to read any filesystem path.

For my NixOS on x86_64-linux, I can run that command in an empty bwrap sandbox with no /var.

$ nix run nixpkgs#bubblewrap -- --ro-bind /nix /nix --ro-bind /run /run --dev /dev --proc /proc -- nix eval --experimental-features nix-command --store dummy:// --json --expr 'builtins.attrNames builtins'

Do you have any related changes in /etc/nix/nix.conf or any overlays in ~/.config/nix/?

[NobbZ]

I do not have any problems on my x86_64-linux either, its just the aarch64-darwin that is affected.

I am not aware of any overlays, nor would I expect them to be picked up at all as I am running the flake build. Anyway, I will doublecheck again tomorrow when I have access again to the workstation.

[NobbZ]

There is no folder in ~/.config whichs name would contain nix. So there is also no overlay. I will try to extend this discussion into the matrix space later today.

I get the feeling that this is not related to nil but instead my nix installation is broken. In the meantime I will use nil from nixpkgs on the darwin host.

Also, as other members of the community have not been able to reproduce my problem I will close this issue. I consider it proven that it is something in my installation, nothing with nil.

[janvotava]

Just FYI if someone will come to this issue in the future: pretty sure that I broke my Nix installation in a same way by doing sudo nix-channel --update instead of sudo -i nix-channel --update. Nix reinstall did fix my problem.

[NobbZ]

I do not use channels, though thanks for the tip, I will check if there are some stray channels from installation.

I will also try to re-install nix again, though it feels as if that actually introduced the problem for me.