Merge #5537: install nlohmann json headers (into 2.4-maintenance)

[Backport 2.4-maintenance] Release Notes 2.4: add `--indirect` no-op change

.github/workflows/test.yml

@@ -1,20 +1,17 @@
 name: "Test"
-
 on:
   pull_request:
   push:
-
 jobs:
-
   tests:
     needs: [check_cachix]
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest]
     runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
+
     steps:
-    - uses: actions/checkout@v2.3.5
+    - uses: actions/checkout@v2.3.4
       with:
         fetch-depth: 0
     - uses: cachix/install-nix-action@v14.1
@@ -26,7 +23,6 @@ jobs:
         signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
         authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
     - run: nix-build -A checks.$(nix-instantiate --eval -E '(builtins.currentSystem)')
-
   check_cachix:
     name: Cachix secret present for installer tests
     runs-on: ubuntu-latest
@@ -38,7 +34,6 @@ jobs:
         env:
           _CACHIX_SECRETS: ${{ secrets.CACHIX_SIGNING_KEY }}${{ secrets.CACHIX_AUTH_TOKEN }}
         run: echo "::set-output name=secret::${{ env._CACHIX_SECRETS != '' }}"
-
   installer:
     needs: [tests, check_cachix]
     if: github.event_name == 'push' && needs.check_cachix.outputs.secret == 'true'
@@ -46,7 +41,7 @@ jobs:
     outputs:
       installerURL: ${{ steps.prepare-installer.outputs.installerURL }}
     steps:
-    - uses: actions/checkout@v2.3.5
+    - uses: actions/checkout@v2.3.4
       with:
         fetch-depth: 0
     - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
@@ -58,7 +53,6 @@ jobs:
         authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
     - id: prepare-installer
       run: scripts/prepare-installer-for-github-actions
-
   installer_test:
     needs: [installer, check_cachix]
     if: github.event_name == 'push' && needs.check_cachix.outputs.secret == 'true'
@@ -67,7 +61,7 @@ jobs:
         os: [ubuntu-latest, macos-latest]
     runs-on: ${{ matrix.os }}
     steps:
-    - uses: actions/checkout@v2.3.5
+    - uses: actions/checkout@v2.3.4
     - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
     - uses: cachix/install-nix-action@v14.1
       with:

.gitignore

@@ -40,7 +40,6 @@ perl/Makefile.config
 
 # /src/libstore/
 *.gen.*
-/src/libstore/tests/libstore-tests
 
 # /src/libutil/
 /src/libutil/tests/libutil-tests

.version

@@ -1 +1 @@
-2.5
+2.4.1

Makefile

@@ -10,6 +10,7 @@ makefiles = \
   src/libexpr/local.mk \
   src/libcmd/local.mk \
   src/nix/local.mk \
+  src/nlohmann/local.mk \
   src/resolve-system-dependencies/local.mk \
   scripts/local.mk \
   misc/bash/local.mk \

boehmgc-coroutine-sp-fallback.diff

@@ -1,8 +1,8 @@
 diff --git a/pthread_stop_world.c b/pthread_stop_world.c
-index 4b2c429..1fb4c52 100644
+index 1cee6a0b..46c3acd9 100644
 --- a/pthread_stop_world.c
 +++ b/pthread_stop_world.c
-@@ -673,6 +673,8 @@ GC_INNER void GC_push_all_stacks(void)
+@@ -674,6 +674,8 @@ GC_INNER void GC_push_all_stacks(void)
      struct GC_traced_stack_sect_s *traced_stack_sect;
      pthread_t self = pthread_self();
      word total_size = 0;
@@ -11,7 +11,7 @@ index 4b2c429..1fb4c52 100644
  
      if (!EXPECT(GC_thr_initialized, TRUE))
        GC_thr_init();
-@@ -722,6 +724,31 @@ GC_INNER void GC_push_all_stacks(void)
+@@ -723,6 +725,28 @@ GC_INNER void GC_push_all_stacks(void)
            hi = p->altstack + p->altstack_size;
            /* FIXME: Need to scan the normal stack too, but how ? */
            /* FIXME: Assume stack grows down */
@@ -22,9 +22,6 @@ index 4b2c429..1fb4c52 100644
 +          if (pthread_attr_getstacksize(&pattr, &stack_limit)) {
 +            ABORT("GC_push_all_stacks: pthread_attr_getstacksize failed!");
 +          }
-+          if (pthread_attr_destroy(&pattr)) {
-+            ABORT("GC_push_all_stacks: pthread_attr_destroy failed!");
-+          }
 +          // When a thread goes into a coroutine, we lose its original sp until
 +          // control flow returns to the thread.
 +          // While in the coroutine, the sp points outside the thread stack,

doc/manual/local.mk

@@ -12,11 +12,13 @@ man-pages := $(foreach n, \
 clean-files += $(d)/*.1 $(d)/*.5 $(d)/*.8
 
 # Provide a dummy environment for nix, so that it will not access files outside the macOS sandbox.
+# Set cores to 0 because otherwise nix show-config resolves the cores based on the current machine
 dummy-env = env -i \
 	HOME=/dummy \
 	NIX_CONF_DIR=/dummy \
 	NIX_SSL_CERT_FILE=/dummy/no-ca-bundle.crt \
-	NIX_STATE_DIR=/dummy
+	NIX_STATE_DIR=/dummy \
+	NIX_CONFIG='cores = 0'
 
 nix-eval = $(dummy-env) $(bindir)/nix eval --experimental-features nix-command -I nix/corepkgs=corepkgs --store dummy:// --impure --raw
 

doc/manual/src/SUMMARY.md.in

@@ -70,7 +70,6 @@
   - [Hacking](contributing/hacking.md)
   - [CLI guideline](contributing/cli-guideline.md)
 - [Release Notes](release-notes/release-notes.md)
-  - [Release X.Y (202?-??-??)](release-notes/rl-next.md)
   - [Release 2.4 (2021-11-01)](release-notes/rl-2.4.md)
   - [Release 2.3 (2019-09-04)](release-notes/rl-2.3.md)
   - [Release 2.2 (2019-01-11)](release-notes/rl-2.2.md)

doc/manual/src/command-ref/conf-file-prefix.md

@@ -17,7 +17,7 @@ By default Nix reads settings from the following places:
 
     Otherwise it will look for `nix/nix.conf` files in `XDG_CONFIG_DIRS`
     and `XDG_CONFIG_HOME`. If these are unset, it will look in
-    `$HOME/.config/nix/nix.conf`.
+    `$HOME/.config/nix.conf`.
 
   - If `NIX_CONFIG` is set, its contents is treated as the contents of
     a configuration file.

doc/manual/src/command-ref/nix-env.md

@@ -238,7 +238,16 @@ a number of possible ways:
 
 ## Examples
 
-To install a specific version of `gcc` from the active Nix expression:
+To install a package using a specific attribute path from the active Nix expression:
+
+```console
+$ nix-env -iA gcc40mips
+installing `gcc-4.0.2'
+$ nix-env -iA xorg.xorgserver
+installing `xorg-server-1.2.0'
+```
+
+To install a specific version of `gcc` using the derivation name:
 
 ```console
 $ nix-env --install gcc-3.3.2
@@ -246,6 +255,9 @@ installing `gcc-3.3.2'
 uninstalling `gcc-3.1'
 ```
 
+Using attribute path for selecting a package is preferred,
+as it is much faster and there will not be multiple matches.
+
 Note the previously installed version is removed, since
 `--preserve-installed` was not specified.
 
@@ -256,13 +268,6 @@ $ nix-env --install gcc
 installing `gcc-3.3.2'
 ```
 
-To install using a specific attribute:
-
-```console
-$ nix-env -i -A gcc40mips
-$ nix-env -i -A xorg.xorgserver
-```
-
 To install all derivations in the Nix expression `foo.nix`:
 
 ```console
@@ -374,22 +379,29 @@ For the other flags, see `--install`.
 ## Examples
 
 ```console
-$ nix-env --upgrade gcc
+$ nix-env --upgrade -A nixpkgs.gcc
 upgrading `gcc-3.3.1' to `gcc-3.4'
 ```
 
+When there are no updates available, nothing will happen:
+
 ```console
-$ nix-env -u gcc-3.3.2 --always (switch to a specific version)
+$ nix-env --upgrade -A nixpkgs.pan
+```
+
+Using `-A` is preferred when possible, as it is faster and unambiguous but
+it is also possible to upgrade to a specific version by matching the derivation name:
+
+```console
+$ nix-env -u gcc-3.3.2 --always
 upgrading `gcc-3.4' to `gcc-3.3.2'
 ```
 
-```console
-$ nix-env --upgrade pan
-(no upgrades available, so nothing happens)
-```
+To try to upgrade everything
+(matching packages based on the part of the derivation name without version):
 
 ```console
-$ nix-env -u (try to upgrade everything)
+$ nix-env -u
 upgrading `hello-2.1.2' to `hello-2.1.3'
 upgrading `mozilla-1.2' to `mozilla-1.4'
 ```
@@ -401,7 +413,7 @@ of a derivation `x` by looking at their respective `name` attributes.
 The names (e.g., `gcc-3.3.1` are split into two parts: the package name
 (`gcc`), and the version (`3.3.1`). The version part starts after the
 first dash not followed by a letter. `x` is considered an upgrade of `y`
-if their package names match, and the version of `y` is higher than that
+if their package names match, and the version of `y` is higher that that
 of `x`.
 
 The versions are compared by splitting them into contiguous components

doc/manual/src/command-ref/nix-shell.md

@@ -11,8 +11,8 @@
   [`--command` *cmd*]
   [`--run` *cmd*]
   [`--exclude` *regexp*]
-  [`--pure`]
-  [`--keep` *name*]
+  [--pure]
+  [--keep *name*]
   {{`--packages` | `-p`} {*packages* | *expressions*} … | [*path*]}
 
 # Description
@@ -110,19 +110,13 @@ shell in which to build it:
 
 ```console
 $ nix-shell '<nixpkgs>' -A pan
-[nix-shell]$ eval ${unpackPhase:-unpackPhase}
+[nix-shell]$ unpackPhase
 [nix-shell]$ cd pan-*
-[nix-shell]$ eval ${configurePhase:-configurePhase}
-[nix-shell]$ eval ${buildPhase:-buildPhase}
+[nix-shell]$ configurePhase
+[nix-shell]$ buildPhase
 [nix-shell]$ ./pan/gui/pan
 ```
 
-The reason we use form `eval ${configurePhase:-configurePhase}` here is because
-those packages that override these phases do so by exporting the overridden
-values in the environment variable of the same name.
-Here bash is being told to either evaluate the contents of 'configurePhase',
-if it exists as a variable, otherwise evaluate the configurePhase function.
-
 To clear the environment first, and do some additional automatic
 initialisation of the interactive shell:
 

doc/manual/src/command-ref/nix-store.md

@@ -125,7 +125,7 @@ Special exit codes:
 
   - `104`\
     Not deterministic, the build succeeded in check mode but the
-    resulting output is not binary reproducible.
+    resulting output is not binary reproducable.
 
 With the `--keep-going` flag it's possible for multiple failures to
 occur, in this case the 1xx status codes are or combined using binary

doc/manual/src/command-ref/opt-common.md

@@ -162,11 +162,11 @@ Most Nix commands accept the following command-line options:
     }: ...
     ```
 
-    So if you call this Nix expression (e.g., when you do `nix-env -i
+    So if you call this Nix expression (e.g., when you do `nix-env -iA
     pkgname`), the function will be called automatically using the
     value [`builtins.currentSystem`](../expressions/builtins.md) for
     the `system` argument. You can override this using `--arg`, e.g.,
-    `nix-env -i pkgname --arg system \"i686-freebsd\"`. (Note that
+    `nix-env -iA pkgname --arg system \"i686-freebsd\"`. (Note that
     since the argument is a Nix string literal, you have to escape the
     quotes.)
 

doc/manual/src/contributing/cli-guideline.md

@@ -3,7 +3,7 @@
 ## Goals
 
 Purpose of this document is to provide a clear direction to **help design
-delightful command line** experience. This document contains guidelines to
+delightful command line** experience. This document contain guidelines to
 follow to ensure a consistent and approachable user experience.
 
 ## Overview
@@ -115,7 +115,7 @@ The rules are:
 
 - Help is shown by using `--help` or `help` command (eg `nix` `--``help` or
   `nix help`).
-- For non-COMMANDs (eg. `nix` `--``help` and `nix store` `--``help`) we **show
+- For non-COMMANDs (eg. `nix` `--``help`  and `nix store` `--``help`) we **show
   a summary** of most common use cases. Summary is presented on the STDOUT
   without any use of PAGER.
 - For COMMANDs (eg. `nix init` `--``help` or `nix help init`) we display the
@@ -230,8 +230,8 @@ Now **Learn** part of the output is where you educate users. You should only
 show it when you know that a build will take some time and not annoy users of
 the builds that take only few seconds.
 
-Every feature like this should go through an intensive review and testing to
-collect as much feedback as possible and to fine tune every little detail. If
+Every feature like this should go though a intensive review and testing to
+collect as much a feedback as possible and to fine tune every little detail. If
 done right this can be an awesome features beginners and advance users will
 love, but if not done perfectly it will annoy users and leave bad impression.
 
@@ -272,11 +272,11 @@ not know which `ARGUMENTS` and `OPTIONS` are required or which values are
 possible for those options.
 
 In cases, the user might not provide the input or they provide wrong input,
-rather than show the error, prompt a user with an option to find and select
+rather then show the error, prompt a user with an option to find and select
 correct input (see examples).
 
 Prompting is of course not required when TTY is not attached to STDIN. This
-would mean that scripts won't need to handle prompt, but rather handle errors.
+would mean that scripts wont need to handle prompt, but rather handle errors.
 
 A place to use prompt and provide user with interactive select
 
@@ -300,7 +300,7 @@ going to happen.
 ```shell
 $ nix build --option substitutors https://cache.example.org
 ------------------------------------------------------------------------
-  Warning! A security related question needs to be answered.
+  Warning! A security related question need to be answered.
 ------------------------------------------------------------------------
   The following substitutors will be used to in `my-project`: 
     - https://cache.example.org
@@ -311,14 +311,14 @@ $ nix build --option substitutors https://cache.example.org
 
 # Output
 
-Terminal output can be quite limiting in many ways. Which should force us to
+Terminal output can be quite limiting in many ways. Which should forces us to
 think about the experience even more. As with every design the output is a
 compromise between being terse and being verbose, between showing help to
 beginners and annoying advance users. For this it is important that we know
 what are the priorities.
 
 Nix command line should be first and foremost written with beginners in mind.
-But users won't stay beginners for long and what was once useful might quickly
+But users wont stay beginners for long and what was once useful might quickly
 become annoying. There is no golden rule that we can give in this guideline
 that would make it easier how to draw a line and find best compromise.
 
@@ -508,7 +508,7 @@ can, with a few key strokes, be changed into and advance introspection tool.
 
 ### Progress
 
-For longer running commands we should provide and overview the progress.
+For longer running commands we should provide and overview of the progress.
 This is shown best in `nix build` example:
 
 ```shell
@@ -553,7 +553,7 @@ going to happen.
 ```shell
 $ nix build --option substitutors https://cache.example.org
 ------------------------------------------------------------------------
-  Warning! A security related question needs to be answered.
+  Warning! A security related question need to be answered.
 ------------------------------------------------------------------------
   The following substitutors will be used to in `my-project`: 
     - https://cache.example.org

doc/manual/src/expressions/advanced-attributes.md

@@ -237,7 +237,7 @@ Derivations can declare some infrequently used optional attributes.
   - `preferLocalBuild`\
     If this attribute is set to `true` and [distributed building is
     enabled](../advanced-topics/distributed-builds.md), then, if
-    possible, the derivation will be built locally instead of forwarded
+    possible, the derivaton will be built locally instead of forwarded
     to a remote machine. This is appropriate for trivial builders
     where the cost of doing a download or remote build would exceed
     the cost of building locally.

doc/manual/src/expressions/expression-syntax.md

@@ -26,7 +26,7 @@ elements (referenced from the figure by number):
     called with three arguments: `stdenv`, `fetchurl`, and `perl`. They
     are needed to build Hello, but we don't know how to build them here;
     that's why they are function arguments. `stdenv` is a package that
-    is used by almost all Nix Packages; it provides a
+    is used by almost all Nix Packages packages; it provides a
     “standard” environment consisting of the things you would expect
     in a basic Unix environment: a C/C++ compiler (GCC, to be precise),
     the Bash shell, fundamental Unix tools such as `cp`, `grep`, `tar`,

doc/manual/src/expressions/language-values.md

@@ -64,7 +64,7 @@ Nix has the following basic data types:
     the start of each line. To be precise, it strips from each line a
     number of spaces equal to the minimal indentation of the string as a
     whole (disregarding the indentation of empty lines). For instance,
-    the first and second line are indented two spaces, while the third
+    the first and second line are indented two space, while the third
     line is indented four spaces. Thus, two spaces are stripped from
     each line, so the resulting string is
     

doc/manual/src/expressions/simple-building-testing.md

@@ -1,6 +1,6 @@
 # Building and Testing
 
-You can now try to build Hello. Of course, you could do `nix-env -i
+You can now try to build Hello. Of course, you could do `nix-env -f . -iA
 hello`, but you may not want to install a possibly broken package just
 yet. The best way to test the package is by using the command
 `nix-build`, which builds a Nix expression and creates a symlink named

doc/manual/src/installation/building-source.md

@@ -1,9 +1,9 @@
 # Building Nix from Source
 
-After cloning Nix's Git repository, issue the following commands:
+After unpacking or checking out the Nix sources, issue the following
+commands:
 
 ```console
-$ ./bootstrap.sh
 $ ./configure options...
 $ make
 $ make install
@@ -11,6 +11,13 @@ $ make install
 
 Nix requires GNU Make so you may need to invoke `gmake` instead.
 
+When building from the Git repository, these should be preceded by the
+command:
+
+```console
+$ ./bootstrap.sh
+```
+
 The installation path can be specified by passing the `--prefix=prefix`
 to `configure`. The default installation directory is `/usr/local`. You
 can change this to any location you like. You must have write permission

doc/manual/src/installation/installing-source.md

@@ -1,4 +1,4 @@
 # Installing Nix from Source
 
-If no binary package is available or if you want to hack on Nix, you
-can build Nix from its Git repository.
+If no binary package is available, you can download and compile a source
+distribution.

doc/manual/src/installation/obtaining-source.md

@@ -1,9 +1,14 @@
-# Obtaining the Source
+# Obtaining a Source Distribution
 
-The most recent sources of Nix can be obtained from its [Git
-repository](https://github.com/NixOS/nix). For example, the following
-command will check out the latest revision into a directory called
-`nix`:
+The source tarball of the most recent stable release can be downloaded
+from the [Nix homepage](http://nixos.org/nix/download.html). You can
+also grab the [most recent development
+release](http://hydra.nixos.org/job/nix/master/release/latest-finished#tabs-constituents).
+
+Alternatively, the most recent sources of Nix can be obtained from its
+[Git repository](https://github.com/NixOS/nix). For example, the
+following command will check out the latest revision into a directory
+called `nix`:
 
 ```console
 $ git clone https://github.com/NixOS/nix

doc/manual/src/installation/prerequisites-source.md

@@ -2,8 +2,9 @@
 
   - GNU Autoconf (<https://www.gnu.org/software/autoconf/>) and the
     autoconf-archive macro collection
-    (<https://www.gnu.org/software/autoconf-archive/>). These are
-    needed to run the bootstrap script.
+    (<https://www.gnu.org/software/autoconf-archive/>). These are only
+    needed to run the bootstrap script, and are not necessary if your
+    source distribution came with a pre-built `./configure` script.
 
   - GNU Make.
 
@@ -51,7 +52,8 @@
     you need version 2.5.35, which is available on
     [SourceForge](http://lex.sourceforge.net/). Slightly older versions
     may also work, but ancient versions like the ubiquitous 2.5.4a
-    won't.
+    won't. Note that these are only required if you modify the parser or
+    when you are building from the Git repository.
 
   - The `libseccomp` is used to provide syscall filtering on Linux. This
     is an optional dependency and can be disabled passing a

doc/manual/src/introduction.md

@@ -76,7 +76,7 @@ there after an upgrade.  This means that you can _roll back_ to the
 old version:
 
 ```console
-$ nix-env --upgrade some-packages
+$ nix-env --upgrade -A nixpkgs.some-package
 $ nix-env --rollback
 ```
 
@@ -122,12 +122,12 @@ Nix expressions generally describe how to build a package from
 source, so an installation action like
 
 ```console
-$ nix-env --install firefox
+$ nix-env --install -A nixpkgs.firefox
 ```
 
 _could_ cause quite a bit of build activity, as not only Firefox but
 also all its dependencies (all the way up to the C library and the
-compiler) would have to be built, at least if they are not already in the
+compiler) would have to built, at least if they are not already in the
 Nix store.  This is a _source deployment model_.  For most users,
 building from source is not very pleasant as it takes far too long.
 However, Nix can automatically skip building from source and instead

doc/manual/src/package-management/basic-package-mgmt.md

@@ -24,7 +24,7 @@ collection; you could write your own Nix expressions based on Nixpkgs,
 or completely new ones.)
 
 You can manually download the latest version of Nixpkgs from
-<http://nixos.org/nixpkgs/download.html>. However, it’s much more
+<https://github.com/NixOS/nixpkgs>. However, it’s much more
 convenient to use the Nixpkgs [*channel*](channels.md), since it makes
 it easy to stay up to date with new versions of Nixpkgs. Nixpkgs is
 automatically added to your list of “subscribed” channels when you
@@ -47,41 +47,45 @@ $ nix-channel --update
 You can view the set of available packages in Nixpkgs:
 
 ```console
-$ nix-env -qa
-aterm-2.2
-bash-3.0
-binutils-2.15
-bison-1.875d
-blackdown-1.4.2
-bzip2-1.0.2
+$ nix-env -qaP
+nixpkgs.aterm                       aterm-2.2
+nixpkgs.bash                        bash-3.0
+nixpkgs.binutils                    binutils-2.15
+nixpkgs.bison                       bison-1.875d
+nixpkgs.blackdown                   blackdown-1.4.2
+nixpkgs.bzip2                       bzip2-1.0.2
 …
 ```
 
-The flag `-q` specifies a query operation, and `-a` means that you want
+The flag `-q` specifies a query operation, `-a` means that you want
 to show the “available” (i.e., installable) packages, as opposed to the
-installed packages. If you downloaded Nixpkgs yourself, or if you
-checked it out from GitHub, then you need to pass the path to your
-Nixpkgs tree using the `-f` flag:
+installed packages, and `-P` prints the attribute paths that can be used
+to unambiguously select a package for installation (listed in the first column).
+If you downloaded Nixpkgs yourself, or if you checked it out from GitHub,
+then you need to pass the path to your Nixpkgs tree using the `-f` flag:
 
 ```console
-$ nix-env -qaf /path/to/nixpkgs
+$ nix-env -qaPf /path/to/nixpkgs
+aterm                               aterm-2.2
+bash                                bash-3.0
+…
 ```
 
 where */path/to/nixpkgs* is where you’ve unpacked or checked out
 Nixpkgs.
 
-You can select specific packages by name:
+You can filter the packages by name:
 
 ```console
-$ nix-env -qa firefox
-firefox-34.0.5
-firefox-with-plugins-34.0.5
+$ nix-env -qaP firefox
+nixpkgs.firefox-esr                 firefox-91.3.0esr
+nixpkgs.firefox                     firefox-94.0.1
 ```
 
 and using regular expressions:
 
 ```console
-$ nix-env -qa 'firefox.*'
+$ nix-env -qaP 'firefox.*'
 ```
 
 It is also possible to see the *status* of available packages, i.e.,
@@ -89,11 +93,11 @@ whether they are installed into the user environment and/or present in
 the system:
 
 ```console
-$ nix-env -qas
+$ nix-env -qaPs
 …
--PS bash-3.0
---S binutils-2.15
-IPS bison-1.875d
+-PS  nixpkgs.bash                bash-3.0
+--S  nixpkgs.binutils            binutils-2.15
+IPS  nixpkgs.bison               bison-1.875d
 …
 ```
 
@@ -106,13 +110,13 @@ which is Nix’s mechanism for doing binary deployment. It just means that
 Nix knows that it can fetch a pre-built package from somewhere
 (typically a network server) instead of building it locally.
 
-You can install a package using `nix-env -i`. For instance,
+You can install a package using `nix-env -iA`. For instance,
 
 ```console
-$ nix-env -i subversion
+$ nix-env -iA nixpkgs.subversion
 ```
 
-will install the package called `subversion` (which is, of course, the
+will install the package called `subversion` from `nixpkgs` channel (which is, of course, the
 [Subversion version management system](http://subversion.tigris.org/)).
 
 > **Note**
@@ -122,7 +126,7 @@ will install the package called `subversion` (which is, of course, the
 > binary cache <https://cache.nixos.org>; it contains binaries for most
 > packages in Nixpkgs. Only if no binary is available in the binary
 > cache, Nix will build the package from source. So if `nix-env
-> -i subversion` results in Nix building stuff from source, then either
+> -iA nixpkgs.subversion` results in Nix building stuff from source, then either
 > the package is not built for your platform by the Nixpkgs build
 > servers, or your version of Nixpkgs is too old or too new. For
 > instance, if you have a very recent checkout of Nixpkgs, then the
@@ -133,7 +137,10 @@ will install the package called `subversion` (which is, of course, the
 > using a Git checkout of the Nixpkgs tree), you will get binaries for
 > most packages.
 
-Naturally, packages can also be uninstalled:
+Naturally, packages can also be uninstalled. Unlike when installing, you will
+need to use the derivation name (though the version part can be omitted),
+instead of the attribute path, as `nix-env` does not record which attribute
+was used for installing:
 
 ```console
 $ nix-env -e subversion
@@ -143,7 +150,7 @@ Upgrading to a new version is just as easy. If you have a new release of
 Nix Packages, you can do:
 
 ```console
-$ nix-env -u subversion
+$ nix-env -uA nixpkgs.subversion
 ```
 
 This will *only* upgrade Subversion if there is a “newer” version in the

doc/manual/src/package-management/binary-cache-substituter.md

@@ -9,7 +9,7 @@ The daemon that handles binary cache requests via HTTP, `nix-serve`, is
 not part of the Nix distribution, but you can install it from Nixpkgs:
 
 ```console
-$ nix-env -i nix-serve
+$ nix-env -iA nixpkgs.nix-serve
 ```
 
 You can then start the server, listening for HTTP connections on
@@ -35,7 +35,7 @@ On the client side, you can tell Nix to use your binary cache using
 `--option extra-binary-caches`, e.g.:
 
 ```console
-$ nix-env -i firefox --option extra-binary-caches http://avalon:8080/
+$ nix-env -iA nixpkgs.firefox --option extra-binary-caches http://avalon:8080/
 ```
 
 The option `extra-binary-caches` tells Nix to use this binary cache in

doc/manual/src/package-management/profiles.md

@@ -39,7 +39,7 @@ just Subversion 1.1.2 (arrows in the figure indicate symlinks). This
 would be what we would obtain if we had done
 
 ```console
-$ nix-env -i subversion
+$ nix-env -iA nixpkgs.subversion
 ```
 
 on a set of Nix expressions that contained Subversion 1.1.2.
@@ -54,7 +54,7 @@ environment is generated based on the current one. For instance,
 generation 43 was created from generation 42 when we did
 
 ```console
-$ nix-env -i subversion firefox
+$ nix-env -iA nixpkgs.subversion nixpkgs.firefox
 ```
 
 on a set of Nix expressions that contained Firefox and a new version of
@@ -127,7 +127,7 @@ All `nix-env` operations work on the profile pointed to by
 (abbreviation `-p`):
 
 ```console
-$ nix-env -p /nix/var/nix/profiles/other-profile -i subversion
+$ nix-env -p /nix/var/nix/profiles/other-profile -iA nixpkgs.subversion
 ```
 
 This will *not* change the `~/.nix-profile` symlink.

doc/manual/src/package-management/ssh-substituter.md

@@ -6,7 +6,7 @@ automatically fetching any store paths in Firefox’s closure if they are
 available on the server `avalon`:
 
 ```console
-$ nix-env -i firefox --substituters ssh://alice@avalon
+$ nix-env -iA nixpkgs.firefox --substituters ssh://alice@avalon
 ```
 
 This works similar to the binary cache substituter that Nix usually

doc/manual/src/quick-start.md

@@ -19,19 +19,19 @@ to subsequent chapters.
    channel:
 
    ```console
-   $ nix-env -qa
-   docbook-xml-4.3
-   docbook-xml-4.5
-   firefox-33.0.2
-   hello-2.9
-   libxslt-1.1.28
+   $ nix-env -qaP
+   nixpkgs.docbook_xml_dtd_43                    docbook-xml-4.3
+   nixpkgs.docbook_xml_dtd_45                    docbook-xml-4.5
+   nixpkgs.firefox                               firefox-33.0.2
+   nixpkgs.hello                                 hello-2.9
+   nixpkgs.libxslt                               libxslt-1.1.28
    …
    ```
 
 1. Install some packages from the channel:
 
    ```console
-   $ nix-env -i hello
+   $ nix-env -iA nixpkgs.hello
    ```
 
    This should download pre-built packages; it should not build them

doc/manual/src/release-notes/rl-2.4.md

@@ -276,6 +276,9 @@ more than 2800 commits from 195 contributors since release 2.3.
 
 * Plugins can now register `nix` subcommands.
 
+* The `--indirect` flag to `nix-store --add-root` has become a no-op.
+  `--add-root` will always generate indirect GC roots from now on.
+
 ## Incompatible changes
 
 * The `nix` command is now marked as an experimental feature. This

doc/manual/src/release-notes/rl-next.md

@@ -1,5 +0,0 @@
-# Release 2.5 (2021-XX-XX)
-
-* Binary cache stores now have a setting `compression-level`.
-
-* `nix develop` now has a flag `--unpack` to run `unpackPhase`.

docker.nix

@@ -0,0 +1,253 @@
+{ pkgs ? import <nixpkgs> { }
+, lib ? pkgs.lib
+, name ? "nix"
+, tag ? "latest"
+, channelName ? "nixpkgs"
+, channelURL ? "https://nixos.org/channels/nixpkgs-unstable"
+}:
+let
+  defaultPkgs = with pkgs; [
+    nix
+    bashInteractive
+    coreutils-full
+    gnutar
+    gzip
+    gnugrep
+    which
+    curl
+    less
+    wget
+    man
+    cacert.out
+    findutils
+  ];
+
+  users = {
+
+    root = {
+      uid = 0;
+      shell = "/bin/bash";
+      home = "/root";
+      gid = 0;
+    };
+
+  } // lib.listToAttrs (
+    map
+      (
+        n: {
+          name = "nixbld${toString n}";
+          value = {
+            uid = 30000 + n;
+            gid = 30000;
+            groups = [ "nixbld" ];
+            description = "Nix build user ${toString n}";
+          };
+        }
+      )
+      (lib.lists.range 1 32)
+  );
+
+  groups = {
+    root.gid = 0;
+    nixbld.gid = 30000;
+  };
+
+  userToPasswd = (
+    k:
+    { uid
+    , gid ? 65534
+    , home ? "/var/empty"
+    , description ? ""
+    , shell ? "/bin/false"
+    , groups ? [ ]
+    }: "${k}:x:${toString uid}:${toString gid}:${description}:${home}:${shell}"
+  );
+  passwdContents = (
+    lib.concatStringsSep "\n"
+      (lib.attrValues (lib.mapAttrs userToPasswd users))
+  );
+
+  userToShadow = k: { ... }: "${k}:!:1::::::";
+  shadowContents = (
+    lib.concatStringsSep "\n"
+      (lib.attrValues (lib.mapAttrs userToShadow users))
+  );
+
+  # Map groups to members
+  # {
+  #   group = [ "user1" "user2" ];
+  # }
+  groupMemberMap = (
+    let
+      # Create a flat list of user/group mappings
+      mappings = (
+        builtins.foldl'
+          (
+            acc: user:
+              let
+                groups = users.${user}.groups or [ ];
+              in
+              acc ++ map
+                (group: {
+                  inherit user group;
+                })
+                groups
+          )
+          [ ]
+          (lib.attrNames users)
+      );
+    in
+    (
+      builtins.foldl'
+        (
+          acc: v: acc // {
+            ${v.group} = acc.${v.group} or [ ] ++ [ v.user ];
+          }
+        )
+        { }
+        mappings)
+  );
+
+  groupToGroup = k: { gid }:
+    let
+      members = groupMemberMap.${k} or [ ];
+    in
+    "${k}:x:${toString gid}:${lib.concatStringsSep "," members}";
+  groupContents = (
+    lib.concatStringsSep "\n"
+      (lib.attrValues (lib.mapAttrs groupToGroup groups))
+  );
+
+  nixConf = {
+    sandbox = "false";
+    build-users-group = "nixbld";
+    trusted-public-keys = "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=";
+  };
+  nixConfContents = (lib.concatStringsSep "\n" (lib.mapAttrsFlatten (n: v: "${n} = ${v}") nixConf)) + "\n";
+
+  baseSystem =
+    let
+      nixpkgs = pkgs.path;
+      channel = pkgs.runCommand "channel-nixos" { } ''
+        mkdir $out
+        ln -s ${nixpkgs} $out/nixpkgs
+        echo "[]" > $out/manifest.nix
+      '';
+      rootEnv = pkgs.buildPackages.buildEnv {
+        name = "root-profile-env";
+        paths = defaultPkgs;
+      };
+      manifest = pkgs.buildPackages.runCommand "manifest.nix" { } ''
+        cat > $out <<EOF
+        [
+        ${lib.concatStringsSep "\n" (builtins.map (drv: let
+          outputs = drv.outputsToInstall or [ "out" ];
+        in ''
+          {
+            ${lib.concatStringsSep "\n" (builtins.map (output: ''
+              ${output} = { outPath = "${lib.getOutput output drv}"; };
+            '') outputs)}
+            outputs = [ ${lib.concatStringsSep " " (builtins.map (x: "\"${x}\"") outputs)} ];
+            name = "${drv.name}";
+            outPath = "${drv}";
+            system = "${drv.system}";
+            type = "derivation";
+            meta = { };
+          }
+        '') defaultPkgs)}
+        ]
+        EOF
+      '';
+      profile = pkgs.buildPackages.runCommand "user-environment" { } ''
+        mkdir $out
+        cp -a ${rootEnv}/* $out/
+        ln -s ${manifest} $out/manifest.nix
+      '';
+    in
+    pkgs.runCommand "base-system"
+      {
+        inherit passwdContents groupContents shadowContents nixConfContents;
+        passAsFile = [
+          "passwdContents"
+          "groupContents"
+          "shadowContents"
+          "nixConfContents"
+        ];
+        allowSubstitutes = false;
+        preferLocalBuild = true;
+      } ''
+      env
+      set -x
+      mkdir -p $out/etc
+
+      cat $passwdContentsPath > $out/etc/passwd
+      echo "" >> $out/etc/passwd
+
+      cat $groupContentsPath > $out/etc/group
+      echo "" >> $out/etc/group
+
+      cat $shadowContentsPath > $out/etc/shadow
+      echo "" >> $out/etc/shadow
+
+      mkdir -p $out/usr
+      ln -s /nix/var/nix/profiles/share $out/usr/
+
+      mkdir -p $out/nix/var/nix/gcroots
+
+      mkdir $out/tmp
+
+      mkdir -p $out/etc/nix
+      cat $nixConfContentsPath > $out/etc/nix/nix.conf
+
+      mkdir -p $out/root
+      mkdir -p $out/nix/var/nix/profiles/per-user/root
+
+      ln -s ${profile} $out/nix/var/nix/profiles/default-1-link
+      ln -s $out/nix/var/nix/profiles/default-1-link $out/nix/var/nix/profiles/default
+      ln -s /nix/var/nix/profiles/default $out/root/.nix-profile
+
+      ln -s ${channel} $out/nix/var/nix/profiles/per-user/root/channels-1-link
+      ln -s $out/nix/var/nix/profiles/per-user/root/channels-1-link $out/nix/var/nix/profiles/per-user/root/channels
+
+      mkdir -p $out/root/.nix-defexpr
+      ln -s $out/nix/var/nix/profiles/per-user/root/channels $out/root/.nix-defexpr/channels
+      echo "${channelURL} ${channelName}" > $out/root/.nix-channels
+
+      mkdir -p $out/bin $out/usr/bin
+      ln -s ${pkgs.coreutils}/bin/env $out/usr/bin/env
+      ln -s ${pkgs.bashInteractive}/bin/bash $out/bin/sh
+    '';
+
+in
+pkgs.dockerTools.buildLayeredImageWithNixDb {
+
+  inherit name tag;
+
+  contents = [ baseSystem ];
+
+  extraCommands = ''
+    rm -rf nix-support
+    ln -s /nix/var/nix/profiles nix/var/nix/gcroots/profiles
+  '';
+
+  config = {
+    Cmd = [ "/root/.nix-profile/bin/bash" ];
+    Env = [
+      "USER=root"
+      "PATH=${lib.concatStringsSep ":" [
+        "/root/.nix-profile/bin"
+        "/nix/var/nix/profiles/default/bin"
+        "/nix/var/nix/profiles/default/sbin"
+      ]}"
+      "MANPATH=${lib.concatStringsSep ":" [
+        "/root/.nix-profile/share/man"
+        "/nix/var/nix/profiles/default/share/man"
+      ]}"
+      "SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
+      "GIT_SSL_CAINFO=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
+      "NIX_SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
+      "NIX_PATH=/nix/var/nix/profiles/per-user/root/channels:/root/.nix-defexpr/channels"
+    ];
+  };
+
+}

flake.nix

@@ -14,7 +14,7 @@
         then ""
         else "pre${builtins.substring 0 8 (self.lastModifiedDate or self.lastModified or "19700101")}_${self.shortRev or "dirty"}";
 
-      officialRelease = false;
+      officialRelease = true;
 
       linux64BitSystems = [ "x86_64-linux" "aarch64-linux" ];
       linuxSystems = linux64BitSystems ++ [ "i686-linux" ];
@@ -61,7 +61,6 @@
 
         configureFlags =
           lib.optionals stdenv.isLinux [
-            "--with-boost=${boost}/lib"
             "--with-sandbox-shell=${sh}/bin/busybox"
             "LDFLAGS=-fuse-ld=gold"
           ];
@@ -405,6 +404,13 @@
         installerScript = installScriptFor [ "x86_64-linux" "i686-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" "armv6l-linux" "armv7l-linux" ];
         installerScriptForGHA = installScriptFor [ "x86_64-linux" "x86_64-darwin" "armv6l-linux" "armv7l-linux"];
 
+        # docker image with Nix inside
+        dockerImage = nixpkgs.lib.genAttrs linux64BitSystems (system:
+          import ./docker.nix {
+            pkgs = nixpkgsFor.${system};
+            tag = version;
+          });
+
         # Line coverage analysis.
         coverage =
           with nixpkgsFor.x86_64-linux;
@@ -445,12 +451,6 @@
           inherit (self) overlay;
         };
 
-        tests.nssPreload = (import ./tests/nss-preload.nix rec {
-          system = "x86_64-linux";
-          inherit nixpkgs;
-          inherit (self) overlay;
-        });
-
         tests.githubFlakes = (import ./tests/github-flakes.nix rec {
           system = "x86_64-linux";
           inherit nixpkgs;
@@ -489,7 +489,12 @@
             '';
         */
 
-        installTests = forAllSystems (system:
+      };
+
+      checks = forAllSystems (system: {
+        binaryTarball = self.hydraJobs.binaryTarball.${system};
+        perlBindings = self.hydraJobs.perlBindings.${system};
+        installTests =
           let pkgs = nixpkgsFor.${system}; in
           pkgs.runCommand "install-tests" {
             againstSelf = testNixVersions pkgs pkgs.nix pkgs.pkgs.nix;
@@ -501,14 +506,7 @@
             # Disabled because the latest stable version doesn't handle
             # `NIX_DAEMON_SOCKET_PATH` which is required for the tests to work
             # againstLatestStable = testNixVersions pkgs pkgs.nix pkgs.nixStable;
-          } "touch $out");
-
-      };
-
-      checks = forAllSystems (system: {
-        binaryTarball = self.hydraJobs.binaryTarball.${system};
-        perlBindings = self.hydraJobs.perlBindings.${system};
-        installTests = self.hydraJobs.installTests.${system};
+          } "touch $out";
       });
 
       packages = forAllSystems (system: {

maintainers/upload-release.pl

@@ -19,8 +19,6 @@ my $nixpkgsDir = "/home/eelco/Dev/nixpkgs-pristine";
 
 my $TMPDIR = $ENV{'TMPDIR'} // "/tmp";
 
-my $isLatest = ($ENV{'IS_LATEST'} // "") eq "1";
-
 # FIXME: cut&paste from nixos-channel-scripts.
 sub fetch {
     my ($url, $type) = @_;
@@ -37,18 +35,16 @@ sub fetch {
 my $evalUrl = "https://hydra.nixos.org/eval/$evalId";
 my $evalInfo = decode_json(fetch($evalUrl, 'application/json'));
 #print Dumper($evalInfo);
-my $flakeUrl = $evalInfo->{flake} or die;
-my $flakeInfo = decode_json(`nix flake metadata --json "$flakeUrl"` or die);
-my $nixRev = $flakeInfo->{revision} or die;
 
-my $buildInfo = decode_json(fetch("$evalUrl/job/build.x86_64-linux", 'application/json'));
-#print Dumper($buildInfo);
+my $nixRev = $evalInfo->{jobsetevalinputs}->{nix}->{revision} or die;
 
-my $releaseName = $buildInfo->{nixname};
+my $tarballInfo = decode_json(fetch("$evalUrl/job/tarball", 'application/json'));
+
+my $releaseName = $tarballInfo->{releasename};
 $releaseName =~ /nix-(.*)$/ or die;
 my $version = $1;
 
-print STDERR "Flake URL is $flakeUrl, Nix revision is $nixRev, version is $version\n";
+print STDERR "Nix revision is $nixRev, version is $version\n";
 
 my $releaseDir = "nix/$releaseName";
 
@@ -108,6 +104,8 @@ sub downloadFile {
     return $sha256_expected;
 }
 
+downloadFile("tarball", "2"); # .tar.bz2
+my $tarballHash = downloadFile("tarball", "3"); # .tar.xz
 downloadFile("binaryTarball.i686-linux", "1");
 downloadFile("binaryTarball.x86_64-linux", "1");
 downloadFile("binaryTarball.aarch64-linux", "1");
@@ -136,38 +134,42 @@ for my $fn (glob "$tmpDir/*") {
     }
 }
 
+exit if $version =~ /pre/;
+
 # Update nix-fallback-paths.nix.
-if ($isLatest) {
-    system("cd $nixpkgsDir && git pull") == 0 or die;
+system("cd $nixpkgsDir && git pull") == 0 or die;
 
-    sub getStorePath {
-        my ($jobName) = @_;
-        my $buildInfo = decode_json(fetch("$evalUrl/job/$jobName", 'application/json'));
-        return $buildInfo->{buildoutputs}->{out}->{path} or die "cannot get store path for '$jobName'";
+sub getStorePath {
+    my ($jobName) = @_;
+    my $buildInfo = decode_json(fetch("$evalUrl/job/$jobName", 'application/json'));
+    for my $product (values %{$buildInfo->{buildproducts}}) {
+        next unless $product->{type} eq "nix-build";
+        next if $product->{path} =~ /[a-z]+$/;
+        return $product->{path};
     }
-
-    write_file("$nixpkgsDir/nixos/modules/installer/tools/nix-fallback-paths.nix",
-               "{\n" .
-               "  x86_64-linux = \"" . getStorePath("build.x86_64-linux") . "\";\n" .
-               "  i686-linux = \"" . getStorePath("build.i686-linux") . "\";\n" .
-               "  aarch64-linux = \"" . getStorePath("build.aarch64-linux") . "\";\n" .
-               "  x86_64-darwin = \"" . getStorePath("build.x86_64-darwin") . "\";\n" .
-               "  aarch64-darwin = \"" . getStorePath("build.aarch64-darwin") . "\";\n" .
-               "}\n");
-
-    system("cd $nixpkgsDir && git commit -a -m 'nix-fallback-paths.nix: Update to $version'") == 0 or die;
+    die;
 }
 
+write_file("$nixpkgsDir/nixos/modules/installer/tools/nix-fallback-paths.nix",
+           "{\n" .
+           "  x86_64-linux = \"" . getStorePath("build.x86_64-linux") . "\";\n" .
+           "  i686-linux = \"" . getStorePath("build.i686-linux") . "\";\n" .
+           "  aarch64-linux = \"" . getStorePath("build.aarch64-linux") . "\";\n" .
+           "  x86_64-darwin = \"" . getStorePath("build.x86_64-darwin") . "\";\n" .
+           "  aarch64-darwin = \"" . getStorePath("build.aarch64-darwin") . "\";\n" .
+           "}\n");
+
+system("cd $nixpkgsDir && git commit -a -m 'nix-fallback-paths.nix: Update to $version'") == 0 or die;
+
 # Update the "latest" symlink.
 $channelsBucket->add_key(
     "nix-latest/install", "",
     { "x-amz-website-redirect-location" => "https://releases.nixos.org/$releaseDir/install" })
-    or die $channelsBucket->err . ": " . $channelsBucket->errstr
-    if $isLatest;
+    or die $channelsBucket->err . ": " . $channelsBucket->errstr;
 
 # Tag the release in Git.
 chdir("/home/eelco/Dev/nix-pristine") or die;
 system("git remote update origin") == 0 or die;
 system("git tag --force --sign $version $nixRev -m 'Tagging release $version'") == 0 or die;
 system("git push --tags") == 0 or die;
-system("git push --force-with-lease origin $nixRev:refs/heads/latest-release") == 0 or die if $isLatest;
+system("git push --force-with-lease origin $nixRev:refs/heads/latest-release") == 0 or die;

perl/lib/Nix/Config.pm.in

@@ -1,6 +1,7 @@
 package Nix::Config;
 
 use MIME::Base64;
+use Nix::Store;
 
 $version = "@PACKAGE_VERSION@";
 

scripts/install-multi-user.sh

@@ -599,7 +599,7 @@ manager. This will happen in a few stages:
 1. Make sure your computer doesn't already have Nix. If it does, I
    will show you instructions on how to clean up your old install.
 
-2. Show you what I am going to install and where. Then I will ask
+2. Show you what we are going to install and where. Then we will ask
    if you are ready to continue.
 
 3. Create the system users and groups that the Nix daemon uses to run
@@ -614,14 +614,14 @@ manager. This will happen in a few stages:
 
 EOF
 
-    if ui_confirm "Would you like to see a more detailed list of what I will do?"; then
+    if ui_confirm "Would you like to see a more detailed list of what we will do?"; then
         cat <<EOF
 
-I will:
+We will:
 
  - make sure your computer doesn't already have Nix files
    (if it does, I will tell you how to clean them up.)
- - create local users (see the list above for the users I'll make)
+ - create local users (see the list above for the users we'll make)
  - create a local group ($NIX_BUILD_GROUP_NAME)
  - install Nix in to $NIX_ROOT
  - create a configuration file in /etc/nix
@@ -656,7 +656,7 @@ run in a headless fashion, like this:
 
   $ curl -L https://nixos.org/nix/install | sh
 
-or maybe in a CI pipeline. Because of that, I'm going to skip the
+or maybe in a CI pipeline. Because of that, we're going to skip the
 verbose output in the interest of brevity.
 
 If you would like to
@@ -670,7 +670,7 @@ EOF
     fi
 
     cat <<EOF
-This script is going to call sudo a lot. Every time I do, it'll
+This script is going to call sudo a lot. Every time we do, it'll
 output exactly what it'll do, and why.
 
 Just like this:
@@ -682,15 +682,15 @@ EOF
     cat <<EOF
 
 This might look scary, but everything can be undone by running just a
-few commands. I used to ask you to confirm each time sudo ran, but it
+few commands. We used to ask you to confirm each time sudo ran, but it
 was too many times. Instead, I'll just ask you this one time:
 
 EOF
-    if ui_confirm "Can I use sudo?"; then
+    if ui_confirm "Can we use sudo?"; then
         ok "Yay! Thanks! Let's get going!"
     else
         failure <<EOF
-That is okay, but I can't install.
+That is okay, but we can't install.
 EOF
     fi
 }
@@ -811,8 +811,8 @@ main() {
     # pre-Catalina macOS if run as root user.
     if [ $EUID -eq 0 ]; then
         failure <<EOF
-Please do not run this script with root privileges. I will call sudo
-when I need to.
+Please do not run this script with root privileges. We will call sudo
+when we need to.
 EOF
     fi
 

scripts/install-nix-from-closure.sh

@@ -38,7 +38,7 @@ fi
 
 # Determine if we could use the multi-user installer or not
 if [ "$(uname -s)" = "Linux" ]; then
-    echo "Note: a multi-user installation is possible. See https://nixos.org/nix/manual/#sect-multi-user-installation" >&2
+    echo "Note: a multi-user installation is possible. See https://nixos.org/manual/nix/stable/installation/installing-binary.html#multi-user-installation" >&2
 fi
 
 case "$(uname -s)" in
@@ -98,7 +98,7 @@ while [ $# -gt 0 ]; do
                 echo "              providing multi-user support and better isolation for local builds."
                 echo "              Both for security and reproducibility, this method is recommended if"
                 echo "              supported on your platform."
-                echo "              See https://nixos.org/nix/manual/#sect-multi-user-installation"
+                echo "              See https://nixos.org/manual/nix/stable/installation/installing-binary.html#multi-user-installation"
                 echo ""
                 echo " --no-daemon: Simple, single-user installation that does not require root and is"
                 echo "              trivial to uninstall."
@@ -144,7 +144,7 @@ if ! [ -e $dest ]; then
 fi
 
 if ! [ -w $dest ]; then
-    echo "$0: directory $dest exists, but is not writable by you. This could indicate that another user has already performed a single-user installation of Nix on this system. If you wish to enable multi-user support see https://nixos.org/nix/manual/#ssec-multi-user. If you wish to continue with a single-user install for $USER please run 'chown -R $USER $dest' as root." >&2
+    echo "$0: directory $dest exists, but is not writable by you. This could indicate that another user has already performed a single-user installation of Nix on this system. If you wish to enable multi-user support see https://nixos.org/manual/nix/stable/installation/multi-user.html. If you wish to continue with a single-user install for $USER please run 'chown -R $USER $dest' as root." >&2
     exit 1
 fi
 

src/build-remote/build-remote.cc

@@ -18,7 +18,6 @@
 #include "derivations.hh"
 #include "local-store.hh"
 #include "legacy.hh"
-#include "experimental-features.hh"
 
 using namespace nix;
 using std::cin;
@@ -299,7 +298,7 @@ connected:
 
         std::set<Realisation> missingRealisations;
         StorePathSet missingPaths;
-        if (settings.isExperimentalFeatureEnabled(Xp::CaDerivations) && !derivationHasKnownOutputPaths(drv.type())) {
+        if (settings.isExperimentalFeatureEnabled("ca-derivations") && !derivationHasKnownOutputPaths(drv.type())) {
             for (auto & outputName : wantedOutputs) {
                 auto thisOutputHash = outputHashes.at(outputName);
                 auto thisOutputId = DrvOutput{ thisOutputHash, outputName };
@@ -331,7 +330,7 @@ connected:
         for (auto & realisation : missingRealisations) {
             // Should hold, because if the feature isn't enabled the set
             // of missing realisations should be empty
-            settings.requireExperimentalFeature(Xp::CaDerivations);
+            settings.requireExperimentalFeature("ca-derivations");
             store->registerDrvOutput(realisation);
         }
 

src/libcmd/installables.cc

@@ -714,7 +714,7 @@ BuiltPaths getBuiltPaths(ref<Store> evalStore, ref<Store> store, const DerivedPa
                                 "the derivation '%s' doesn't have an output named '%s'",
                                 store->printStorePath(bfd.drvPath), output);
                         if (settings.isExperimentalFeatureEnabled(
-                                Xp::CaDerivations)) {
+                                "ca-derivations")) {
                             auto outputId =
                                 DrvOutput{outputHashes.at(output), output};
                             auto realisation =

src/libexpr/eval.cc

@@ -127,7 +127,6 @@ void printValue(std::ostream & str, std::set<const Value *> & active, const Valu
         break;
     case tThunk:
     case tApp:
-    case tPartialApp:
         str << "<CODE>";
         break;
     case tLambda:
@@ -467,7 +466,7 @@ EvalState::~EvalState()
 
 
 void EvalState::requireExperimentalFeatureOnEvaluation(
-    const ExperimentalFeature & feature,
+    const std::string & feature,
     const std::string_view fName,
     const Pos & pos)
 {
@@ -584,17 +583,11 @@ Value * EvalState::addConstant(const string & name, Value & v)
 {
     Value * v2 = allocValue();
     *v2 = v;
-    addConstant(name, v2);
-    return v2;
-}
-
-
-void EvalState::addConstant(const string & name, Value * v)
-{
-    staticBaseEnv.vars.emplace_back(symbols.create(name), baseEnvDispl);
-    baseEnv.values[baseEnvDispl++] = v;
+    staticBaseEnv.vars[symbols.create(name)] = baseEnvDispl;
+    baseEnv.values[baseEnvDispl++] = v2;
     string name2 = string(name, 0, 2) == "__" ? string(name, 2) : name;
-    baseEnv.values[0]->attrs->push_back(Attr(symbols.create(name2), v));
+    baseEnv.values[0]->attrs->push_back(Attr(symbols.create(name2), v2));
+    return v2;
 }
 
 
@@ -616,7 +609,7 @@ Value * EvalState::addPrimOp(const string & name,
 
     Value * v = allocValue();
     v->mkPrimOp(new PrimOp { .fun = primOp, .arity = arity, .name = sym });
-    staticBaseEnv.vars.emplace_back(symbols.create(name), baseEnvDispl);
+    staticBaseEnv.vars[symbols.create(name)] = baseEnvDispl;
     baseEnv.values[baseEnvDispl++] = v;
     baseEnv.values[0]->attrs->push_back(Attr(sym, v));
     return v;
@@ -642,7 +635,7 @@ Value * EvalState::addPrimOp(PrimOp && primOp)
 
     Value * v = allocValue();
     v->mkPrimOp(new PrimOp(std::move(primOp)));
-    staticBaseEnv.vars.emplace_back(envName, baseEnvDispl);
+    staticBaseEnv.vars[envName] = baseEnvDispl;
     baseEnv.values[baseEnvDispl++] = v;
     baseEnv.values[0]->attrs->push_back(Attr(primOp.name, v));
     return v;
@@ -792,7 +785,7 @@ void mkPath(Value & v, const char * s)
 
 inline Value * EvalState::lookupVar(Env * env, const ExprVar & var, bool noEval)
 {
-    for (auto l = var.level; l; --l, env = env->up) ;
+    for (size_t l = var.level; l; --l, env = env->up) ;
 
     if (!var.fromWith) return env->values[var.displ];
 
@@ -1065,7 +1058,7 @@ void ExprAttrs::eval(EvalState & state, Env & env, Value & v)
         /* The recursive attributes are evaluated in the new
            environment, while the inherited attributes are evaluated
            in the original environment. */
-        Displacement displ = 0;
+        size_t displ = 0;
         for (auto & i : attrs) {
             Value * vAttr;
             if (hasOverrides && !i.second.inherited) {
@@ -1141,7 +1134,7 @@ void ExprLet::eval(EvalState & state, Env & env, Value & v)
     /* The recursive attributes are evaluated in the new environment,
        while the inherited attributes are evaluated in the original
        environment. */
-    Displacement displ = 0;
+    size_t displ = 0;
     for (auto & i : attrs->attrs)
         env2.values[displ++] = i.second.e->maybeThunk(state, i.second.inherited ? env : env2);
 
@@ -1258,236 +1251,144 @@ void ExprLambda::eval(EvalState & state, Env & env, Value & v)
 }
 
 
-void EvalState::callFunction(Value & fun, size_t nrArgs, Value * * args, Value & vRes, const Pos & pos)
+void ExprApp::eval(EvalState & state, Env & env, Value & v)
+{
+    /* FIXME: vFun prevents GCC from doing tail call optimisation. */
+    Value vFun;
+    e1->eval(state, env, vFun);
+    state.callFunction(vFun, *(e2->maybeThunk(state, env)), v, pos);
+}
+
+
+void EvalState::callPrimOp(Value & fun, Value & arg, Value & v, const Pos & pos)
+{
+    /* Figure out the number of arguments still needed. */
+    size_t argsDone = 0;
+    Value * primOp = &fun;
+    while (primOp->isPrimOpApp()) {
+        argsDone++;
+        primOp = primOp->primOpApp.left;
+    }
+    assert(primOp->isPrimOp());
+    auto arity = primOp->primOp->arity;
+    auto argsLeft = arity - argsDone;
+
+    if (argsLeft == 1) {
+        /* We have all the arguments, so call the primop. */
+
+        /* Put all the arguments in an array. */
+        Value * vArgs[arity];
+        auto n = arity - 1;
+        vArgs[n--] = &arg;
+        for (Value * arg = &fun; arg->isPrimOpApp(); arg = arg->primOpApp.left)
+            vArgs[n--] = arg->primOpApp.right;
+
+        /* And call the primop. */
+        nrPrimOpCalls++;
+        if (countCalls) primOpCalls[primOp->primOp->name]++;
+        primOp->primOp->fun(*this, pos, vArgs, v);
+    } else {
+        Value * fun2 = allocValue();
+        *fun2 = fun;
+        v.mkPrimOpApp(fun2, &arg);
+    }
+}
+
+void EvalState::callFunction(Value & fun, Value & arg, Value & v, const Pos & pos)
 {
     auto trace = evalSettings.traceFunctionCalls ? std::make_unique<FunctionCallTrace>(pos) : nullptr;
 
     forceValue(fun, pos);
 
-    Value vCur(fun);
-
-    auto makeAppChain = [&]()
-    {
-        vRes = vCur;
-        for (size_t i = 0; i < nrArgs; ++i) {
-            auto fun2 = allocValue();
-            *fun2 = vRes;
-            vRes.mkPrimOpApp(fun2, args[i]);
-        }
-    };
-
-    auto callLambda = [&](Env * env, ExprLambda & lambda, Value * * args)
-    {
-        Env & env2(allocEnv(lambda.envSize));
-        env2.up = env;
-
-        Displacement displ = 0;
-
-        for (auto & arg : lambda.args) {
-            auto vArg = *args++;
-
-            if (arg.arg != sEpsilon)
-                env2.values[displ++] = vArg;
-
-            if (arg.formals) {
-                forceAttrs(*vArg, pos);
-
-                /* For each formal argument, get the actual argument.  If
-                   there is no matching actual argument but the formal
-                   argument has a default, use the default. */
-                size_t attrsUsed = 0;
-                for (auto & i : arg.formals->formals) {
-                    auto j = vArg->attrs->get(i.name);
-                    if (!j) {
-                        if (!i.def) throwTypeError(pos, "%1% called without required argument '%2%'",
-                            lambda, i.name);
-                        env2.values[displ++] = i.def->maybeThunk(*this, env2);
-                    } else {
-                        attrsUsed++;
-                        env2.values[displ++] = j->value;
-                    }
-                }
-
-                /* Check that each actual argument is listed as a formal
-                   argument (unless the attribute match specifies a `...'). */
-                if (!arg.formals->ellipsis && attrsUsed != vArg->attrs->size()) {
-                    /* Nope, so show the first unexpected argument to the
-                       user. */
-                    for (auto & i : *vArg->attrs)
-                        if (arg.formals->argNames.find(i.name) == arg.formals->argNames.end())
-                            throwTypeError(pos, "%1% called with unexpected argument '%2%'", lambda, i.name);
-                    abort(); // can't happen
-                }
-            }
-        }
-
-        assert(displ == lambda.envSize);
-
-        nrFunctionCalls++;
-        if (countCalls) incrFunctionCall(&lambda);
-
-        /* Evaluate the body. */
-        try {
-            lambda.body->eval(*this, env2, vCur);
-        } catch (Error & e) {
-            if (loggerSettings.showTrace) {
-                addErrorTrace(e, lambda.pos, "while evaluating %s",
-                    (lambda.name.set()
-                        ? "'" + (string) lambda.name + "'"
-                        : "anonymous lambda"));
-                addErrorTrace(e, pos, "from call site%s", "");
-            }
-            throw;
-        }
-    };
-
-    while (nrArgs > 0) {
-
-        if (vCur.isLambda()) {
-
-            ExprLambda & lambda(*vCur.lambda.fun);
-
-            if (nrArgs < lambda.args.size()) {
-                vRes = vCur;
-                for (size_t i = 0; i < nrArgs; ++i) {
-                    auto fun2 = allocValue();
-                    *fun2 = vRes;
-                    vRes.mkPartialApp(fun2, args[i]);
-                }
-                return;
-            } else {
-                callLambda(vCur.lambda.env, lambda, args);
-                nrArgs -= lambda.args.size();
-                args += lambda.args.size();
-            }
-        }
-
-        else if (vCur.isPartialApp()) {
-            /* Figure out the number of arguments still needed. */
-            size_t argsDone = 0;
-            Value * lambda = &vCur;
-            while (lambda->isPartialApp()) {
-                argsDone++;
-                lambda = lambda->app.left;
-            }
-            assert(lambda->isLambda());
-            auto arity = lambda->lambda.fun->args.size();
-            auto argsLeft = arity - argsDone;
-
-            if (nrArgs < argsLeft) {
-                /* We still don't have enough arguments, so extend the tPartialApp chain. */
-                vRes = vCur;
-                for (size_t i = 0; i < nrArgs; ++i) {
-                    auto fun2 = allocValue();
-                    *fun2 = vRes;
-                    vRes.mkPartialApp(fun2, args[i]);
-                }
-                return;
-            } else {
-                /* We have all the arguments, so call the function
-                   with the previous and new arguments. */
-
-                Value * vArgs[arity];
-                auto n = argsDone;
-                for (Value * arg = &vCur; arg->isPartialApp(); arg = arg->app.left)
-                    vArgs[--n] = arg->app.right;
-
-                for (size_t i = 0; i < argsLeft; ++i)
-                    vArgs[argsDone + i] = args[i];
-
-                nrArgs -= argsLeft;
-                args += argsLeft;
-
-                callLambda(lambda->lambda.env, *lambda->lambda.fun, vArgs);
-            }
-        }
-
-        else if (vCur.isPrimOp()) {
-
-            size_t argsLeft = vCur.primOp->arity;
-
-            if (nrArgs < argsLeft) {
-                /* We don't have enough arguments, so create a tPrimOpApp chain. */
-                makeAppChain();
-                return;
-            } else {
-                /* We have all the arguments, so call the primop. */
-                nrPrimOpCalls++;
-                if (countCalls) primOpCalls[vCur.primOp->name]++;
-                vCur.primOp->fun(*this, pos, args, vCur);
-
-                nrArgs -= argsLeft;
-                args += argsLeft;
-            }
-        }
-
-        else if (vCur.isPrimOpApp()) {
-            /* Figure out the number of arguments still needed. */
-            size_t argsDone = 0;
-            Value * primOp = &vCur;
-            while (primOp->isPrimOpApp()) {
-                argsDone++;
-                primOp = primOp->primOpApp.left;
-            }
-            assert(primOp->isPrimOp());
-            auto arity = primOp->primOp->arity;
-            auto argsLeft = arity - argsDone;
-
-            if (nrArgs < argsLeft) {
-                /* We still don't have enough arguments, so extend the tPrimOpApp chain. */
-                makeAppChain();
-                return;
-            } else {
-                /* We have all the arguments, so call the primop with
-                   the previous and new arguments. */
-
-                Value * vArgs[arity];
-                auto n = argsDone;
-                for (Value * arg = &vCur; arg->isPrimOpApp(); arg = arg->primOpApp.left)
-                    vArgs[--n] = arg->primOpApp.right;
-
-                for (size_t i = 0; i < argsLeft; ++i)
-                    vArgs[argsDone + i] = args[i];
-
-                nrPrimOpCalls++;
-                if (countCalls) primOpCalls[primOp->primOp->name]++;
-                primOp->primOp->fun(*this, pos, vArgs, vCur);
-
-                nrArgs -= argsLeft;
-                args += argsLeft;
-            }
-        }
-
-        else if (vCur.type() == nAttrs) {
-            if (auto functor = vCur.attrs->get(sFunctor)) {
-                /* 'vCur" may be allocated on the stack of the calling
-                   function, but for functors we may keep a reference,
-                   so heap-allocate a copy and use that instead. */
-                Value * args2[] = {allocValue()};
-                *args2[0] = vCur;
-                /* !!! Should we use the attr pos here? */
-                callFunction(*functor->value, 1, args2, vCur, pos);
-            }
-        }
-
-        else
-            throwTypeError(pos, "attempt to call something which is not a function but %1%", vCur);
+    if (fun.isPrimOp() || fun.isPrimOpApp()) {
+        callPrimOp(fun, arg, v, pos);
+        return;
     }
 
-    vRes = vCur;
-}
+    if (fun.type() == nAttrs) {
+      auto found = fun.attrs->find(sFunctor);
+      if (found != fun.attrs->end()) {
+        /* fun may be allocated on the stack of the calling function,
+         * but for functors we may keep a reference, so heap-allocate
+         * a copy and use that instead.
+         */
+        auto & fun2 = *allocValue();
+        fun2 = fun;
+        /* !!! Should we use the attr pos here? */
+        Value v2;
+        callFunction(*found->value, fun2, v2, pos);
+        return callFunction(v2, arg, v, pos);
+      }
+    }
 
+    if (!fun.isLambda())
+        throwTypeError(pos, "attempt to call something which is not a function but %1%", fun);
 
-void ExprCall::eval(EvalState & state, Env & env, Value & v)
-{
-    Value vFun;
-    fun->eval(state, env, vFun);
+    ExprLambda & lambda(*fun.lambda.fun);
 
-    Value * vArgs[args.size()];
-    for (size_t i = 0; i < args.size(); ++i)
-        vArgs[i] = args[i]->maybeThunk(state, env);
+    auto size =
+        (lambda.arg.empty() ? 0 : 1) +
+        (lambda.hasFormals() ? lambda.formals->formals.size() : 0);
+    Env & env2(allocEnv(size));
+    env2.up = fun.lambda.env;
 
-    state.callFunction(vFun, args.size(), vArgs, v, pos);
+    size_t displ = 0;
+
+    if (!lambda.hasFormals())
+        env2.values[displ++] = &arg;
+
+    else {
+        forceAttrs(arg, pos);
+
+        if (!lambda.arg.empty())
+            env2.values[displ++] = &arg;
+
+        /* For each formal argument, get the actual argument.  If
+           there is no matching actual argument but the formal
+           argument has a default, use the default. */
+        size_t attrsUsed = 0;
+        for (auto & i : lambda.formals->formals) {
+            Bindings::iterator j = arg.attrs->find(i.name);
+            if (j == arg.attrs->end()) {
+                if (!i.def) throwTypeError(pos, "%1% called without required argument '%2%'",
+                    lambda, i.name);
+                env2.values[displ++] = i.def->maybeThunk(*this, env2);
+            } else {
+                attrsUsed++;
+                env2.values[displ++] = j->value;
+            }
+        }
+
+        /* Check that each actual argument is listed as a formal
+           argument (unless the attribute match specifies a `...'). */
+        if (!lambda.formals->ellipsis && attrsUsed != arg.attrs->size()) {
+            /* Nope, so show the first unexpected argument to the
+               user. */
+            for (auto & i : *arg.attrs)
+                if (lambda.formals->argNames.find(i.name) == lambda.formals->argNames.end())
+                    throwTypeError(pos, "%1% called with unexpected argument '%2%'", lambda, i.name);
+            abort(); // can't happen
+        }
+    }
+
+    nrFunctionCalls++;
+    if (countCalls) incrFunctionCall(&lambda);
+
+    /* Evaluate the body.  This is conditional on showTrace, because
+       catching exceptions makes this function not tail-recursive. */
+    if (loggerSettings.showTrace.get())
+        try {
+            lambda.body->eval(*this, env2, v);
+        } catch (Error & e) {
+            addErrorTrace(e, lambda.pos, "while evaluating %s",
+              (lambda.name.set()
+                  ? "'" + (string) lambda.name + "'"
+                  : "anonymous lambda"));
+            addErrorTrace(e, pos, "from call site%s", "");
+            throw;
+        }
+    else
+        fun.lambda.fun->body->eval(*this, env2, v);
 }
 
 
@@ -1513,48 +1414,42 @@ void EvalState::autoCallFunction(Bindings & args, Value & fun, Value & res)
         }
     }
 
-    if (!fun.isLambda()) {
+    if (!fun.isLambda() || !fun.lambda.fun->hasFormals()) {
         res = fun;
         return;
     }
 
-    Value * actualArgs[fun.lambda.fun->args.size()];
+    Value * actualArgs = allocValue();
+    mkAttrs(*actualArgs, std::max(static_cast<uint32_t>(fun.lambda.fun->formals->formals.size()), args.size()));
 
-    for (const auto & [i, arg] : enumerate(fun.lambda.fun->args)) {
-        if (!arg.formals) {
-            res = fun;
-            return;
+    if (fun.lambda.fun->formals->ellipsis) {
+        // If the formals have an ellipsis (eg the function accepts extra args) pass
+        // all available automatic arguments (which includes arguments specified on
+        // the command line via --arg/--argstr)
+        for (auto& v : args) {
+            actualArgs->attrs->push_back(v);
         }
-
-        actualArgs[i] = allocValue();
-        mkAttrs(*actualArgs[i], std::max(arg.formals->formals.size(), static_cast<size_t>(args.size())));
-
-        if (arg.formals->ellipsis) {
-            /* If the formals have an ellipsis (i.e. the function
-               accepts extra args), pass all available automatic
-               arguments. */
-            for (auto & v : args)
-                actualArgs[i]->attrs->push_back(v);
-        } else {
-            /* Otherwise, only pass the arguments that the function
-               accepts. */
-            for (auto & j : arg.formals->formals) {
-                if (auto attr = args.get(j.name))
-                    actualArgs[i]->attrs->push_back(*attr);
-                else if (!j.def)
-                    throwMissingArgumentError(j.pos, R"(cannot evaluate a function that has an argument without a value ('%1%')
+    } else {
+        // Otherwise, only pass the arguments that the function accepts
+        for (auto & i : fun.lambda.fun->formals->formals) {
+            Bindings::iterator j = args.find(i.name);
+            if (j != args.end()) {
+                actualArgs->attrs->push_back(*j);
+            } else if (!i.def) {
+                throwMissingArgumentError(i.pos, R"(cannot evaluate a function that has an argument without a value ('%1%')
 
 Nix attempted to evaluate a function as a top level expression; in
 this case it must have its arguments supplied either by default
 values, or passed explicitly with '--arg' or '--argstr'. See
-https://nixos.org/manual/nix/stable/#ss-functions.)", j.name);
+https://nixos.org/manual/nix/stable/#ss-functions.)", i.name);
+
             }
         }
-
-        actualArgs[i]->attrs->sort();
     }
 
-    callFunction(fun, fun.lambda.fun->args.size(), actualArgs, res, noPos);
+    actualArgs->attrs->sort();
+
+    callFunction(fun, *actualArgs, res, noPos);
 }
 
 

src/libexpr/eval.hh

@@ -5,7 +5,6 @@
 #include "nixexpr.hh"
 #include "symbol-table.hh"
 #include "config.hh"
-#include "experimental-features.hh"
 
 #include <map>
 #include <optional>
@@ -142,7 +141,7 @@ public:
     ~EvalState();
 
     void requireExperimentalFeatureOnEvaluation(
-        const ExperimentalFeature &,
+        const std::string & feature,
         const std::string_view fName,
         const Pos & pos
     );
@@ -277,8 +276,6 @@ private:
 
     Value * addConstant(const string & name, Value & v);
 
-    void addConstant(const string & name, Value * v);
-
     Value * addPrimOp(const string & name,
         size_t arity, PrimOpFun primOp);
 
@@ -318,14 +315,8 @@ public:
 
     bool isFunctor(Value & fun);
 
-    // FIXME: use std::span
-    void callFunction(Value & fun, size_t nrArgs, Value * * args, Value & vRes, const Pos & pos);
-
-    void callFunction(Value & fun, Value & arg, Value & vRes, const Pos & pos)
-    {
-        Value * args[] = {&arg};
-        callFunction(fun, 1, args, vRes, pos);
-    }
+    void callFunction(Value & fun, Value & arg, Value & v, const Pos & pos);
+    void callPrimOp(Value & fun, Value & arg, Value & v, const Pos & pos);
 
     /* Automatically call a function for which each argument has a
        default value or has a binding in the `args' map. */

src/libexpr/flake/flake.cc

@@ -230,13 +230,8 @@ static Flake getFlake(
     if (auto outputs = vInfo.attrs->get(sOutputs)) {
         expectType(state, nFunction, *outputs->value, *outputs->pos);
 
-        if (outputs->value->lambda.fun->args.size() != 1)
-            throw Error("the 'outputs' attribute of flake '%s' is not a unary function", lockedRef);
-
-        auto & arg = outputs->value->lambda.fun->args[0];
-
-        if (arg.formals) {
-            for (auto & formal : arg.formals->formals) {
+        if (outputs->value->isLambda() && outputs->value->lambda.fun->hasFormals()) {
+            for (auto & formal : outputs->value->lambda.fun->formals->formals) {
                 if (formal.name != state.sSelf)
                     flake.inputs.emplace(formal.name, FlakeInput {
                         .ref = parseFlakeRef(formal.name)
@@ -302,7 +297,7 @@ LockedFlake lockFlake(
     const FlakeRef & topRef,
     const LockFlags & lockFlags)
 {
-    settings.requireExperimentalFeature(Xp::Flakes);
+    settings.requireExperimentalFeature("flakes");
 
     FlakeCache flakeCache;
 
@@ -692,7 +687,7 @@ void callFlake(EvalState & state,
 
 static void prim_getFlake(EvalState & state, const Pos & pos, Value * * args, Value & v)
 {
-    state.requireExperimentalFeatureOnEvaluation(Xp::Flakes, "builtins.getFlake", pos);
+    state.requireExperimentalFeatureOnEvaluation("flakes", "builtins.getFlake", pos);
 
     auto flakeRefS = state.forceStringNoCtx(*args[0], pos);
     auto flakeRef = parseFlakeRef(flakeRefS, {}, true);

src/libexpr/lexer.l

@@ -64,7 +64,6 @@ static void adjustLoc(YYLTYPE * loc, const char * s, size_t len)
 }
 
 
-// FIXME: optimize
 static Expr * unescapeStr(SymbolTable & symbols, const char * s, size_t length)
 {
     string t;

src/libexpr/nixexpr.cc

@@ -124,36 +124,23 @@ void ExprList::show(std::ostream & str) const
 void ExprLambda::show(std::ostream & str) const
 {
     str << "(";
-    for (auto & arg : args) {
-        if (arg.formals) {
-            str << "{ ";
-            bool first = true;
-            for (auto & i : arg.formals->formals) {
-                if (first) first = false; else str << ", ";
-                str << i.name;
-                if (i.def) str << " ? " << *i.def;
-            }
-            if (arg.formals->ellipsis) {
-                if (!first) str << ", ";
-                str << "...";
-            }
-            str << " }";
-            if (!arg.arg.empty()) str << " @ ";
+    if (hasFormals()) {
+        str << "{ ";
+        bool first = true;
+        for (auto & i : formals->formals) {
+            if (first) first = false; else str << ", ";
+            str << i.name;
+            if (i.def) str << " ? " << *i.def;
         }
-        if (!arg.arg.empty()) str << arg.arg;
-        str << ": ";
+        if (formals->ellipsis) {
+            if (!first) str << ", ";
+            str << "...";
+        }
+        str << " }";
+        if (!arg.empty()) str << " @ ";
     }
-    str << *body << ")";
-}
-
-void ExprCall::show(std::ostream & str) const
-{
-    str << '(' << *fun;
-    for (auto e : args) {
-        str <<  ' ';
-        str << *e;
-    }
-    str << ')';
+    if (!arg.empty()) str << arg;
+    str << ": " << *body << ")";
 }
 
 void ExprLet::show(std::ostream & str) const
@@ -276,13 +263,14 @@ void ExprVar::bindVars(const StaticEnv & env)
     /* Check whether the variable appears in the environment.  If so,
        set its level and displacement. */
     const StaticEnv * curEnv;
-    Level level;
+    unsigned int level;
     int withLevel = -1;
     for (curEnv = &env, level = 0; curEnv; curEnv = curEnv->up, level++) {
         if (curEnv->isWith) {
             if (withLevel == -1) withLevel = level;
         } else {
-            if (auto i = curEnv->get(name)) {
+            StaticEnv::Vars::const_iterator i = curEnv->vars.find(name);
+            if (i != curEnv->vars.end()) {
                 fromWith = false;
                 this->level = level;
                 displ = i->second;
@@ -323,16 +311,14 @@ void ExprOpHasAttr::bindVars(const StaticEnv & env)
 void ExprAttrs::bindVars(const StaticEnv & env)
 {
     const StaticEnv * dynamicEnv = &env;
-    StaticEnv newEnv(false, &env, recursive ? attrs.size() : 0);
+    StaticEnv newEnv(false, &env);
 
     if (recursive) {
         dynamicEnv = &newEnv;
 
-        Displacement displ = 0;
+        unsigned int displ = 0;
         for (auto & i : attrs)
-            newEnv.vars.emplace_back(i.first, i.second.displ = displ++);
-
-        // No need to sort newEnv since attrs is in sorted order.
+            newEnv.vars[i.first] = i.second.displ = displ++;
 
         for (auto & i : attrs)
             i.second.e->bindVars(i.second.inherited ? env : newEnv);
@@ -356,67 +342,30 @@ void ExprList::bindVars(const StaticEnv & env)
 
 void ExprLambda::bindVars(const StaticEnv & env)
 {
-    /* The parser adds arguments in reverse order. Let's fix that
-       now. */
-    std::reverse(args.begin(), args.end());
+    StaticEnv newEnv(false, &env);
 
-    envSize = 0;
+    unsigned int displ = 0;
 
-    for (auto & arg :args) {
-        if (!arg.arg.empty()) envSize++;
-        if (arg.formals) envSize += arg.formals->formals.size();
+    if (!arg.empty()) newEnv.vars[arg] = displ++;
+
+    if (hasFormals()) {
+        for (auto & i : formals->formals)
+            newEnv.vars[i.name] = displ++;
+
+        for (auto & i : formals->formals)
+            if (i.def) i.def->bindVars(newEnv);
     }
 
-    StaticEnv newEnv(false, &env, envSize);
-
-    Displacement displ = 0;
-
-    for (auto & arg : args) {
-        if (!arg.arg.empty()) {
-            if (auto i = const_cast<StaticEnv::Vars::value_type *>(newEnv.get(arg.arg)))
-                i->second = displ++;
-            else
-                newEnv.vars.emplace_back(arg.arg, displ++);
-        }
-
-        if (arg.formals) {
-            for (auto & i : arg.formals->formals) {
-                if (auto j = const_cast<StaticEnv::Vars::value_type *>(newEnv.get(i.name)))
-                    j->second = displ++;
-                else
-                    newEnv.vars.emplace_back(i.name, displ++);
-            }
-
-            newEnv.sort();
-
-            for (auto & i : arg.formals->formals)
-                if (i.def) i.def->bindVars(newEnv);
-        }
-    }
-
-    assert(displ == envSize);
-
-    newEnv.sort();
-
     body->bindVars(newEnv);
 }
 
-void ExprCall::bindVars(const StaticEnv & env)
-{
-    fun->bindVars(env);
-    for (auto e : args)
-        e->bindVars(env);
-}
-
 void ExprLet::bindVars(const StaticEnv & env)
 {
-    StaticEnv newEnv(false, &env, attrs->attrs.size());
+    StaticEnv newEnv(false, &env);
 
-    Displacement displ = 0;
+    unsigned int displ = 0;
     for (auto & i : attrs->attrs)
-        newEnv.vars.emplace_back(i.first, i.second.displ = displ++);
-
-    // No need to sort newEnv since attrs->attrs is in sorted order.
+        newEnv.vars[i.first] = i.second.displ = displ++;
 
     for (auto & i : attrs->attrs)
         i.second.e->bindVars(i.second.inherited ? env : newEnv);
@@ -430,7 +379,7 @@ void ExprWith::bindVars(const StaticEnv & env)
        level so that `lookupVar' can look up variables in the previous
        `with' if this one doesn't contain the desired attribute. */
     const StaticEnv * curEnv;
-    Level level;
+    unsigned int level;
     prevWith = 0;
     for (curEnv = &env, level = 1; curEnv; curEnv = curEnv->up, level++)
         if (curEnv->isWith) {
@@ -503,4 +452,5 @@ size_t SymbolTable::totalSize() const
     return n;
 }
 
+
 }

src/libexpr/nixexpr.hh

@@ -4,6 +4,8 @@
 #include "symbol-table.hh"
 #include "error.hh"
 
+#include <map>
+
 
 namespace nix {
 
@@ -133,9 +135,6 @@ struct ExprPath : Expr
     Value * maybeThunk(EvalState & state, Env & env);
 };
 
-typedef uint32_t Level;
-typedef uint32_t Displacement;
-
 struct ExprVar : Expr
 {
     Pos pos;
@@ -151,8 +150,8 @@ struct ExprVar : Expr
        value is obtained by getting the attribute named `name' from
        the set stored in the environment that is `level' levels up
        from the current one.*/
-    Level level;
-    Displacement displ;
+    unsigned int level;
+    unsigned int displ;
 
     ExprVar(const Symbol & name) : name(name) { };
     ExprVar(const Pos & pos, const Symbol & name) : pos(pos), name(name) { };
@@ -186,7 +185,7 @@ struct ExprAttrs : Expr
         bool inherited;
         Expr * e;
         Pos pos;
-        Displacement displ; // displacement
+        unsigned int displ; // displacement
         AttrDef(Expr * e, const Pos & pos, bool inherited=false)
             : inherited(inherited), e(e), pos(pos) { };
         AttrDef() { };
@@ -233,35 +232,21 @@ struct ExprLambda : Expr
 {
     Pos pos;
     Symbol name;
-
-    struct Arg
-    {
-        Symbol arg;
-        Formals * formals;
-    };
-
-    std::vector<Arg> args;
-
+    Symbol arg;
+    Formals * formals;
     Expr * body;
-
-    Displacement envSize = 0; // initialized by bindVars()
-
-    ExprLambda(const Pos & pos, Expr * body)
-        : pos(pos), body(body)
-    { };
+    ExprLambda(const Pos & pos, const Symbol & arg, Formals * formals, Expr * body)
+        : pos(pos), arg(arg), formals(formals), body(body)
+    {
+        if (!arg.empty() && formals && formals->argNames.find(arg) != formals->argNames.end())
+            throw ParseError({
+                .msg = hintfmt("duplicate formal function argument '%1%'", arg),
+                .errPos = pos
+            });
+    };
     void setName(Symbol & name);
     string showNamePos() const;
-    COMMON_METHODS
-};
-
-struct ExprCall : Expr
-{
-    Expr * fun;
-    std::vector<Expr *> args;
-    Pos pos;
-    ExprCall(const Pos & pos, Expr * fun, std::vector<Expr *> && args)
-        : fun(fun), args(args), pos(pos)
-    { }
+    inline bool hasFormals() const { return formals != nullptr; }
     COMMON_METHODS
 };
 
@@ -323,6 +308,7 @@ struct ExprOpNot : Expr
         void eval(EvalState & state, Env & env, Value & v); \
     };
 
+MakeBinOp(ExprApp, "")
 MakeBinOp(ExprOpEq, "==")
 MakeBinOp(ExprOpNEq, "!=")
 MakeBinOp(ExprOpAnd, "&&")
@@ -356,28 +342,9 @@ struct StaticEnv
 {
     bool isWith;
     const StaticEnv * up;
-
-    // Note: these must be in sorted order.
-    typedef std::vector<std::pair<Symbol, Displacement>> Vars;
+    typedef std::map<Symbol, unsigned int> Vars;
     Vars vars;
-
-    StaticEnv(bool isWith, const StaticEnv * up, size_t expectedSize = 0) : isWith(isWith), up(up) {
-        vars.reserve(expectedSize);
-    };
-
-    void sort()
-    {
-        std::sort(vars.begin(), vars.end(),
-            [](const Vars::value_type & a, const Vars::value_type & b) { return a.first < b.first; });
-    }
-
-    const Vars::value_type * get(const Symbol & name) const
-    {
-        Vars::value_type key(name, 0);
-        auto i = std::lower_bound(vars.begin(), vars.end(), key);
-        if (i != vars.end() && i->first == name) return &*i;
-        return {};
-    }
+    StaticEnv(bool isWith, const StaticEnv * up) : isWith(isWith), up(up) { };
 };
 
 

src/libexpr/parser.y

@@ -126,14 +126,14 @@ static void addAttr(ExprAttrs * attrs, AttrPath & attrPath,
                     auto j2 = jAttrs->attrs.find(ad.first);
                     if (j2 != jAttrs->attrs.end()) // Attr already defined in iAttrs, error.
                         dupAttr(ad.first, j2->second.pos, ad.second.pos);
-                    jAttrs->attrs.emplace(ad.first, ad.second);
+                    jAttrs->attrs[ad.first] = ad.second;
                 }
             } else {
                 dupAttr(attrPath, pos, j->second.pos);
             }
         } else {
             // This attr path is not defined. Let's create it.
-            attrs->attrs.emplace(i->symbol, ExprAttrs::AttrDef(e, pos));
+            attrs->attrs[i->symbol] = ExprAttrs::AttrDef(e, pos);
             e->setName(i->symbol);
         }
     } else {
@@ -154,24 +154,6 @@ static void addFormal(const Pos & pos, Formals * formals, const Formal & formal)
 }
 
 
-static Expr * addArg(const Pos & pos, Expr * e, ExprLambda::Arg && arg)
-{
-    if (!arg.arg.empty() && arg.formals && arg.formals->argNames.count(arg.arg))
-        throw ParseError({
-            .msg = hintfmt("duplicate formal function argument '%1%'", arg.arg),
-            .errPos = pos
-        });
-
-    auto e2 = dynamic_cast<ExprLambda *>(e); // FIXME: slow?
-    if (!e2)
-        e2 = new ExprLambda(pos, e);
-    else
-        e2->pos = pos;
-    e2->args.emplace_back(std::move(arg));
-    return e2;
-}
-
-
 static Expr * stripIndentation(const Pos & pos, SymbolTable & symbols, vector<Expr *> & es)
 {
     if (es.empty()) return new ExprString(symbols.create(""));
@@ -301,7 +283,7 @@ void yyerror(YYLTYPE * loc, yyscan_t scanner, ParseData * data, const char * err
 }
 
 %type <e> start expr expr_function expr_if expr_op
-%type <e> expr_select expr_simple expr_app
+%type <e> expr_app expr_select expr_simple
 %type <list> expr_list
 %type <attrs> binds
 %type <formals> formals
@@ -342,13 +324,13 @@ expr: expr_function;
 
 expr_function
   : ID ':' expr_function
-    { $$ = addArg(CUR_POS, $3, {data->symbols.create($1), nullptr}); }
+    { $$ = new ExprLambda(CUR_POS, data->symbols.create($1), 0, $3); }
   | '{' formals '}' ':' expr_function
-    { $$ = addArg(CUR_POS, $5, {data->state.sEpsilon, $2}); }
+    { $$ = new ExprLambda(CUR_POS, data->symbols.create(""), $2, $5); }
   | '{' formals '}' '@' ID ':' expr_function
-    { $$ = addArg(CUR_POS, $7, {data->symbols.create($5), $2}); }
+    { $$ = new ExprLambda(CUR_POS, data->symbols.create($5), $2, $7); }
   | ID '@' '{' formals '}' ':' expr_function
-    { $$ = addArg(CUR_POS, $7, {data->symbols.create($1), $4}); }
+    { $$ = new ExprLambda(CUR_POS, data->symbols.create($1), $4, $7); }
   | ASSERT expr ';' expr_function
     { $$ = new ExprAssert(CUR_POS, $2, $4); }
   | WITH expr ';' expr_function
@@ -371,13 +353,13 @@ expr_if
 
 expr_op
   : '!' expr_op %prec NOT { $$ = new ExprOpNot($2); }
-  | '-' expr_op %prec NEGATE { $$ = new ExprCall(CUR_POS, new ExprVar(data->symbols.create("__sub")), {new ExprInt(0), $2}); }
+  | '-' expr_op %prec NEGATE { $$ = new ExprApp(CUR_POS, new ExprApp(new ExprVar(data->symbols.create("__sub")), new ExprInt(0)), $2); }
   | expr_op EQ expr_op { $$ = new ExprOpEq($1, $3); }
   | expr_op NEQ expr_op { $$ = new ExprOpNEq($1, $3); }
-  | expr_op '<' expr_op { $$ = new ExprCall(CUR_POS, new ExprVar(data->symbols.create("__lessThan")), {$1, $3}); }
-  | expr_op LEQ expr_op { $$ = new ExprOpNot(new ExprCall(CUR_POS, new ExprVar(data->symbols.create("__lessThan")), {$3, $1})); }
-  | expr_op '>' expr_op { $$ = new ExprCall(CUR_POS, new ExprVar(data->symbols.create("__lessThan")), {$3, $1}); }
-  | expr_op GEQ expr_op { $$ = new ExprOpNot(new ExprCall(CUR_POS, new ExprVar(data->symbols.create("__lessThan")), {$1, $3})); }
+  | expr_op '<' expr_op { $$ = new ExprApp(CUR_POS, new ExprApp(new ExprVar(data->symbols.create("__lessThan")), $1), $3); }
+  | expr_op LEQ expr_op { $$ = new ExprOpNot(new ExprApp(CUR_POS, new ExprApp(new ExprVar(data->symbols.create("__lessThan")), $3), $1)); }
+  | expr_op '>' expr_op { $$ = new ExprApp(CUR_POS, new ExprApp(new ExprVar(data->symbols.create("__lessThan")), $3), $1); }
+  | expr_op GEQ expr_op { $$ = new ExprOpNot(new ExprApp(CUR_POS, new ExprApp(new ExprVar(data->symbols.create("__lessThan")), $1), $3)); }
   | expr_op AND expr_op { $$ = new ExprOpAnd(CUR_POS, $1, $3); }
   | expr_op OR expr_op { $$ = new ExprOpOr(CUR_POS, $1, $3); }
   | expr_op IMPL expr_op { $$ = new ExprOpImpl(CUR_POS, $1, $3); }
@@ -385,22 +367,17 @@ expr_op
   | expr_op '?' attrpath { $$ = new ExprOpHasAttr($1, *$3); }
   | expr_op '+' expr_op
     { $$ = new ExprConcatStrings(CUR_POS, false, new vector<Expr *>({$1, $3})); }
-  | expr_op '-' expr_op { $$ = new ExprCall(CUR_POS, new ExprVar(data->symbols.create("__sub")), {$1, $3}); }
-  | expr_op '*' expr_op { $$ = new ExprCall(CUR_POS, new ExprVar(data->symbols.create("__mul")), {$1, $3}); }
-  | expr_op '/' expr_op { $$ = new ExprCall(CUR_POS, new ExprVar(data->symbols.create("__div")), {$1, $3}); }
+  | expr_op '-' expr_op { $$ = new ExprApp(CUR_POS, new ExprApp(new ExprVar(data->symbols.create("__sub")), $1), $3); }
+  | expr_op '*' expr_op { $$ = new ExprApp(CUR_POS, new ExprApp(new ExprVar(data->symbols.create("__mul")), $1), $3); }
+  | expr_op '/' expr_op { $$ = new ExprApp(CUR_POS, new ExprApp(new ExprVar(data->symbols.create("__div")), $1), $3); }
   | expr_op CONCAT expr_op { $$ = new ExprOpConcatLists(CUR_POS, $1, $3); }
   | expr_app
   ;
 
 expr_app
-  : expr_app expr_select {
-      if (auto e2 = dynamic_cast<ExprCall *>($1)) {
-          e2->args.push_back($2);
-          $$ = $1;
-      } else
-          $$ = new ExprCall(CUR_POS, $1, {$2});
-  }
-  | expr_select
+  : expr_app expr_select
+    { $$ = new ExprApp(CUR_POS, $1, $2); }
+  | expr_select { $$ = $1; }
   ;
 
 expr_select
@@ -411,7 +388,7 @@ expr_select
   | /* Backwards compatibility: because Nixpkgs has a rarely used
        function named ‘or’, allow stuff like ‘map or [...]’. */
     expr_simple OR_KW
-    { $$ = new ExprCall(CUR_POS, $1, {new ExprVar(CUR_POS, data->symbols.create("or"))}); }
+    { $$ = new ExprApp(CUR_POS, $1, new ExprVar(CUR_POS, data->symbols.create("or"))); }
   | expr_simple { $$ = $1; }
   ;
 
@@ -435,13 +412,13 @@ expr_simple
   }
   | SPATH {
       string path($1 + 1, strlen($1) - 2);
-      $$ = new ExprCall(CUR_POS,
-          new ExprVar(data->symbols.create("__findFile")),
-          {new ExprVar(data->symbols.create("__nixPath")),
-           new ExprString(data->symbols.create(path))});
+      $$ = new ExprApp(CUR_POS,
+          new ExprApp(new ExprVar(data->symbols.create("__findFile")),
+              new ExprVar(data->symbols.create("__nixPath"))),
+          new ExprString(data->symbols.create(path)));
   }
   | URI {
-      static bool noURLLiterals = settings.isExperimentalFeatureEnabled(Xp::NoUrlLiterals);
+      static bool noURLLiterals = settings.isExperimentalFeatureEnabled("no-url-literals");
       if (noURLLiterals)
           throw ParseError({
               .msg = hintfmt("URL literals are disabled"),
@@ -464,7 +441,7 @@ expr_simple
 string_parts
   : STR
   | string_parts_interpolated { $$ = new ExprConcatStrings(CUR_POS, true, $1); }
-  | { $$ = new ExprString(data->state.sEpsilon); }
+  | { $$ = new ExprString(data->symbols.create("")); }
   ;
 
 string_parts_interpolated
@@ -506,7 +483,7 @@ binds
           if ($$->attrs.find(i.symbol) != $$->attrs.end())
               dupAttr(i.symbol, makeCurPos(@3, data), $$->attrs[i.symbol].pos);
           Pos pos = makeCurPos(@3, data);
-          $$->attrs.emplace(i.symbol, ExprAttrs::AttrDef(new ExprVar(CUR_POS, i.symbol), pos, true));
+          $$->attrs[i.symbol] = ExprAttrs::AttrDef(new ExprVar(CUR_POS, i.symbol), pos, true);
       }
     }
   | binds INHERIT '(' expr ')' attrs ';'
@@ -515,7 +492,7 @@ binds
       for (auto & i : *$6) {
           if ($$->attrs.find(i.symbol) != $$->attrs.end())
               dupAttr(i.symbol, makeCurPos(@6, data), $$->attrs[i.symbol].pos);
-          $$->attrs.emplace(i.symbol, ExprAttrs::AttrDef(new ExprSelect(CUR_POS, $4, i.symbol), makeCurPos(@6, data)));
+          $$->attrs[i.symbol] = ExprAttrs::AttrDef(new ExprSelect(CUR_POS, $4, i.symbol), makeCurPos(@6, data));
       }
     }
   | { $$ = new ExprAttrs(makeCurPos(@0, data)); }

src/libexpr/primops.cc

@@ -184,17 +184,14 @@ static void import(EvalState & state, const Pos & pos, Value & vPath, Value * vS
             Env * env = &state.allocEnv(vScope->attrs->size());
             env->up = &state.baseEnv;
 
-            StaticEnv staticEnv(false, &state.staticBaseEnv, vScope->attrs->size());
+            StaticEnv staticEnv(false, &state.staticBaseEnv);
 
             unsigned int displ = 0;
             for (auto & attr : *vScope->attrs) {
-                staticEnv.vars.emplace_back(attr.name, displ);
+                staticEnv.vars[attr.name] = displ;
                 env->values[displ++] = attr.value;
             }
 
-            // No need to call staticEnv.sort(), because
-            // args[0]->attrs is already sorted.
-
             printTalkative("evaluating file '%1%'", realPath);
             Expr * e = state.parseExprFromFile(resolveExprPath(realPath), staticEnv);
 
@@ -988,7 +985,7 @@ static void prim_derivationStrict(EvalState & state, const Pos & pos, Value * *
             }
 
             if (i->name == state.sContentAddressed) {
-                settings.requireExperimentalFeature(Xp::CaDerivations);
+                settings.requireExperimentalFeature("ca-derivations");
                 contentAddressed = state.forceBool(*i->value, pos);
             }
 
@@ -1883,6 +1880,9 @@ static void addPath(
             Value arg1;
             mkString(arg1, path);
 
+            Value fun2;
+            state.callFunction(*filterFun, arg1, fun2, noPos);
+
             Value arg2;
             mkString(arg2,
                 S_ISREG(st.st_mode) ? "regular" :
@@ -1890,9 +1890,8 @@ static void addPath(
                 S_ISLNK(st.st_mode) ? "symlink" :
                 "unknown" /* not supported, will fail! */);
 
-            Value * args []{&arg1, &arg2};
             Value res;
-            state.callFunction(*filterFun, 2, args, res, pos);
+            state.callFunction(fun2, arg2, res, noPos);
 
             return state.forceBool(res, pos);
         }) : defaultPathFilter;
@@ -2386,38 +2385,23 @@ static RegisterPrimOp primop_catAttrs({
 static void prim_functionArgs(EvalState & state, const Pos & pos, Value * * args, Value & v)
 {
     state.forceValue(*args[0], pos);
-
     if (args[0]->isPrimOpApp() || args[0]->isPrimOp()) {
         state.mkAttrs(v, 0);
         return;
     }
-
-    if (!args[0]->isLambda() && !args[0]->isPartialApp())
+    if (!args[0]->isLambda())
         throw TypeError({
             .msg = hintfmt("'functionArgs' requires a function"),
             .errPos = pos
         });
 
-    size_t argsDone = 0;
-    auto lambda = args[0];
-    while (lambda->isPartialApp()) {
-        argsDone++;
-        lambda = lambda->app.left;
-    }
-    assert(lambda->isLambda());
-
-    assert(argsDone < lambda->lambda.fun->args.size());
-
-    // FIXME: handle partially applied functions
-    auto formals = lambda->lambda.fun->args[argsDone].formals;
-
-    if (!formals) {
+    if (!args[0]->lambda.fun->hasFormals()) {
         state.mkAttrs(v, 0);
         return;
     }
 
-    state.mkAttrs(v, formals->formals.size());
-    for (auto & i : formals->formals) {
+    state.mkAttrs(v, args[0]->lambda.fun->formals->formals.size());
+    for (auto & i : args[0]->lambda.fun->formals->formals) {
         // !!! should optimise booleans (allocate only once)
         Value * value = state.allocValue();
         v.attrs->push_back(Attr(i.name, value, ptr(&i.pos)));
@@ -2708,9 +2692,10 @@ static void prim_foldlStrict(EvalState & state, const Pos & pos, Value * * args,
         Value * vCur = args[1];
 
         for (unsigned int n = 0; n < args[2]->listSize(); ++n) {
-            Value * vs []{vCur, args[2]->listElems()[n]};
+            Value vTmp;
+            state.callFunction(*args[0], *vCur, vTmp, pos);
             vCur = n == args[2]->listSize() - 1 ? &v : state.allocValue();
-            state.callFunction(*args[0], 2, vs, *vCur, pos);
+            state.callFunction(vTmp, *args[2]->listElems()[n], *vCur, pos);
         }
         state.forceValue(v, pos);
     } else {
@@ -2831,16 +2816,17 @@ static void prim_sort(EvalState & state, const Pos & pos, Value * * args, Value
         v.listElems()[n] = args[1]->listElems()[n];
     }
 
+
     auto comparator = [&](Value * a, Value * b) {
         /* Optimization: if the comparator is lessThan, bypass
            callFunction. */
         if (args[0]->isPrimOp() && args[0]->primOp->fun == prim_lessThan)
             return CompareValues()(a, b);
 
-        Value * vs[] = {a, b};
-        Value vBool;
-        state.callFunction(*args[0], 2, vs, vBool, pos);
-        return state.forceBool(vBool, pos);
+        Value vTmp1, vTmp2;
+        state.callFunction(*args[0], *a, vTmp1, pos);
+        state.callFunction(vTmp1, *b, vTmp2, pos);
+        return state.forceBool(vTmp2, pos);
     };
 
     /* FIXME: std::sort can segfault if the comparator is not a strict
@@ -3741,20 +3727,14 @@ void EvalState::createBaseEnv()
     /* Add a wrapper around the derivation primop that computes the
        `drvPath' and `outPath' attributes lazily. */
     sDerivationNix = symbols.create("//builtin/derivation.nix");
-    auto vDerivation = allocValue();
-    addConstant("derivation", vDerivation);
+    eval(parse(
+        #include "primops/derivation.nix.gen.hh"
+        , foFile, sDerivationNix, "/", staticBaseEnv), v);
+    addConstant("derivation", v);
 
     /* Now that we've added all primops, sort the `builtins' set,
        because attribute lookups expect it to be sorted. */
     baseEnv.values[0]->attrs->sort();
-
-    staticBaseEnv.sort();
-
-    /* Note: we have to initialize the 'derivation' constant *after*
-       building baseEnv/staticBaseEnv because it uses 'builtins'. */
-    eval(parse(
-        #include "primops/derivation.nix.gen.hh"
-        , foFile, sDerivationNix, "/", staticBaseEnv), *vDerivation);
 }
 
 

src/libexpr/primops/fetchMercurial.cc

@@ -15,7 +15,7 @@ static void prim_fetchMercurial(EvalState & state, const Pos & pos, Value * * ar
     std::string name = "source";
     PathSet context;
 
-    state.forceValue(*args[0], pos);
+    state.forceValue(*args[0]);
 
     if (args[0]->type() == nAttrs) {
 

src/libexpr/primops/fetchTree.cc

@@ -74,7 +74,10 @@ std::string fixURI(std::string uri, EvalState & state, const std::string & defau
 
 std::string fixURIForGit(std::string uri, EvalState & state)
 {
-    static std::regex scp_uri("([^/].*)@(.*):(.*)");
+    /* Detects scp-style uris (e.g. git@github.com:NixOS/nix) and fixes
+     * them by removing the `:` and assuming a scheme of `ssh://`
+     * */
+    static std::regex scp_uri("([^/]*)@(.*):(.*)");
     if (uri[0] != '/' && std::regex_match(uri, scp_uri))
         return fixURI(std::regex_replace(uri, scp_uri, "$1@$2/$3"), state, "ssh");
     else
@@ -97,7 +100,7 @@ static void fetchTree(
     fetchers::Input input;
     PathSet context;
 
-    state.forceValue(*args[0], pos);
+    state.forceValue(*args[0]);
 
     if (args[0]->type() == nAttrs) {
         state.forceAttrs(*args[0], pos);
@@ -121,7 +124,7 @@ static void fetchTree(
 
         for (auto & attr : *args[0]->attrs) {
             if (attr.name == state.sType) continue;
-            state.forceValue(*attr.value, *attr.pos);
+            state.forceValue(*attr.value);
             if (attr.value->type() == nPath || attr.value->type() == nString) {
                 auto s = state.coerceToString(*attr.pos, *attr.value, context, false, false);
                 attrs.emplace(attr.name,
@@ -176,7 +179,7 @@ static void fetchTree(
 
 static void prim_fetchTree(EvalState & state, const Pos & pos, Value * * args, Value & v)
 {
-    settings.requireExperimentalFeature(Xp::Flakes);
+    settings.requireExperimentalFeature("flakes");
     fetchTree(state, pos, args, v, std::nullopt, FetchTreeParams { .allowNameArgument = false });
 }
 
@@ -189,7 +192,7 @@ static void fetch(EvalState & state, const Pos & pos, Value * * args, Value & v,
     std::optional<std::string> url;
     std::optional<Hash> expectedHash;
 
-    state.forceValue(*args[0], pos);
+    state.forceValue(*args[0]);
 
     if (args[0]->type() == nAttrs) {
 
@@ -287,13 +290,13 @@ static RegisterPrimOp primop_fetchTarball({
       stdenv.mkDerivation { … }
       ```
 
-      The fetched tarball is cached for a certain amount of time (1
-      hour by default) in `~/.cache/nix/tarballs/`. You can change the
-      cache timeout either on the command line with `--tarball-ttl`
-      *number-of-seconds* or in the Nix configuration file by adding
-      the line `tarball-ttl = ` *number-of-seconds*.
+      The fetched tarball is cached for a certain amount of time (1 hour
+      by default) in `~/.cache/nix/tarballs/`. You can change the cache
+      timeout either on the command line with `--option tarball-ttl number
+      of seconds` or in the Nix configuration file with this option: ` 
+      number of seconds to cache `.
 
-      Note that when obtaining the hash with `nix-prefetch-url` the
+      Note that when obtaining the hash with ` nix-prefetch-url ` the
       option `--unpack` is required.
 
       This function can also verify the contents against a hash. In that
@@ -393,7 +396,7 @@ static RegisterPrimOp primop_fetchGit({
           ```
 
           > **Note**
-          >
+          > 
           > It is nice to always specify the branch which a revision
           > belongs to. Without the branch being specified, the fetcher
           > might fail if the default branch changes. Additionally, it can
@@ -430,12 +433,12 @@ static RegisterPrimOp primop_fetchGit({
           ```
 
           > **Note**
-          >
+          > 
           > Nix will refetch the branch in accordance with
           > the option `tarball-ttl`.
 
           > **Note**
-          >
+          > 
           > This behavior is disabled in *Pure evaluation mode*.
     )",
     .fun = prim_fetchGit,

src/libexpr/value-to-xml.cc

@@ -126,28 +126,24 @@ static void printValueAsXML(EvalState & state, bool strict, bool location,
         }
 
         case nFunction: {
-
             if (!v.isLambda()) {
-                // FIXME: Serialize primops and partial apps
+                // FIXME: Serialize primops and primopapps
                 doc.writeEmptyElement("unevaluated");
                 break;
             }
-
             XMLAttrs xmlAttrs;
             if (location) posToXML(xmlAttrs, v.lambda.fun->pos);
             XMLOpenElement _(doc, "function", xmlAttrs);
 
-            auto & arg = v.lambda.fun->args[0];
-
-            if (arg.formals) {
+            if (v.lambda.fun->hasFormals()) {
                 XMLAttrs attrs;
-                if (arg.arg != state.sEpsilon) attrs["name"] = arg.arg;
-                if (arg.formals->ellipsis) attrs["ellipsis"] = "1";
+                if (!v.lambda.fun->arg.empty()) attrs["name"] = v.lambda.fun->arg;
+                if (v.lambda.fun->formals->ellipsis) attrs["ellipsis"] = "1";
                 XMLOpenElement _(doc, "attrspat", attrs);
-                for (auto & i : arg.formals->formals)
+                for (auto & i : v.lambda.fun->formals->formals)
                     doc.writeEmptyElement("attr", singletonAttrs("name", i.name));
             } else
-                doc.writeEmptyElement("varpat", singletonAttrs("name", arg.arg));
+                doc.writeEmptyElement("varpat", singletonAttrs("name", v.lambda.fun->arg));
 
             break;
         }

src/libexpr/value.hh

@@ -21,7 +21,6 @@ typedef enum {
     tListN,
     tThunk,
     tApp,
-    tPartialApp,
     tLambda,
     tBlackhole,
     tPrimOp,
@@ -126,7 +125,6 @@ public:
 
     // type() == nFunction
     inline bool isLambda() const { return internalType == tLambda; };
-    inline bool isPartialApp() const { return internalType == tPartialApp; };
     inline bool isPrimOp() const { return internalType == tPrimOp; };
     inline bool isPrimOpApp() const { return internalType == tPrimOpApp; };
 
@@ -198,7 +196,7 @@ public:
             case tNull: return nNull;
             case tAttrs: return nAttrs;
             case tList1: case tList2: case tListN: return nList;
-            case tLambda: case tPartialApp: case tPrimOp: case tPrimOpApp: return nFunction;
+            case tLambda: case tPrimOp: case tPrimOpApp: return nFunction;
             case tExternal: return nExternal;
             case tFloat: return nFloat;
             case tThunk: case tApp: case tBlackhole: return nThunk;
@@ -309,13 +307,6 @@ public:
         app.right = r;
     }
 
-    inline void mkPartialApp(Value * l, Value * r)
-    {
-        internalType = tPartialApp;
-        app.left = l;
-        app.right = r;
-    }
-
     inline void mkExternal(ExternalValueBase * e)
     {
         clearValue();

src/libmain/shared.cc

@@ -15,9 +15,14 @@
 #include <sys/stat.h>
 #include <unistd.h>
 #include <signal.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netdb.h>
+#ifdef __linux__
+#include <features.h>
+#endif
+#ifdef __GLIBC__
+#include <gnu/lib-names.h>
+#include <nss.h>
+#include <dlfcn.h>
+#endif
 
 #include <openssl/crypto.h>
 
@@ -121,21 +126,30 @@ static void preloadNSS() {
        been loaded in the parent. So we force a lookup of an invalid domain to force the NSS machinery to
        load its lookup libraries in the parent before any child gets a chance to. */
     std::call_once(dns_resolve_flag, []() {
-        struct addrinfo *res = NULL;
-
-        /* nss will only force the "local" (not through nscd) dns resolution if its on the LOCALDOMAIN.
-           We need the resolution to be done locally, as nscd socket will not be accessible in the
-           sandbox. */
-        char * previous_env = getenv("LOCALDOMAIN");
-        setenv("LOCALDOMAIN", "invalid", 1);
-        if (getaddrinfo("this.pre-initializes.the.dns.resolvers.invalid.", "http", NULL, &res) == 0) {
-            if (res) freeaddrinfo(res);
-        }
-        if (previous_env) {
-             setenv("LOCALDOMAIN", previous_env, 1);
-        } else {
-             unsetenv("LOCALDOMAIN");
-        }
+#ifdef __GLIBC__
+        /* On linux, glibc will run every lookup through the nss layer.
+         * That means every lookup goes, by default, through nscd, which acts as a local
+         * cache.
+         * Because we run builds in a sandbox, we also remove access to nscd otherwise
+         * lookups would leak into the sandbox.
+         *
+         * But now we have a new problem, we need to make sure the nss_dns backend that
+         * does the dns lookups when nscd is not available is loaded or available.
+         *
+         * We can't make it available without leaking nix's environment, so instead we'll
+         * load the backend, and configure nss so it does not try to run dns lookups
+         * through nscd.
+         *
+         * This is technically only used for builtins:fetch* functions so we only care
+         * about dns.
+         *
+         * All other platforms are unaffected.
+         */
+        if (!dlopen(LIBNSS_DNS_SO, RTLD_NOW))
+            warn("unable to load nss_dns backend");
+        // FIXME: get hosts entry from nsswitch.conf.
+        __nss_configure_lookup("hosts", "files dns");
+#endif
     });
 }
 

src/libstore/binary-cache-store.cc

@@ -111,15 +111,15 @@ void BinaryCacheStore::writeNarInfo(ref<NarInfo> narInfo)
 
     upsertFile(narInfoFile, narInfo->to_string(*this), "text/x-nix-narinfo");
 
+    std::string hashPart(narInfo->path.hashPart());
+
     {
         auto state_(state.lock());
-        state_->pathInfoCache.upsert(
-            std::string(narInfo->path.to_string()),
-            PathInfoCacheValue { .value = std::shared_ptr<NarInfo>(narInfo) });
+        state_->pathInfoCache.upsert(hashPart, PathInfoCacheValue { .value = std::shared_ptr<NarInfo>(narInfo) });
     }
 
     if (diskCache)
-        diskCache->upsertNarInfo(getUri(), std::string(narInfo->path.hashPart()), std::shared_ptr<NarInfo>(narInfo));
+        diskCache->upsertNarInfo(getUri(), hashPart, std::shared_ptr<NarInfo>(narInfo));
 }
 
 AutoCloseFD openFile(const Path & path)
@@ -149,7 +149,7 @@ ref<const ValidPathInfo> BinaryCacheStore::addToStoreCommon(
     {
     FdSink fileSink(fdTemp.get());
     TeeSink teeSinkCompressed { fileSink, fileHashSink };
-    auto compressionSink = makeCompressionSink(compression, teeSinkCompressed, parallelCompression, compressionLevel);
+    auto compressionSink = makeCompressionSink(compression, teeSinkCompressed);
     TeeSink teeSinkUncompressed { *compressionSink, narHashSink };
     TeeSource teeSource { narSource, teeSinkUncompressed };
     narAccessor = makeNarAccessor(teeSource);

src/libstore/binary-cache-store.hh

@@ -15,17 +15,13 @@ struct BinaryCacheStoreConfig : virtual StoreConfig
 {
     using StoreConfig::StoreConfig;
 
-    const Setting<std::string> compression{(StoreConfig*) this, "xz", "compression", "NAR compression method ('xz', 'bzip2', 'gzip', 'zstd', or 'none')"};
+    const Setting<std::string> compression{(StoreConfig*) this, "xz", "compression", "NAR compression method ('xz', 'bzip2', or 'none')"};
     const Setting<bool> writeNARListing{(StoreConfig*) this, false, "write-nar-listing", "whether to write a JSON file listing the files in each NAR"};
     const Setting<bool> writeDebugInfo{(StoreConfig*) this, false, "index-debug-info", "whether to index DWARF debug info files by build ID"};
     const Setting<Path> secretKeyFile{(StoreConfig*) this, "", "secret-key", "path to secret key used to sign the binary cache"};
     const Setting<Path> localNarCache{(StoreConfig*) this, "", "local-nar-cache", "path to a local cache of NARs"};
     const Setting<bool> parallelCompression{(StoreConfig*) this, false, "parallel-compression",
-        "enable multi-threading compression for NARs, available for xz and zstd only currently"};
-    const Setting<int> compressionLevel{(StoreConfig*) this, -1, "compression-level",
-        "specify 'preset level' of compression to be used with NARs: "
-        "meaning and accepted range of values depends on compression method selected, "
-        "other than -1 which we reserve to indicate Nix defaults should be used"};
+        "enable multi-threading compression, available for xz only currently"};
 };
 
 class BinaryCacheStore : public virtual BinaryCacheStoreConfig, public virtual Store

src/libstore/build/derivation-goal.cc

@@ -204,7 +204,7 @@ void DerivationGoal::haveDerivation()
     trace("have derivation");
 
     if (drv->type() == DerivationType::CAFloating)
-        settings.requireExperimentalFeature(Xp::CaDerivations);
+        settings.requireExperimentalFeature("ca-derivations");
 
     retrySubstitution = false;
 
@@ -453,7 +453,7 @@ void DerivationGoal::inputsRealised()
     if (useDerivation) {
         auto & fullDrv = *dynamic_cast<Derivation *>(drv.get());
 
-        if (settings.isExperimentalFeatureEnabled(Xp::CaDerivations) &&
+        if (settings.isExperimentalFeatureEnabled("ca-derivations") &&
             ((!fullDrv.inputDrvs.empty() && derivationIsCA(fullDrv.type()))
             || fullDrv.type() == DerivationType::DeferredInputAddressed)) {
             /* We are be able to resolve this derivation based on the
@@ -655,7 +655,7 @@ void DerivationGoal::tryLocalBuild() {
     throw Error(
         "unable to build with a primary store that isn't a local store; "
         "either pass a different '--store' or enable remote builds."
-        "\nhttps://nixos.org/nix/manual/#chap-distributed-builds");
+        "\nhttps://nixos.org/manual/nix/stable/advanced-topics/distributed-builds.html");
 }
 
 
@@ -1275,7 +1275,7 @@ void DerivationGoal::checkPathValidity()
                     : PathStatus::Corrupt,
             };
         }
-        if (settings.isExperimentalFeatureEnabled(Xp::CaDerivations)) {
+        if (settings.isExperimentalFeatureEnabled("ca-derivations")) {
             auto drvOutput = DrvOutput{initialOutputs.at(i.first).outputHash, i.first};
             if (auto real = worker.store.queryRealisation(drvOutput)) {
                 info.known = {

src/libstore/build/entry-points.cc

@@ -1,3 +1,4 @@
+#include "machines.hh"
 #include "worker.hh"
 #include "substitution-goal.hh"
 #include "derivation-goal.hh"
@@ -73,7 +74,7 @@ BuildResult Store::buildDerivation(const StorePath & drvPath, const BasicDerivat
                     outputId,
                     Realisation{ outputId, *staticOutput.second}
                     );
-        if (settings.isExperimentalFeatureEnabled(Xp::CaDerivations) && !derivationHasKnownOutputPaths(drv.type())) {
+        if (settings.isExperimentalFeatureEnabled("ca-derivations") && !derivationHasKnownOutputPaths(drv.type())) {
             auto realisation = this->queryRealisation(outputId);
             if (realisation)
                 result.builtOutputs.insert_or_assign(

src/libstore/build/local-derivation-goal.cc

@@ -1259,7 +1259,7 @@ struct RestrictedStore : public virtual RestrictedStoreConfig, public virtual Lo
             for (auto & [outputName, outputPath] : outputs)
                 if (wantOutput(outputName, bfd.outputs)) {
                     newPaths.insert(outputPath);
-                    if (settings.isExperimentalFeatureEnabled(Xp::CaDerivations)) {
+                    if (settings.isExperimentalFeatureEnabled("ca-derivations")) {
                         auto thisRealisation = next->queryRealisation(
                             DrvOutput{drvHashes.at(outputName), outputName}
                         );
@@ -1320,7 +1320,7 @@ struct RestrictedStore : public virtual RestrictedStoreConfig, public virtual Lo
 
 void LocalDerivationGoal::startDaemon()
 {
-    settings.requireExperimentalFeature(Xp::RecursiveNix);
+    settings.requireExperimentalFeature("recursive-nix");
 
     Store::Params params;
     params["path-info-cache-size"] = "0";
@@ -1353,7 +1353,7 @@ void LocalDerivationGoal::startDaemon()
             AutoCloseFD remote = accept(daemonSocket.get(),
                 (struct sockaddr *) &remoteAddr, &remoteAddrLen);
             if (!remote) {
-                if (errno == EINTR || errno == EAGAIN) continue;
+                if (errno == EINTR) continue;
                 if (errno == EINVAL) break;
                 throw SysError("accepting connection");
             }
@@ -2561,7 +2561,7 @@ void LocalDerivationGoal::registerOutputs()
        that for floating CA derivations, which otherwise couldn't be cached,
        but it's fine to do in all cases. */
 
-    if (settings.isExperimentalFeatureEnabled(Xp::CaDerivations)) {
+    if (settings.isExperimentalFeatureEnabled("ca-derivations")) {
         for (auto& [outputName, newInfo] : infos) {
             auto thisRealisation = Realisation{
                 .id = DrvOutput{initialOutputs.at(outputName).outputHash,

src/libstore/build/worker.cc

@@ -281,11 +281,11 @@ void Worker::run(const Goals & _topGoals)
                 if (getMachines().empty())
                    throw Error("unable to start any build; either increase '--max-jobs' "
                             "or enable remote builds."
-                            "\nhttps://nixos.org/nix/manual/#chap-distributed-builds");
+                            "\nhttps://nixos.org/manual/nix/stable/advanced-topics/distributed-builds.html");
                 else
                    throw Error("unable to start any build; remote machines may not have "
                             "all required system features."
-                            "\nhttps://nixos.org/nix/manual/#chap-distributed-builds");
+                            "\nhttps://nixos.org/manual/nix/stable/advanced-topics/distributed-builds.html");
 
             }
             assert(!awake.empty());

src/libstore/daemon.cc

@@ -230,7 +230,7 @@ struct ClientSettings
                 else if (name == settings.experimentalFeatures.name) {
                     // We don’t want to forward the experimental features to
                     // the daemon, as that could cause some pretty weird stuff
-                    if (parseFeatures(tokenizeString<StringSet>(value)) != settings.experimentalFeatures.get())
+                    if (tokenizeString<Strings>(value) != settings.experimentalFeatures.get())
                         debug("Ignoring the client-specified experimental features");
                 }
                 else if (trusted
@@ -433,25 +433,30 @@ static void performOp(TunnelLogger * logger, ref<Store> store,
                 hashAlgo = parseHashType(hashAlgoRaw);
             }
 
-            StringSink saved;
-            TeeSource savedNARSource(from, saved);
-            RetrieveRegularNARSink savedRegular { saved };
-
-            if (method == FileIngestionMethod::Recursive) {
-                /* Get the entire NAR dump from the client and save it to
-                  a string so that we can pass it to
-                  addToStoreFromDump(). */
-                ParseSink sink; /* null sink; just parse the NAR */
-                parseDump(sink, savedNARSource);
-            } else
-                parseDump(savedRegular, from);
-
+            auto dumpSource = sinkToSource([&](Sink & saved) {
+                if (method == FileIngestionMethod::Recursive) {
+                    /* We parse the NAR dump through into `saved` unmodified,
+                       so why all this extra work? We still parse the NAR so
+                       that we aren't sending arbitrary data to `saved`
+                       unwittingly`, and we know when the NAR ends so we don't
+                       consume the rest of `from` and can't parse another
+                       command. (We don't trust `addToStoreFromDump` to not
+                       eagerly consume the entire stream it's given, past the
+                       length of the Nar. */
+                    TeeSource savedNARSource(from, saved);
+                    ParseSink sink; /* null sink; just parse the NAR */
+                    parseDump(sink, savedNARSource);
+                } else {
+                    /* Incrementally parse the NAR file, stripping the
+                       metadata, and streaming the sole file we expect into
+                       `saved`. */
+                    RetrieveRegularNARSink savedRegular { saved };
+                    parseDump(savedRegular, from);
+                    if (!savedRegular.regular) throw Error("regular file expected");
+                }
+            });
             logger->startWork();
-            if (!savedRegular.regular) throw Error("regular file expected");
-
-            // FIXME: try to stream directly from `from`.
-            StringSource dumpSource { *saved.s };
-            auto path = store->addToStoreFromDump(dumpSource, baseName, method, hashAlgo);
+            auto path = store->addToStoreFromDump(*dumpSource, baseName, method, hashAlgo);
             logger->stopWork();
 
             to << store->printStorePath(path);
@@ -625,9 +630,9 @@ static void performOp(TunnelLogger * logger, ref<Store> store,
         break;
     }
 
-    // Obsolete.
     case wopSyncWithGC: {
         logger->startWork();
+        store->syncWithGC();
         logger->stopWork();
         to << 1;
         break;

src/libstore/derivations.cc

@@ -187,7 +187,7 @@ static DerivationOutput parseDerivationOutput(const Store & store,
                 },
             };
         } else {
-            settings.requireExperimentalFeature(Xp::CaDerivations);
+            settings.requireExperimentalFeature("ca-derivations");
             assert(pathS == "");
             return DerivationOutput {
                 .output = DerivationOutputCAFloating {

src/libstore/derived-path.cc

@@ -100,7 +100,7 @@ RealisedPath::Set BuiltPath::toRealisedPaths(Store & store) const
                     staticOutputHashes(store, store.readDerivation(p.drvPath));
                 for (auto& [outputName, outputPath] : p.outputs) {
                     if (settings.isExperimentalFeatureEnabled(
-                                Xp::CaDerivations)) {
+                            "ca-derivations")) {
                         auto thisRealisation = store.queryRealisation(
                             DrvOutput{drvHashes.at(outputName), outputName});
                         assert(thisRealisation);  // We’ve built it, so we must h

src/libstore/filetransfer.cc

@@ -725,8 +725,16 @@ ref<FileTransfer> getFileTransfer()
 {
     static ref<curlFileTransfer> fileTransfer = makeCurlFileTransfer();
 
-    if (fileTransfer->state_.lock()->quit)
+    // this has to be done in its own scope to make sure that the lock is released
+    // before creating a new fileTransfer instance.
+    auto needsRecreation = [&]() -> bool {
+        auto state = fileTransfer->state_.lock();
+        return state->quit;
+    };
+
+    if (needsRecreation()) {
         fileTransfer = makeCurlFileTransfer();
+    }
 
     return fileTransfer;
 }

src/libstore/gc.cc

@@ -10,22 +10,48 @@
 #include <regex>
 #include <random>
 
-#include <climits>
-#include <errno.h>
-#include <fcntl.h>
-#include <poll.h>
-#include <sys/socket.h>
+#include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/statvfs.h>
-#include <sys/types.h>
-#include <sys/un.h>
+#include <errno.h>
+#include <fcntl.h>
 #include <unistd.h>
+#include <climits>
 
 namespace nix {
 
 
-static std::string gcSocketPath = "/gc-socket/socket";
-static std::string gcRootsDir = "gcroots";
+static string gcLockName = "gc.lock";
+static string gcRootsDir = "gcroots";
+
+
+/* Acquire the global GC lock.  This is used to prevent new Nix
+   processes from starting after the temporary root files have been
+   read.  To be precise: when they try to create a new temporary root
+   file, they will block until the garbage collector has finished /
+   yielded the GC lock. */
+AutoCloseFD LocalStore::openGCLock(LockType lockType)
+{
+    Path fnGCLock = (format("%1%/%2%")
+        % stateDir % gcLockName).str();
+
+    debug(format("acquiring global GC lock '%1%'") % fnGCLock);
+
+    AutoCloseFD fdGCLock = open(fnGCLock.c_str(), O_RDWR | O_CREAT | O_CLOEXEC, 0600);
+    if (!fdGCLock)
+        throw SysError("opening global GC lock '%1%'", fnGCLock);
+
+    if (!lockFile(fdGCLock.get(), lockType, false)) {
+        printInfo("waiting for the big garbage collector lock...");
+        lockFile(fdGCLock.get(), lockType, true);
+    }
+
+    /* !!! Restrict read permission on the GC root.  Otherwise any
+       process that can open the file for reading can DoS the
+       collector. */
+
+    return fdGCLock;
+}
 
 
 static void makeSymlink(const Path & link, const Path & target)
@@ -45,6 +71,12 @@ static void makeSymlink(const Path & link, const Path & target)
 }
 
 
+void LocalStore::syncWithGC()
+{
+    AutoCloseFD fdGCLock = openGCLock(ltRead);
+}
+
+
 void LocalStore::addIndirectRoot(const Path & path)
 {
     string hash = hashString(htSHA1, path).to_string(Base32, false);
@@ -63,12 +95,6 @@ Path LocalFSStore::addPermRoot(const StorePath & storePath, const Path & _gcRoot
                 "creating a garbage collector root (%1%) in the Nix store is forbidden "
                 "(are you running nix-build inside the store?)", gcRoot);
 
-    /* Register this root with the garbage collector, if it's
-       running. This should be superfluous since the caller should
-       have registered this root yet, but let's be on the safe
-       side. */
-    addTempRoot(storePath);
-
     /* Don't clobber the link if it already exists and doesn't
        point to the Nix store. */
     if (pathExists(gcRoot) && (!isLink(gcRoot) || !isInStore(readLink(gcRoot))))
@@ -76,6 +102,11 @@ Path LocalFSStore::addPermRoot(const StorePath & storePath, const Path & _gcRoot
     makeSymlink(gcRoot, printStorePath(storePath));
     addIndirectRoot(gcRoot);
 
+    /* Grab the global GC root, causing us to block while a GC is in
+       progress.  This prevents the set of permanent roots from
+       increasing while a GC is in progress. */
+    syncWithGC();
+
     return gcRoot;
 }
 
@@ -88,6 +119,8 @@ void LocalStore::addTempRoot(const StorePath & path)
     if (!state->fdTempRoots) {
 
         while (1) {
+            AutoCloseFD fdGCLock = openGCLock(ltRead);
+
             if (pathExists(fnTempRoots))
                 /* It *must* be stale, since there can be no two
                    processes with the same pid. */
@@ -95,8 +128,10 @@ void LocalStore::addTempRoot(const StorePath & path)
 
             state->fdTempRoots = openLockFile(fnTempRoots, true);
 
-            debug("acquiring write lock on '%s'", fnTempRoots);
-            lockFile(state->fdTempRoots.get(), ltWrite, true);
+            fdGCLock = -1;
+
+            debug(format("acquiring read lock on '%1%'") % fnTempRoots);
+            lockFile(state->fdTempRoots.get(), ltRead, true);
 
             /* Check whether the garbage collector didn't get in our
                way. */
@@ -112,55 +147,24 @@ void LocalStore::addTempRoot(const StorePath & path)
 
     }
 
-    if (!state->fdGCLock)
-        state->fdGCLock = openGCLock();
+    /* Upgrade the lock to a write lock.  This will cause us to block
+       if the garbage collector is holding our lock. */
+    debug(format("acquiring write lock on '%1%'") % fnTempRoots);
+    lockFile(state->fdTempRoots.get(), ltWrite, true);
 
- restart:
-    FdLock gcLock(state->fdGCLock.get(), ltRead, false, "");
-
-    if (!gcLock.acquired) {
-        /* We couldn't get a shared global GC lock, so the garbage
-           collector is running. So we have to connect to the garbage
-           collector and inform it about our root. */
-        if (!state->fdRootsSocket) {
-            auto socketPath = stateDir.get() + gcSocketPath;
-            debug("connecting to '%s'", socketPath);
-            state->fdRootsSocket = createUnixDomainSocket();
-            nix::connect(state->fdRootsSocket.get(), socketPath);
-        }
-
-        try {
-            debug("sending GC root '%s'", printStorePath(path));
-            writeFull(state->fdRootsSocket.get(), printStorePath(path) + "\n", false);
-            char c;
-            readFull(state->fdRootsSocket.get(), &c, 1);
-            assert(c == '1');
-            debug("got ack for GC root '%s'", printStorePath(path));
-        } catch (SysError & e) {
-            /* The garbage collector may have exited, so we need to
-               restart. */
-            if (e.errNo == EPIPE) {
-                debug("GC socket disconnected");
-                state->fdRootsSocket.close();
-                goto restart;
-            }
-        } catch (EndOfFile & e) {
-            debug("GC socket disconnected");
-            state->fdRootsSocket.close();
-            goto restart;
-        }
-    }
-
-    /* Append the store path to the temporary roots file. */
     string s = printStorePath(path) + '\0';
     writeFull(state->fdTempRoots.get(), s);
+
+    /* Downgrade to a read lock. */
+    debug(format("downgrading to read lock on '%1%'") % fnTempRoots);
+    lockFile(state->fdTempRoots.get(), ltRead, true);
 }
 
 
 static std::string censored = "{censored}";
 
 
-void LocalStore::findTempRoots(Roots & tempRoots, bool censor)
+void LocalStore::findTempRoots(FDs & fds, Roots & tempRoots, bool censor)
 {
     /* Read the `temproots' directory for per-process temporary root
        files. */
@@ -175,25 +179,35 @@ void LocalStore::findTempRoots(Roots & tempRoots, bool censor)
         pid_t pid = std::stoi(i.name);
 
         debug(format("reading temporary root file '%1%'") % path);
-        AutoCloseFD fd(open(path.c_str(), O_CLOEXEC | O_RDWR, 0666));
-        if (!fd) {
+        FDPtr fd(new AutoCloseFD(open(path.c_str(), O_CLOEXEC | O_RDWR, 0666)));
+        if (!*fd) {
             /* It's okay if the file has disappeared. */
             if (errno == ENOENT) continue;
             throw SysError("opening temporary roots file '%1%'", path);
         }
 
+        /* This should work, but doesn't, for some reason. */
+        //FDPtr fd(new AutoCloseFD(openLockFile(path, false)));
+        //if (*fd == -1) continue;
+
         /* Try to acquire a write lock without blocking.  This can
            only succeed if the owning process has died.  In that case
            we don't care about its temporary roots. */
-        if (lockFile(fd.get(), ltWrite, false)) {
+        if (lockFile(fd->get(), ltWrite, false)) {
             printInfo("removing stale temporary roots file '%1%'", path);
             unlink(path.c_str());
-            writeFull(fd.get(), "d");
+            writeFull(fd->get(), "d");
             continue;
         }
 
+        /* Acquire a read lock.  This will prevent the owning process
+           from upgrading to a write lock, therefore it will block in
+           addTempRoot(). */
+        debug(format("waiting for read lock on '%1%'") % path);
+        lockFile(fd->get(), ltRead, true);
+
         /* Read the entire file. */
-        string contents = readFile(fd.get());
+        string contents = readFile(fd->get());
 
         /* Extract the roots. */
         string::size_type pos = 0, end;
@@ -204,6 +218,8 @@ void LocalStore::findTempRoots(Roots & tempRoots, bool censor)
             tempRoots[parseStorePath(root)].emplace(censor ? censored : fmt("{temp:%d}", pid));
             pos = end + 1;
         }
+
+        fds.push_back(fd); /* keep open */
     }
 }
 
@@ -288,7 +304,8 @@ Roots LocalStore::findRoots(bool censor)
     Roots roots;
     findRootsNoTemp(roots, censor);
 
-    findTempRoots(roots, censor);
+    FDs fds;
+    findTempRoots(fds, roots, censor);
 
     return roots;
 }
@@ -438,139 +455,265 @@ void LocalStore::findRuntimeRoots(Roots & roots, bool censor)
 struct GCLimitReached { };
 
 
+struct LocalStore::GCState
+{
+    const GCOptions & options;
+    GCResults & results;
+    StorePathSet roots;
+    StorePathSet tempRoots;
+    StorePathSet dead;
+    StorePathSet alive;
+    bool gcKeepOutputs;
+    bool gcKeepDerivations;
+    uint64_t bytesInvalidated;
+    bool moveToTrash = true;
+    bool shouldDelete;
+    GCState(const GCOptions & options, GCResults & results)
+        : options(options), results(results), bytesInvalidated(0) { }
+};
+
+
+bool LocalStore::isActiveTempFile(const GCState & state,
+    const Path & path, const string & suffix)
+{
+    return hasSuffix(path, suffix)
+        && state.tempRoots.count(parseStorePath(string(path, 0, path.size() - suffix.size())));
+}
+
+
+void LocalStore::deleteGarbage(GCState & state, const Path & path)
+{
+    uint64_t bytesFreed;
+    deletePath(path, bytesFreed);
+    state.results.bytesFreed += bytesFreed;
+}
+
+
+void LocalStore::deletePathRecursive(GCState & state, const Path & path)
+{
+    checkInterrupt();
+
+    uint64_t size = 0;
+
+    auto storePath = maybeParseStorePath(path);
+    if (storePath && isValidPath(*storePath)) {
+        StorePathSet referrers;
+        queryReferrers(*storePath, referrers);
+        for (auto & i : referrers)
+            if (printStorePath(i) != path) deletePathRecursive(state, printStorePath(i));
+        size = queryPathInfo(*storePath)->narSize;
+        invalidatePathChecked(*storePath);
+    }
+
+    Path realPath = realStoreDir + "/" + std::string(baseNameOf(path));
+
+    struct stat st;
+    if (lstat(realPath.c_str(), &st)) {
+        if (errno == ENOENT) return;
+        throw SysError("getting status of %1%", realPath);
+    }
+
+    printInfo(format("deleting '%1%'") % path);
+
+    state.results.paths.insert(path);
+
+    /* If the path is not a regular file or symlink, move it to the
+       trash directory.  The move is to ensure that later (when we're
+       not holding the global GC lock) we can delete the path without
+       being afraid that the path has become alive again.  Otherwise
+       delete it right away. */
+    if (state.moveToTrash && S_ISDIR(st.st_mode)) {
+        // Estimate the amount freed using the narSize field.  FIXME:
+        // if the path was not valid, need to determine the actual
+        // size.
+        try {
+            if (chmod(realPath.c_str(), st.st_mode | S_IWUSR) == -1)
+                throw SysError("making '%1%' writable", realPath);
+            Path tmp = trashDir + "/" + std::string(baseNameOf(path));
+            if (rename(realPath.c_str(), tmp.c_str()))
+                throw SysError("unable to rename '%1%' to '%2%'", realPath, tmp);
+            state.bytesInvalidated += size;
+        } catch (SysError & e) {
+            if (e.errNo == ENOSPC) {
+                printInfo(format("note: can't create move '%1%': %2%") % realPath % e.msg());
+                deleteGarbage(state, realPath);
+            }
+        }
+    } else
+        deleteGarbage(state, realPath);
+
+    if (state.results.bytesFreed + state.bytesInvalidated > state.options.maxFreed) {
+        printInfo(format("deleted or invalidated more than %1% bytes; stopping") % state.options.maxFreed);
+        throw GCLimitReached();
+    }
+}
+
+
+bool LocalStore::canReachRoot(GCState & state, StorePathSet & visited, const StorePath & path)
+{
+    if (visited.count(path)) return false;
+
+    if (state.alive.count(path)) return true;
+
+    if (state.dead.count(path)) return false;
+
+    if (state.roots.count(path)) {
+        debug("cannot delete '%1%' because it's a root", printStorePath(path));
+        state.alive.insert(path);
+        return true;
+    }
+
+    visited.insert(path);
+
+    if (!isValidPath(path)) return false;
+
+    StorePathSet incoming;
+
+    /* Don't delete this path if any of its referrers are alive. */
+    queryReferrers(path, incoming);
+
+    /* If keep-derivations is set and this is a derivation, then
+       don't delete the derivation if any of the outputs are alive. */
+    if (state.gcKeepDerivations && path.isDerivation()) {
+        for (auto & [name, maybeOutPath] : queryPartialDerivationOutputMap(path))
+            if (maybeOutPath &&
+                isValidPath(*maybeOutPath) &&
+                queryPathInfo(*maybeOutPath)->deriver == path
+                )
+                incoming.insert(*maybeOutPath);
+    }
+
+    /* If keep-outputs is set, then don't delete this path if there
+       are derivers of this path that are not garbage. */
+    if (state.gcKeepOutputs) {
+        auto derivers = queryValidDerivers(path);
+        for (auto & i : derivers)
+            incoming.insert(i);
+    }
+
+    for (auto & i : incoming)
+        if (i != path)
+            if (canReachRoot(state, visited, i)) {
+                state.alive.insert(path);
+                return true;
+            }
+
+    return false;
+}
+
+
+void LocalStore::tryToDelete(GCState & state, const Path & path)
+{
+    checkInterrupt();
+
+    auto realPath = realStoreDir + "/" + std::string(baseNameOf(path));
+    if (realPath == linksDir || realPath == trashDir) return;
+
+    //Activity act(*logger, lvlDebug, format("considering whether to delete '%1%'") % path);
+
+    auto storePath = maybeParseStorePath(path);
+
+    if (!storePath || !isValidPath(*storePath)) {
+        /* A lock file belonging to a path that we're building right
+           now isn't garbage. */
+        if (isActiveTempFile(state, path, ".lock")) return;
+
+        /* Don't delete .chroot directories for derivations that are
+           currently being built. */
+        if (isActiveTempFile(state, path, ".chroot")) return;
+
+        /* Don't delete .check directories for derivations that are
+           currently being built, because we may need to run
+           diff-hook. */
+        if (isActiveTempFile(state, path, ".check")) return;
+    }
+
+    StorePathSet visited;
+
+    if (storePath && canReachRoot(state, visited, *storePath)) {
+        debug("cannot delete '%s' because it's still reachable", path);
+    } else {
+        /* No path we visited was a root, so everything is garbage.
+           But we only delete ‘path’ and its referrers here so that
+           ‘nix-store --delete’ doesn't have the unexpected effect of
+           recursing into derivations and outputs. */
+        for (auto & i : visited)
+            state.dead.insert(i);
+        if (state.shouldDelete)
+            deletePathRecursive(state, path);
+    }
+}
+
+
+/* Unlink all files in /nix/store/.links that have a link count of 1,
+   which indicates that there are no other links and so they can be
+   safely deleted.  FIXME: race condition with optimisePath(): we
+   might see a link count of 1 just before optimisePath() increases
+   the link count. */
+void LocalStore::removeUnusedLinks(const GCState & state)
+{
+    AutoCloseDir dir(opendir(linksDir.c_str()));
+    if (!dir) throw SysError("opening directory '%1%'", linksDir);
+
+    int64_t actualSize = 0, unsharedSize = 0;
+
+    struct dirent * dirent;
+    while (errno = 0, dirent = readdir(dir.get())) {
+        checkInterrupt();
+        string name = dirent->d_name;
+        if (name == "." || name == "..") continue;
+        Path path = linksDir + "/" + name;
+
+        auto st = lstat(path);
+
+        if (st.st_nlink != 1) {
+            actualSize += st.st_size;
+            unsharedSize += (st.st_nlink - 1) * st.st_size;
+            continue;
+        }
+
+        printMsg(lvlTalkative, format("deleting unused link '%1%'") % path);
+
+        if (unlink(path.c_str()) == -1)
+            throw SysError("deleting '%1%'", path);
+
+        state.results.bytesFreed += st.st_size;
+    }
+
+    struct stat st;
+    if (stat(linksDir.c_str(), &st) == -1)
+        throw SysError("statting '%1%'", linksDir);
+    int64_t overhead = st.st_blocks * 512ULL;
+
+    printInfo("note: currently hard linking saves %.2f MiB",
+        ((unsharedSize - actualSize - overhead) / (1024.0 * 1024.0)));
+}
+
+
 void LocalStore::collectGarbage(const GCOptions & options, GCResults & results)
 {
-    bool shouldDelete = options.action == GCOptions::gcDeleteDead || options.action == GCOptions::gcDeleteSpecific;
-    bool gcKeepOutputs = settings.gcKeepOutputs;
-    bool gcKeepDerivations = settings.gcKeepDerivations;
-
-    StorePathSet roots, dead, alive;
-
-    struct Shared
-    {
-        // The temp roots only store the hash part to make it easier to
-        // ignore suffixes like '.lock', '.chroot' and '.check'.
-        std::unordered_set<std::string> tempRoots;
-
-        // Hash part of the store path currently being deleted, if
-        // any.
-        std::optional<std::string> pending;
-    };
-
-    Sync<Shared> _shared;
-
-    std::condition_variable wakeup;
+    GCState state(options, results);
+    state.gcKeepOutputs = settings.gcKeepOutputs;
+    state.gcKeepDerivations = settings.gcKeepDerivations;
 
     /* Using `--ignore-liveness' with `--delete' can have unintended
        consequences if `keep-outputs' or `keep-derivations' are true
        (the garbage collector will recurse into deleting the outputs
        or derivers, respectively).  So disable them. */
     if (options.action == GCOptions::gcDeleteSpecific && options.ignoreLiveness) {
-        gcKeepOutputs = false;
-        gcKeepDerivations = false;
+        state.gcKeepOutputs = false;
+        state.gcKeepDerivations = false;
     }
 
-    if (shouldDelete)
+    state.shouldDelete = options.action == GCOptions::gcDeleteDead || options.action == GCOptions::gcDeleteSpecific;
+
+    if (state.shouldDelete)
         deletePath(reservedPath);
 
-    /* Acquire the global GC root. Note: we don't use fdGCLock
-       here because then in auto-gc mode, another thread could
-       downgrade our exclusive lock. */
-    auto fdGCLock = openGCLock();
-    FdLock gcLock(fdGCLock.get(), ltWrite, true, "waiting for the big garbage collector lock...");
-
-    /* Start the server for receiving new roots. */
-    auto socketPath = stateDir.get() + gcSocketPath;
-    createDirs(dirOf(socketPath));
-    auto fdServer = createUnixDomainSocket(socketPath, 0666);
-
-    if (fcntl(fdServer.get(), F_SETFL, fcntl(fdServer.get(), F_GETFL) | O_NONBLOCK) == -1)
-        throw SysError("making socket '%1%' non-blocking", socketPath);
-
-    Pipe shutdownPipe;
-    shutdownPipe.create();
-
-    std::thread serverThread([&]() {
-        Sync<std::map<int, std::thread>> connections;
-
-        Finally cleanup([&]() {
-            debug("GC roots server shutting down");
-            while (true) {
-                auto item = remove_begin(*connections.lock());
-                if (!item) break;
-                auto & [fd, thread] = *item;
-                shutdown(fd, SHUT_RDWR);
-                thread.join();
-            }
-        });
-
-        while (true) {
-            std::vector<struct pollfd> fds;
-            fds.push_back({.fd = shutdownPipe.readSide.get(), .events = POLLIN});
-            fds.push_back({.fd = fdServer.get(), .events = POLLIN});
-            auto count = poll(fds.data(), fds.size(), -1);
-            assert(count != -1);
-
-            if (fds[0].revents)
-                /* Parent is asking us to quit. */
-                break;
-
-            if (fds[1].revents) {
-                /* Accept a new connection. */
-                assert(fds[1].revents & POLLIN);
-                AutoCloseFD fdClient = accept(fdServer.get(), nullptr, nullptr);
-                if (!fdClient) continue;
-
-                /* Process the connection in a separate thread. */
-                auto fdClient_ = fdClient.get();
-                std::thread clientThread([&, fdClient = std::move(fdClient)]() {
-                    Finally cleanup([&]() {
-                        auto conn(connections.lock());
-                        auto i = conn->find(fdClient.get());
-                        if (i != conn->end()) {
-                            i->second.detach();
-                            conn->erase(i);
-                        }
-                    });
-
-                    while (true) {
-                        try {
-                            auto path = readLine(fdClient.get());
-                            auto storePath = maybeParseStorePath(path);
-                            if (storePath) {
-                                debug("got new GC root '%s'", path);
-                                auto hashPart = std::string(storePath->hashPart());
-                                auto shared(_shared.lock());
-                                shared->tempRoots.insert(hashPart);
-                                /* If this path is currently being
-                                   deleted, then we have to wait until
-                                   deletion is finished to ensure that
-                                   the client doesn't start
-                                   re-creating it before we're
-                                   done. FIXME: ideally we would use a
-                                   FD for this so we don't block the
-                                   poll loop. */
-                                while (shared->pending == hashPart) {
-                                    debug("synchronising with deletion of path '%s'", path);
-                                    shared.wait(wakeup);
-                                }
-                            } else
-                                printError("received garbage instead of a root from client");
-                            writeFull(fdClient.get(), "1", false);
-                        } catch (Error &) { break; }
-                    }
-                });
-
-                connections.lock()->insert({fdClient_, std::move(clientThread)});
-            }
-        }
-    });
-
-    Finally stopServer([&]() {
-        writeFull(shutdownPipe.writeSide.get(), "x", false);
-        wakeup.notify_all();
-        if (serverThread.joinable()) serverThread.join();
-    });
+    /* Acquire the global GC root.  This prevents
+       a) New roots from being added.
+       b) Processes from creating new temporary root files. */
+    AutoCloseFD fdGCLock = openGCLock(ltWrite);
 
     /* Find the roots.  Since we've grabbed the GC lock, the set of
        permanent roots cannot increase now. */
@@ -579,256 +722,124 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results)
     if (!options.ignoreLiveness)
         findRootsNoTemp(rootMap, true);
 
-    for (auto & i : rootMap) roots.insert(i.first);
+    for (auto & i : rootMap) state.roots.insert(i.first);
 
-    /* Read the temporary roots created before we acquired the global
-       GC root. Any new roots will be sent to our socket. */
+    /* Read the temporary roots.  This acquires read locks on all
+       per-process temporary root files.  So after this point no paths
+       can be added to the set of temporary roots. */
+    FDs fds;
     Roots tempRoots;
-    findTempRoots(tempRoots, true);
+    findTempRoots(fds, tempRoots, true);
     for (auto & root : tempRoots) {
-        _shared.lock()->tempRoots.insert(std::string(root.first.hashPart()));
-        roots.insert(root.first);
+        state.tempRoots.insert(root.first);
+        state.roots.insert(root.first);
     }
 
-    /* Helper function that deletes a path from the store and throws
-       GCLimitReached if we've deleted enough garbage. */
-    auto deleteFromStore = [&](std::string_view baseName)
-    {
-        Path path = storeDir + "/" + std::string(baseName);
-        Path realPath = realStoreDir + "/" + std::string(baseName);
+    /* After this point the set of roots or temporary roots cannot
+       increase, since we hold locks on everything.  So everything
+       that is not reachable from `roots' is garbage. */
 
-        printInfo("deleting '%1%'", path);
-
-        results.paths.insert(path);
-
-        uint64_t bytesFreed;
-        deletePath(realPath, bytesFreed);
-        results.bytesFreed += bytesFreed;
-
-        if (results.bytesFreed > options.maxFreed) {
-            printInfo("deleted more than %d bytes; stopping", options.maxFreed);
-            throw GCLimitReached();
-        }
-    };
-
-    std::map<StorePath, StorePathSet> referrersCache;
-
-    /* Helper function that visits all paths reachable from `start`
-       via the referrers edges and optionally derivers and derivation
-       output edges. If none of those paths are roots, then all
-       visited paths are garbage and are deleted. */
-    auto deleteReferrersClosure = [&](const StorePath & start) {
-        StorePathSet visited;
-        std::queue<StorePath> todo;
-
-        /* Wake up any GC client waiting for deletion of the paths in
-           'visited' to finish. */
-        Finally releasePending([&]() {
-            auto shared(_shared.lock());
-            shared->pending.reset();
-            wakeup.notify_all();
-        });
-
-        auto enqueue = [&](const StorePath & path) {
-            if (visited.insert(path).second)
-                todo.push(path);
-        };
-
-        enqueue(start);
-
-        while (auto path = pop(todo)) {
-            checkInterrupt();
-
-            /* Bail out if we've previously discovered that this path
-               is alive. */
-            if (alive.count(*path)) {
-                alive.insert(start);
-                return;
-            }
-
-            /* If we've previously deleted this path, we don't have to
-               handle it again. */
-            if (dead.count(*path)) continue;
-
-            auto markAlive = [&]()
-            {
-                alive.insert(*path);
-                alive.insert(start);
-                try {
-                    StorePathSet closure;
-                    computeFSClosure(*path, closure);
-                    for (auto & p : closure)
-                        alive.insert(p);
-                } catch (InvalidPath &) { }
-            };
-
-            /* If this is a root, bail out. */
-            if (roots.count(*path)) {
-                debug("cannot delete '%s' because it's a root", printStorePath(*path));
-                return markAlive();
-            }
-
-            if (options.action == GCOptions::gcDeleteSpecific
-                && !options.pathsToDelete.count(*path))
-                return;
-
-            {
-                auto hashPart = std::string(path->hashPart());
-                auto shared(_shared.lock());
-                if (shared->tempRoots.count(hashPart)) {
-                    debug("cannot delete '%s' because it's a temporary root", printStorePath(*path));
-                    return markAlive();
-                }
-                shared->pending = hashPart;
-            }
-
-            if (isValidPath(*path)) {
-
-                /* Visit the referrers of this path. */
-                auto i = referrersCache.find(*path);
-                if (i == referrersCache.end()) {
-                    StorePathSet referrers;
-                    queryReferrers(*path, referrers);
-                    referrersCache.emplace(*path, std::move(referrers));
-                    i = referrersCache.find(*path);
-                }
-                for (auto & p : i->second)
-                    enqueue(p);
-
-                /* If keep-derivations is set and this is a
-                   derivation, then visit the derivation outputs. */
-                if (gcKeepDerivations && path->isDerivation()) {
-                    for (auto & [name, maybeOutPath] : queryPartialDerivationOutputMap(*path))
-                        if (maybeOutPath &&
-                            isValidPath(*maybeOutPath) &&
-                            queryPathInfo(*maybeOutPath)->deriver == *path)
-                            enqueue(*maybeOutPath);
-                }
-
-                /* If keep-outputs is set, then visit the derivers. */
-                if (gcKeepOutputs) {
-                    auto derivers = queryValidDerivers(*path);
-                    for (auto & i : derivers)
-                        enqueue(i);
-                }
+    if (state.shouldDelete) {
+        if (pathExists(trashDir)) deleteGarbage(state, trashDir);
+        try {
+            createDirs(trashDir);
+        } catch (SysError & e) {
+            if (e.errNo == ENOSPC) {
+                printInfo("note: can't create trash directory: %s", e.msg());
+                state.moveToTrash = false;
             }
         }
+    }
 
-        for (auto & path : topoSortPaths(visited)) {
-            if (!dead.insert(path).second) continue;
-            if (shouldDelete) {
-                invalidatePathChecked(path);
-                deleteFromStore(path.to_string());
-                referrersCache.erase(path);
-            }
-        }
-    };
-
-    /* Synchronisation point for testing, see tests/gc-concurrent.sh. */
-    if (auto p = getEnv("_NIX_TEST_GC_SYNC"))
-        readFile(*p);
-
-    /* Either delete all garbage paths, or just the specified
+    /* Now either delete all garbage paths, or just the specified
        paths (for gcDeleteSpecific). */
+
     if (options.action == GCOptions::gcDeleteSpecific) {
 
         for (auto & i : options.pathsToDelete) {
-            deleteReferrersClosure(i);
-            if (!dead.count(i))
+            tryToDelete(state, printStorePath(i));
+            if (state.dead.find(i) == state.dead.end())
                 throw Error(
-                    "Cannot delete path '%1%' since it is still alive. "
-                    "To find out why, use: "
+                    "cannot delete path '%1%' since it is still alive. "
+                    "To find out why use: "
                     "nix-store --query --roots",
                     printStorePath(i));
         }
 
     } else if (options.maxFreed > 0) {
 
-        if (shouldDelete)
+        if (state.shouldDelete)
             printInfo("deleting garbage...");
         else
             printInfo("determining live/dead paths...");
 
         try {
+
             AutoCloseDir dir(opendir(realStoreDir.get().c_str()));
             if (!dir) throw SysError("opening directory '%1%'", realStoreDir);
 
-            /* Read the store and delete all paths that are invalid or
-               unreachable. We don't use readDirectory() here so that
-               GCing can start faster. */
-            auto linksName = baseNameOf(linksDir);
+            /* Read the store and immediately delete all paths that
+               aren't valid.  When using --max-freed etc., deleting
+               invalid paths is preferred over deleting unreachable
+               paths, since unreachable paths could become reachable
+               again.  We don't use readDirectory() here so that GCing
+               can start faster. */
             Paths entries;
             struct dirent * dirent;
             while (errno = 0, dirent = readdir(dir.get())) {
                 checkInterrupt();
                 string name = dirent->d_name;
-                if (name == "." || name == ".." || name == linksName) continue;
-
-                if (auto storePath = maybeParseStorePath(storeDir + "/" + name))
-                    deleteReferrersClosure(*storePath);
+                if (name == "." || name == "..") continue;
+                Path path = storeDir + "/" + name;
+                auto storePath = maybeParseStorePath(path);
+                if (storePath && isValidPath(*storePath))
+                    entries.push_back(path);
                 else
-                    deleteFromStore(name);
-
+                    tryToDelete(state, path);
             }
+
+            dir.reset();
+
+            /* Now delete the unreachable valid paths.  Randomise the
+               order in which we delete entries to make the collector
+               less biased towards deleting paths that come
+               alphabetically first (e.g. /nix/store/000...).  This
+               matters when using --max-freed etc. */
+            vector<Path> entries_(entries.begin(), entries.end());
+            std::mt19937 gen(1);
+            std::shuffle(entries_.begin(), entries_.end(), gen);
+
+            for (auto & i : entries_)
+                tryToDelete(state, i);
+
         } catch (GCLimitReached & e) {
         }
     }
 
-    if (options.action == GCOptions::gcReturnLive) {
-        for (auto & i : alive)
-            results.paths.insert(printStorePath(i));
+    if (state.options.action == GCOptions::gcReturnLive) {
+        for (auto & i : state.alive)
+            state.results.paths.insert(printStorePath(i));
         return;
     }
 
-    if (options.action == GCOptions::gcReturnDead) {
-        for (auto & i : dead)
-            results.paths.insert(printStorePath(i));
+    if (state.options.action == GCOptions::gcReturnDead) {
+        for (auto & i : state.dead)
+            state.results.paths.insert(printStorePath(i));
         return;
     }
 
-    /* Unlink all files in /nix/store/.links that have a link count of 1,
-       which indicates that there are no other links and so they can be
-       safely deleted.  FIXME: race condition with optimisePath(): we
-       might see a link count of 1 just before optimisePath() increases
-       the link count. */
+    /* Allow other processes to add to the store from here on. */
+    fdGCLock = -1;
+    fds.clear();
+
+    /* Delete the trash directory. */
+    printInfo(format("deleting '%1%'") % trashDir);
+    deleteGarbage(state, trashDir);
+
+    /* Clean up the links directory. */
     if (options.action == GCOptions::gcDeleteDead || options.action == GCOptions::gcDeleteSpecific) {
         printInfo("deleting unused links...");
-
-        AutoCloseDir dir(opendir(linksDir.c_str()));
-        if (!dir) throw SysError("opening directory '%1%'", linksDir);
-
-        int64_t actualSize = 0, unsharedSize = 0;
-
-        struct dirent * dirent;
-        while (errno = 0, dirent = readdir(dir.get())) {
-            checkInterrupt();
-            string name = dirent->d_name;
-            if (name == "." || name == "..") continue;
-            Path path = linksDir + "/" + name;
-
-            auto st = lstat(path);
-
-            if (st.st_nlink != 1) {
-                actualSize += st.st_size;
-                unsharedSize += (st.st_nlink - 1) * st.st_size;
-                continue;
-            }
-
-            printMsg(lvlTalkative, format("deleting unused link '%1%'") % path);
-
-            if (unlink(path.c_str()) == -1)
-                throw SysError("deleting '%1%'", path);
-
-            results.bytesFreed += st.st_size;
-        }
-
-        struct stat st;
-        if (stat(linksDir.c_str(), &st) == -1)
-            throw SysError("statting '%1%'", linksDir);
-        int64_t overhead = st.st_blocks * 512ULL;
-
-        printInfo("note: currently hard linking saves %.2f MiB",
-            ((unsharedSize - actualSize - overhead) / (1024.0 * 1024.0)));
+        removeUnusedLinks(state);
     }
 
     /* While we're at it, vacuum the database. */

src/libstore/globals.cc

@@ -160,16 +160,21 @@ StringSet Settings::getDefaultExtraPlatforms()
     return extraPlatforms;
 }
 
-bool Settings::isExperimentalFeatureEnabled(const ExperimentalFeature & feature)
+bool Settings::isExperimentalFeatureEnabled(const std::string & name)
 {
     auto & f = experimentalFeatures.get();
-    return std::find(f.begin(), f.end(), feature) != f.end();
+    return std::find(f.begin(), f.end(), name) != f.end();
 }
 
-void Settings::requireExperimentalFeature(const ExperimentalFeature & feature)
+MissingExperimentalFeature::MissingExperimentalFeature(std::string feature)
+    : Error("experimental Nix feature '%1%' is disabled; use '--extra-experimental-features %1%' to override", feature)
+    , missingFeature(feature)
+    {}
+
+void Settings::requireExperimentalFeature(const std::string & name)
 {
-    if (!isExperimentalFeatureEnabled(feature))
-        throw MissingExperimentalFeature(feature);
+    if (!isExperimentalFeatureEnabled(name))
+        throw MissingExperimentalFeature(name);
 }
 
 bool Settings::isWSL1()

src/libstore/globals.hh

@@ -3,7 +3,6 @@
 #include "types.hh"
 #include "config.hh"
 #include "util.hh"
-#include "experimental-features.hh"
 
 #include <map>
 #include <limits>
@@ -46,6 +45,15 @@ struct PluginFilesSetting : public BaseSetting<Paths>
     void set(const std::string & str, bool append = false) override;
 };
 
+class MissingExperimentalFeature: public Error
+{
+public:
+    std::string missingFeature;
+
+    MissingExperimentalFeature(std::string feature);
+    virtual const char* sname() const override { return "MissingExperimentalFeature"; }
+};
+
 class Settings : public Config {
 
     unsigned int getDefaultCores();
@@ -917,12 +925,12 @@ public:
           value.
           )"};
 
-    Setting<std::set<ExperimentalFeature>> experimentalFeatures{this, {}, "experimental-features",
+    Setting<Strings> experimentalFeatures{this, {}, "experimental-features",
         "Experimental Nix features to enable."};
 
-    bool isExperimentalFeatureEnabled(const ExperimentalFeature &);
+    bool isExperimentalFeatureEnabled(const std::string & name);
 
-    void requireExperimentalFeature(const ExperimentalFeature &);
+    void requireExperimentalFeature(const std::string & name);
 
     Setting<bool> allowDirty{this, true, "allow-dirty",
         "Whether to allow dirty Git/Mercurial trees."};

src/libstore/local-store.cc

@@ -8,6 +8,7 @@
 #include "references.hh"
 #include "callback.hh"
 #include "topo-sort.hh"
+#include "finally.hh"
 
 #include <iostream>
 #include <algorithm>
@@ -145,6 +146,7 @@ LocalStore::LocalStore(const Params & params)
     , linksDir(realStoreDir + "/.links")
     , reservedPath(dbDir + "/reserved")
     , schemaPath(dbDir + "/schema")
+    , trashDir(realStoreDir + "/trash")
     , tempRootsDir(stateDir + "/temproots")
     , fnTempRoots(fmt("%s/%d", tempRootsDir, getpid()))
     , locksHeld(tokenizeString<PathSet>(getEnv("NIX_HELD_LOCKS").value_or("")))
@@ -308,7 +310,7 @@ LocalStore::LocalStore(const Params & params)
 
     else openDB(*state, false);
 
-    if (settings.isExperimentalFeatureEnabled(Xp::CaDerivations)) {
+    if (settings.isExperimentalFeatureEnabled("ca-derivations")) {
         migrateCASchema(state->db, dbDir + "/ca-schema", globalLock);
     }
 
@@ -338,7 +340,7 @@ LocalStore::LocalStore(const Params & params)
     state->stmts->QueryPathFromHashPart.create(state->db,
         "select path from ValidPaths where path >= ? limit 1;");
     state->stmts->QueryValidPaths.create(state->db, "select path from ValidPaths");
-    if (settings.isExperimentalFeatureEnabled(Xp::CaDerivations)) {
+    if (settings.isExperimentalFeatureEnabled("ca-derivations")) {
         state->stmts->RegisterRealisedOutput.create(state->db,
             R"(
                 insert into Realisations (drvPath, outputName, outputPath, signatures)
@@ -385,16 +387,6 @@ LocalStore::LocalStore(const Params & params)
 }
 
 
-AutoCloseFD LocalStore::openGCLock()
-{
-    Path fnGCLock = stateDir + "/gc.lock";
-    auto fdGCLock = open(fnGCLock.c_str(), O_RDWR | O_CREAT | O_CLOEXEC, 0600);
-    if (!fdGCLock)
-        throw SysError("opening global GC lock '%1%'", fnGCLock);
-    return fdGCLock;
-}
-
-
 LocalStore::~LocalStore()
 {
     std::shared_future<void> future;
@@ -717,7 +709,7 @@ void LocalStore::checkDerivationOutputs(const StorePath & drvPath, const Derivat
 
 void LocalStore::registerDrvOutput(const Realisation & info, CheckSigsFlag checkSigs)
 {
-    settings.requireExperimentalFeature(Xp::CaDerivations);
+    settings.requireExperimentalFeature("ca-derivations");
     if (checkSigs == NoCheckSigs || !realisationIsUntrusted(info))
         registerDrvOutput(info);
     else
@@ -726,7 +718,7 @@ void LocalStore::registerDrvOutput(const Realisation & info, CheckSigsFlag check
 
 void LocalStore::registerDrvOutput(const Realisation & info)
 {
-    settings.requireExperimentalFeature(Xp::CaDerivations);
+    settings.requireExperimentalFeature("ca-derivations");
     retrySQLite<void>([&]() {
         auto state(_state.lock());
         if (auto oldR = queryRealisation_(*state, info.id)) {
@@ -834,7 +826,7 @@ uint64_t LocalStore::addValidPath(State & state,
 
     {
         auto state_(Store::state.lock());
-        state_->pathInfoCache.upsert(std::string(info.path.to_string()),
+        state_->pathInfoCache.upsert(std::string(info.path.hashPart()),
             PathInfoCacheValue{ .value = std::make_shared<const ValidPathInfo>(info) });
     }
 
@@ -1012,7 +1004,7 @@ LocalStore::queryPartialDerivationOutputMap(const StorePath & path_)
         return outputs;
     });
 
-    if (!settings.isExperimentalFeatureEnabled(Xp::CaDerivations))
+    if (!settings.isExperimentalFeatureEnabled("ca-derivations"))
         return outputs;
 
     auto drv = readInvalidDerivation(path);
@@ -1207,7 +1199,7 @@ void LocalStore::invalidatePath(State & state, const StorePath & path)
 
     {
         auto state_(Store::state.lock());
-        state_->pathInfoCache.erase(std::string(path.to_string()));
+        state_->pathInfoCache.erase(std::string(path.hashPart()));
     }
 }
 
@@ -1336,13 +1328,15 @@ StorePath LocalStore::addToStoreFromDump(Source & source0, const string & name,
         auto want = std::min(chunkSize, settings.narBufferSize - oldSize);
         dump.resize(oldSize + want);
         auto got = 0;
+        Finally cleanup([&]() {
+            dump.resize(oldSize + got);
+        });
         try {
             got = source.read(dump.data() + oldSize, want);
         } catch (EndOfFile &) {
             inMemory = true;
             break;
         }
-        dump.resize(oldSize + got);
     }
 
     std::unique_ptr<AutoDelete> delTempDir;
@@ -1514,8 +1508,7 @@ bool LocalStore::verifyStore(bool checkContents, RepairFlag repair)
 
     /* Acquire the global GC lock to get a consistent snapshot of
        existing and valid paths. */
-    auto fdGCLock = openGCLock();
-    FdLock gcLock(fdGCLock.get(), ltRead, true, "waiting for the big garbage collector lock...");
+    AutoCloseFD fdGCLock = openGCLock(ltWrite);
 
     StringSet store;
     for (auto & i : readDirectory(realStoreDir)) store.insert(i.name);
@@ -1526,6 +1519,8 @@ bool LocalStore::verifyStore(bool checkContents, RepairFlag repair)
     StorePathSet validPaths;
     PathSet done;
 
+    fdGCLock = -1;
+
     for (auto & i : queryAllValidPaths())
         verifyPath(printStorePath(i), store, done, validPaths, repair, errors);
 

src/libstore/local-store.hh

@@ -58,15 +58,9 @@ private:
         struct Stmts;
         std::unique_ptr<Stmts> stmts;
 
-        /* The global GC lock  */
-        AutoCloseFD fdGCLock;
-
         /* The file to which we write our temporary roots. */
         AutoCloseFD fdTempRoots;
 
-        /* Connection to the garbage collector. */
-        AutoCloseFD fdRootsSocket;
-
         /* The last time we checked whether to do an auto-GC, or an
            auto-GC finished. */
         std::chrono::time_point<std::chrono::steady_clock> lastGCCheck;
@@ -93,6 +87,7 @@ public:
     const Path linksDir;
     const Path reservedPath;
     const Path schemaPath;
+    const Path trashDir;
     const Path tempRootsDir;
     const Path fnTempRoots;
 
@@ -154,11 +149,14 @@ public:
 
     void addIndirectRoot(const Path & path) override;
 
+    void syncWithGC() override;
+
 private:
 
-    void findTempRoots(Roots & roots, bool censor);
+    typedef std::shared_ptr<AutoCloseFD> FDPtr;
+    typedef list<FDPtr> FDs;
 
-    AutoCloseFD openGCLock();
+    void findTempRoots(FDs & fds, Roots & roots, bool censor);
 
 public:
 
@@ -238,12 +236,29 @@ private:
     PathSet queryValidPathsOld();
     ValidPathInfo queryPathInfoOld(const Path & path);
 
+    struct GCState;
+
+    void deleteGarbage(GCState & state, const Path & path);
+
+    void tryToDelete(GCState & state, const Path & path);
+
+    bool canReachRoot(GCState & state, StorePathSet & visited, const StorePath & path);
+
+    void deletePathRecursive(GCState & state, const Path & path);
+
+    bool isActiveTempFile(const GCState & state,
+        const Path & path, const string & suffix);
+
+    AutoCloseFD openGCLock(LockType lockType);
+
     void findRoots(const Path & path, unsigned char type, Roots & roots);
 
     void findRootsNoTemp(Roots & roots, bool censor);
 
     void findRuntimeRoots(Roots & roots, bool censor);
 
+    void removeUnusedLinks(const GCState & state);
+
     Path createTempDirInStore();
 
     void checkDerivationOutputs(const StorePath & drvPath, const Derivation & drv);

src/libstore/machines.cc

@@ -39,8 +39,7 @@ Machine::Machine(decltype(storeUri) storeUri,
     sshPublicHostKey(sshPublicHostKey)
 {}
 
-bool Machine::allSupported(const std::set<string> & features) const
-{
+bool Machine::allSupported(const std::set<string> & features) const {
     return std::all_of(features.begin(), features.end(),
         [&](const string & feature) {
             return supportedFeatures.count(feature) ||
@@ -48,16 +47,14 @@ bool Machine::allSupported(const std::set<string> & features) const
         });
 }
 
-bool Machine::mandatoryMet(const std::set<string> & features) const
-{
+bool Machine::mandatoryMet(const std::set<string> & features) const {
     return std::all_of(mandatoryFeatures.begin(), mandatoryFeatures.end(),
         [&](const string & feature) {
             return features.count(feature);
         });
 }
 
-ref<Store> Machine::openStore() const
-{
+ref<Store> Machine::openStore() const {
     Store::Params storeParams;
     if (hasPrefix(storeUri, "ssh://")) {
         storeParams["max-connections"] = "1";
@@ -86,86 +83,53 @@ ref<Store> Machine::openStore() const
     return nix::openStore(storeUri, storeParams);
 }
 
-static std::vector<std::string> expandBuilderLines(const std::string & builders)
+void parseMachines(const std::string & s, Machines & machines)
 {
-    std::vector<std::string> result;
-    for (auto line : tokenizeString<std::vector<string>>(builders, "\n;")) {
+    for (auto line : tokenizeString<std::vector<string>>(s, "\n;")) {
         trim(line);
         line.erase(std::find(line.begin(), line.end(), '#'), line.end());
         if (line.empty()) continue;
 
         if (line[0] == '@') {
-            const std::string path = trim(std::string(line, 1));
-            std::string text;
+            auto file = trim(std::string(line, 1));
             try {
-                text = readFile(path);
+                parseMachines(readFile(file), machines);
             } catch (const SysError & e) {
                 if (e.errNo != ENOENT)
                     throw;
-                debug("cannot find machines file '%s'", path);
+                debug("cannot find machines file '%s'", file);
             }
-
-            const auto lines = expandBuilderLines(text);
-            result.insert(end(result), begin(lines), end(lines));
             continue;
         }
 
-        result.emplace_back(line);
+        auto tokens = tokenizeString<std::vector<string>>(line);
+        auto sz = tokens.size();
+        if (sz < 1)
+            throw FormatError("bad machine specification '%s'", line);
+
+        auto isSet = [&](size_t n) {
+            return tokens.size() > n && tokens[n] != "" && tokens[n] != "-";
+        };
+
+        machines.emplace_back(tokens[0],
+            isSet(1) ? tokenizeString<std::vector<string>>(tokens[1], ",") : std::vector<string>{settings.thisSystem},
+            isSet(2) ? tokens[2] : "",
+            isSet(3) ? std::stoull(tokens[3]) : 1LL,
+            isSet(4) ? std::stoull(tokens[4]) : 1LL,
+            isSet(5) ? tokenizeString<std::set<string>>(tokens[5], ",") : std::set<string>{},
+            isSet(6) ? tokenizeString<std::set<string>>(tokens[6], ",") : std::set<string>{},
+            isSet(7) ? tokens[7] : "");
     }
-    return result;
-}
-
-static Machine parseBuilderLine(const std::string & line)
-{
-    const auto tokens = tokenizeString<std::vector<string>>(line);
-
-    auto isSet = [&](size_t fieldIndex) {
-        return tokens.size() > fieldIndex && tokens[fieldIndex] != "" && tokens[fieldIndex] != "-";
-    };
-
-    auto parseUnsignedIntField = [&](size_t fieldIndex) {
-        const auto result = string2Int<unsigned int>(tokens[fieldIndex]);
-        if (!result) {
-            throw FormatError("bad machine specification: failed to convert column #%lu in a row: '%s' to 'unsigned int'", fieldIndex, line);
-        }
-        return result.value();
-    };
-
-    auto ensureBase64 = [&](size_t fieldIndex) {
-        const auto & str = tokens[fieldIndex];
-        try {
-            base64Decode(str);
-        } catch (const Error & e) {
-            throw FormatError("bad machine specification: a column #%lu in a row: '%s' is not valid base64 string: %s", fieldIndex, line, e.what());
-        }
-        return str;
-    };
-
-    if (!isSet(0))
-        throw FormatError("bad machine specification: store URL was not found at the first column of a row: '%s'", line);
-
-    return {
-        tokens[0],
-        isSet(1) ? tokenizeString<std::vector<string>>(tokens[1], ",") : std::vector<string>{settings.thisSystem},
-        isSet(2) ? tokens[2] : "",
-        isSet(3) ? parseUnsignedIntField(3) : 1U,
-        isSet(4) ? parseUnsignedIntField(4) : 1U,
-        isSet(5) ? tokenizeString<std::set<string>>(tokens[5], ",") : std::set<string>{},
-        isSet(6) ? tokenizeString<std::set<string>>(tokens[6], ",") : std::set<string>{},
-        isSet(7) ? ensureBase64(7) : ""
-    };
-}
-
-static Machines parseBuilderLines(const std::vector<std::string>& builders) {
-    Machines result;
-    std::transform(builders.begin(), builders.end(), std::back_inserter(result), parseBuilderLine);
-    return result;
 }
 
 Machines getMachines()
 {
-    const auto builderLines = expandBuilderLines(settings.builders);
-    return parseBuilderLines(builderLines);
+    static auto machines = [&]() {
+        Machines machines;
+        parseMachines(settings.builders, machines);
+        return machines;
+    }();
+    return machines;
 }
 
 }

src/libstore/misc.cc

@@ -239,11 +239,12 @@ StorePaths Store::topoSortPaths(const StorePathSet & paths)
 {
     return topoSort(paths,
         {[&](const StorePath & path) {
+            StorePathSet references;
             try {
-                return queryPathInfo(path)->references;
+                references = queryPathInfo(path)->references;
             } catch (InvalidPath &) {
-                return StorePathSet();
             }
+            return references;
         }},
         {[&](const StorePath & path, const StorePath & parent) {
             return BuildError(

src/libstore/pathlocks.cc

@@ -176,17 +176,4 @@ void PathLocks::setDeletion(bool deletePaths)
 }
 
 
-FdLock::FdLock(int fd, LockType lockType, bool wait, std::string_view waitMsg)
-    : fd(fd)
-{
-    if (wait) {
-        if (!lockFile(fd, lockType, false)) {
-            printInfo("%s", waitMsg);
-            acquired = lockFile(fd, lockType, true);
-        }
-    } else
-        acquired = lockFile(fd, lockType, false);
-}
-
-
 }

src/libstore/pathlocks.hh

@@ -35,18 +35,4 @@ public:
     void setDeletion(bool deletePaths);
 };
 
-struct FdLock
-{
-    int fd;
-    bool acquired = false;
-
-    FdLock(int fd, LockType lockType, bool wait, std::string_view waitMsg);
-
-    ~FdLock()
-    {
-        if (acquired)
-            lockFile(fd, ltNone, false);
-    }
-};
-
 }

src/libstore/remote-store.cc

@@ -797,6 +797,15 @@ void RemoteStore::addIndirectRoot(const Path & path)
 }
 
 
+void RemoteStore::syncWithGC()
+{
+    auto conn(getConnection());
+    conn->to << wopSyncWithGC;
+    conn.processStderr();
+    readInt(conn->from);
+}
+
+
 Roots RemoteStore::findRoots(bool censor)
 {
     auto conn(getConnection());

src/libstore/remote-store.hh

@@ -101,6 +101,8 @@ public:
 
     void addIndirectRoot(const Path & path) override;
 
+    void syncWithGC() override;
+
     Roots findRoots(bool censor) override;
 
     void collectGarbage(const GCOptions & options, GCResults & results) override;

src/libstore/sandbox-defaults.sb

@@ -100,4 +100,5 @@
 
 ; Allow Rosetta 2 to run x86_64 binaries on aarch64-darwin.
 (allow file-read*
-       (subpath "/Library/Apple/usr/libexec/oah"))
+       (subpath "/Library/Apple/usr/libexec/oah")
+       (subpath "/System/Library/Apple/usr/libexec/oah"))

src/libstore/store-api.cc

@@ -355,7 +355,7 @@ ValidPathInfo Store::addToStoreSlow(std::string_view name, const Path & srcPath,
 StringSet StoreConfig::getDefaultSystemFeatures()
 {
     auto res = settings.systemFeatures.get();
-    if (settings.isExperimentalFeatureEnabled(Xp::CaDerivations))
+    if (settings.isExperimentalFeatureEnabled("ca-derivations"))
         res.insert("ca-derivations");
     return res;
 }
@@ -414,9 +414,11 @@ StorePathSet Store::queryDerivationOutputs(const StorePath & path)
 
 bool Store::isValidPath(const StorePath & storePath)
 {
+    std::string hashPart(storePath.hashPart());
+
     {
         auto state_(state.lock());
-        auto res = state_->pathInfoCache.get(std::string(storePath.to_string()));
+        auto res = state_->pathInfoCache.get(hashPart);
         if (res && res->isKnownNow()) {
             stats.narInfoReadAverted++;
             return res->didExist();
@@ -424,11 +426,11 @@ bool Store::isValidPath(const StorePath & storePath)
     }
 
     if (diskCache) {
-        auto res = diskCache->lookupNarInfo(getUri(), std::string(storePath.hashPart()));
+        auto res = diskCache->lookupNarInfo(getUri(), hashPart);
         if (res.first != NarInfoDiskCache::oUnknown) {
             stats.narInfoReadAverted++;
             auto state_(state.lock());
-            state_->pathInfoCache.upsert(std::string(storePath.to_string()),
+            state_->pathInfoCache.upsert(hashPart,
                 res.first == NarInfoDiskCache::oInvalid ? PathInfoCacheValue{} : PathInfoCacheValue { .value = res.second });
             return res.first == NarInfoDiskCache::oValid;
         }
@@ -438,7 +440,7 @@ bool Store::isValidPath(const StorePath & storePath)
 
     if (diskCache && !valid)
         // FIXME: handle valid = true case.
-        diskCache->upsertNarInfo(getUri(), std::string(storePath.hashPart()), 0);
+        diskCache->upsertNarInfo(getUri(), hashPart, 0);
 
     return valid;
 }
@@ -485,11 +487,13 @@ static bool goodStorePath(const StorePath & expected, const StorePath & actual)
 void Store::queryPathInfo(const StorePath & storePath,
     Callback<ref<const ValidPathInfo>> callback) noexcept
 {
-    auto hashPart = std::string(storePath.hashPart());
+    std::string hashPart;
 
     try {
+        hashPart = storePath.hashPart();
+
         {
-            auto res = state.lock()->pathInfoCache.get(std::string(storePath.to_string()));
+            auto res = state.lock()->pathInfoCache.get(hashPart);
             if (res && res->isKnownNow()) {
                 stats.narInfoReadAverted++;
                 if (!res->didExist())
@@ -504,7 +508,7 @@ void Store::queryPathInfo(const StorePath & storePath,
                 stats.narInfoReadAverted++;
                 {
                     auto state_(state.lock());
-                    state_->pathInfoCache.upsert(std::string(storePath.to_string()),
+                    state_->pathInfoCache.upsert(hashPart,
                         res.first == NarInfoDiskCache::oInvalid ? PathInfoCacheValue{} : PathInfoCacheValue{ .value = res.second });
                     if (res.first == NarInfoDiskCache::oInvalid ||
                         !goodStorePath(storePath, res.second->path))
@@ -519,7 +523,7 @@ void Store::queryPathInfo(const StorePath & storePath,
     auto callbackPtr = std::make_shared<decltype(callback)>(std::move(callback));
 
     queryPathInfoUncached(storePath,
-        {[this, storePath, hashPart, callbackPtr](std::future<std::shared_ptr<const ValidPathInfo>> fut) {
+        {[this, storePathS{printStorePath(storePath)}, hashPart, callbackPtr](std::future<std::shared_ptr<const ValidPathInfo>> fut) {
 
             try {
                 auto info = fut.get();
@@ -529,12 +533,14 @@ void Store::queryPathInfo(const StorePath & storePath,
 
                 {
                     auto state_(state.lock());
-                    state_->pathInfoCache.upsert(std::string(storePath.to_string()), PathInfoCacheValue { .value = info });
+                    state_->pathInfoCache.upsert(hashPart, PathInfoCacheValue { .value = info });
                 }
 
+                auto storePath = parseStorePath(storePathS);
+
                 if (!info || !goodStorePath(storePath, info->path)) {
                     stats.narInfoMissing++;
-                    throw InvalidPath("path '%s' is not valid", printStorePath(storePath));
+                    throw InvalidPath("path '%s' is not valid", storePathS);
                 }
 
                 (*callbackPtr)(ref<const ValidPathInfo>(info));
@@ -854,7 +860,7 @@ std::map<StorePath, StorePath> copyPaths(
     for (auto & path : paths) {
         storePaths.insert(path.path());
         if (auto realisation = std::get_if<Realisation>(&path.raw)) {
-            settings.requireExperimentalFeature(Xp::CaDerivations);
+            settings.requireExperimentalFeature("ca-derivations");
             toplevelRealisations.insert(*realisation);
         }
     }
@@ -886,7 +892,7 @@ std::map<StorePath, StorePath> copyPaths(
         // Don't fail if the remote doesn't support CA derivations is it might
         // not be within our control to change that, and we might still want
         // to at least copy the output paths.
-        if (e.missingFeature == Xp::CaDerivations)
+        if (e.missingFeature == "ca-derivations")
             ignoreException();
         else
             throw;

src/libstore/store-api.hh

@@ -232,6 +232,7 @@ protected:
 
     struct State
     {
+        // FIXME: fix key
         LRUCache<std::string, PathInfoCacheValue> pathInfoCache;
     };
 
@@ -560,6 +561,26 @@ public:
     virtual void addIndirectRoot(const Path & path)
     { unsupported("addIndirectRoot"); }
 
+    /* Acquire the global GC lock, then immediately release it.  This
+       function must be called after registering a new permanent root,
+       but before exiting.  Otherwise, it is possible that a running
+       garbage collector doesn't see the new root and deletes the
+       stuff we've just built.  By acquiring the lock briefly, we
+       ensure that either:
+
+       - The collector is already running, and so we block until the
+         collector is finished.  The collector will know about our
+         *temporary* locks, which should include whatever it is we
+         want to register as a permanent lock.
+
+       - The collector isn't running, or it's just started but hasn't
+         acquired the GC lock yet.  In that case we get and release
+         the lock right away, then exit.  The collector scans the
+         permanent root and sees ours.
+
+       In either case the permanent root is seen by the collector. */
+    virtual void syncWithGC() { };
+
     /* Find the roots of the garbage collector.  Each root is a pair
        (link, storepath) where `link' is the path of the symlink
        outside of the Nix store that point to `storePath'. If

src/libstore/tests/machines.cc

@@ -1,169 +0,0 @@
-#include "machines.hh"
-#include "globals.hh"
-
-#include <gmock/gmock-matchers.h>
-
-using testing::Contains;
-using testing::ElementsAre;
-using testing::EndsWith;
-using testing::Eq;
-using testing::Field;
-using testing::SizeIs;
-
-using nix::absPath;
-using nix::FormatError;
-using nix::getMachines;
-using nix::Machine;
-using nix::Machines;
-using nix::pathExists;
-using nix::Settings;
-using nix::settings;
-
-class Environment : public ::testing::Environment {
-  public:
-    void SetUp() override { settings.thisSystem = "TEST_ARCH-TEST_OS"; }
-};
-
-testing::Environment* const foo_env =
-    testing::AddGlobalTestEnvironment(new Environment);
-
-TEST(machines, getMachinesWithEmptyBuilders) {
-    settings.builders = "";
-    Machines actual = getMachines();
-    ASSERT_THAT(actual, SizeIs(0));
-}
-
-TEST(machines, getMachinesUriOnly) {
-    settings.builders = "nix@scratchy.labs.cs.uu.nl";
-    Machines actual = getMachines();
-    ASSERT_THAT(actual, SizeIs(1));
-    EXPECT_THAT(actual[0], Field(&Machine::storeUri, Eq("ssh://nix@scratchy.labs.cs.uu.nl")));
-    EXPECT_THAT(actual[0], Field(&Machine::systemTypes, ElementsAre("TEST_ARCH-TEST_OS")));
-    EXPECT_THAT(actual[0], Field(&Machine::sshKey, SizeIs(0)));
-    EXPECT_THAT(actual[0], Field(&Machine::maxJobs, Eq(1)));
-    EXPECT_THAT(actual[0], Field(&Machine::speedFactor, Eq(1)));
-    EXPECT_THAT(actual[0], Field(&Machine::supportedFeatures, SizeIs(0)));
-    EXPECT_THAT(actual[0], Field(&Machine::mandatoryFeatures, SizeIs(0)));
-    EXPECT_THAT(actual[0], Field(&Machine::sshPublicHostKey, SizeIs(0)));
-}
-
-TEST(machines, getMachinesDefaults) {
-    settings.builders = "nix@scratchy.labs.cs.uu.nl - - - - - - -";
-    Machines actual = getMachines();
-    ASSERT_THAT(actual, SizeIs(1));
-    EXPECT_THAT(actual[0], Field(&Machine::storeUri, Eq("ssh://nix@scratchy.labs.cs.uu.nl")));
-    EXPECT_THAT(actual[0], Field(&Machine::systemTypes, ElementsAre("TEST_ARCH-TEST_OS")));
-    EXPECT_THAT(actual[0], Field(&Machine::sshKey, SizeIs(0)));
-    EXPECT_THAT(actual[0], Field(&Machine::maxJobs, Eq(1)));
-    EXPECT_THAT(actual[0], Field(&Machine::speedFactor, Eq(1)));
-    EXPECT_THAT(actual[0], Field(&Machine::supportedFeatures, SizeIs(0)));
-    EXPECT_THAT(actual[0], Field(&Machine::mandatoryFeatures, SizeIs(0)));
-    EXPECT_THAT(actual[0], Field(&Machine::sshPublicHostKey, SizeIs(0)));
-}
-
-TEST(machines, getMachinesWithNewLineSeparator) {
-    settings.builders = "nix@scratchy.labs.cs.uu.nl\nnix@itchy.labs.cs.uu.nl";
-    Machines actual = getMachines();
-    ASSERT_THAT(actual, SizeIs(2));
-    EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, EndsWith("nix@scratchy.labs.cs.uu.nl"))));
-    EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, EndsWith("nix@itchy.labs.cs.uu.nl"))));
-}
-
-TEST(machines, getMachinesWithSemicolonSeparator) {
-    settings.builders = "nix@scratchy.labs.cs.uu.nl ; nix@itchy.labs.cs.uu.nl";
-    Machines actual = getMachines();
-    EXPECT_THAT(actual, SizeIs(2));
-    EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, EndsWith("nix@scratchy.labs.cs.uu.nl"))));
-    EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, EndsWith("nix@itchy.labs.cs.uu.nl"))));
-}
-
-TEST(machines, getMachinesWithCorrectCompleteSingleBuilder) {
-    settings.builders = "nix@scratchy.labs.cs.uu.nl     i686-linux      "
-                        "/home/nix/.ssh/id_scratchy_auto        8 3 kvm "
-                        "benchmark SSH+HOST+PUBLIC+KEY+BASE64+ENCODED==";
-    Machines actual = getMachines();
-    ASSERT_THAT(actual, SizeIs(1));
-    EXPECT_THAT(actual[0], Field(&Machine::storeUri, EndsWith("nix@scratchy.labs.cs.uu.nl")));
-    EXPECT_THAT(actual[0], Field(&Machine::systemTypes, ElementsAre("i686-linux")));
-    EXPECT_THAT(actual[0], Field(&Machine::sshKey, Eq("/home/nix/.ssh/id_scratchy_auto")));
-    EXPECT_THAT(actual[0], Field(&Machine::maxJobs, Eq(8)));
-    EXPECT_THAT(actual[0], Field(&Machine::speedFactor, Eq(3)));
-    EXPECT_THAT(actual[0], Field(&Machine::supportedFeatures, ElementsAre("kvm")));
-    EXPECT_THAT(actual[0], Field(&Machine::mandatoryFeatures, ElementsAre("benchmark")));
-    EXPECT_THAT(actual[0], Field(&Machine::sshPublicHostKey, Eq("SSH+HOST+PUBLIC+KEY+BASE64+ENCODED==")));
-}
-
-TEST(machines,
-     getMachinesWithCorrectCompleteSingleBuilderWithTabColumnDelimiter) {
-    settings.builders =
-        "nix@scratchy.labs.cs.uu.nl\ti686-linux\t/home/nix/.ssh/"
-        "id_scratchy_auto\t8\t3\tkvm\tbenchmark\tSSH+HOST+PUBLIC+"
-        "KEY+BASE64+ENCODED==";
-    Machines actual = getMachines();
-    ASSERT_THAT(actual, SizeIs(1));
-    EXPECT_THAT(actual[0], Field(&Machine::storeUri, EndsWith("nix@scratchy.labs.cs.uu.nl")));
-    EXPECT_THAT(actual[0], Field(&Machine::systemTypes, ElementsAre("i686-linux")));
-    EXPECT_THAT(actual[0], Field(&Machine::sshKey, Eq("/home/nix/.ssh/id_scratchy_auto")));
-    EXPECT_THAT(actual[0], Field(&Machine::maxJobs, Eq(8)));
-    EXPECT_THAT(actual[0], Field(&Machine::speedFactor, Eq(3)));
-    EXPECT_THAT(actual[0], Field(&Machine::supportedFeatures, ElementsAre("kvm")));
-    EXPECT_THAT(actual[0], Field(&Machine::mandatoryFeatures, ElementsAre("benchmark")));
-    EXPECT_THAT(actual[0], Field(&Machine::sshPublicHostKey, Eq("SSH+HOST+PUBLIC+KEY+BASE64+ENCODED==")));
-}
-
-TEST(machines, getMachinesWithMultiOptions) {
-    settings.builders = "nix@scratchy.labs.cs.uu.nl Arch1,Arch2 - - - "
-                        "SupportedFeature1,SupportedFeature2 "
-                        "MandatoryFeature1,MandatoryFeature2";
-    Machines actual = getMachines();
-    ASSERT_THAT(actual, SizeIs(1));
-    EXPECT_THAT(actual[0], Field(&Machine::storeUri, EndsWith("nix@scratchy.labs.cs.uu.nl")));
-    EXPECT_THAT(actual[0], Field(&Machine::systemTypes, ElementsAre("Arch1", "Arch2")));
-    EXPECT_THAT(actual[0], Field(&Machine::supportedFeatures, ElementsAre("SupportedFeature1", "SupportedFeature2")));
-    EXPECT_THAT(actual[0], Field(&Machine::mandatoryFeatures, ElementsAre("MandatoryFeature1", "MandatoryFeature2")));
-}
-
-TEST(machines, getMachinesWithIncorrectFormat) {
-    settings.builders = "nix@scratchy.labs.cs.uu.nl - - eight";
-    EXPECT_THROW(getMachines(), FormatError);
-    settings.builders = "nix@scratchy.labs.cs.uu.nl - - -1";
-    EXPECT_THROW(getMachines(), FormatError);
-    settings.builders = "nix@scratchy.labs.cs.uu.nl - - 8 three";
-    EXPECT_THROW(getMachines(), FormatError);
-    settings.builders = "nix@scratchy.labs.cs.uu.nl - - 8 -3";
-    EXPECT_THROW(getMachines(), FormatError);
-    settings.builders = "nix@scratchy.labs.cs.uu.nl - - 8 3 - - BAD_BASE64";
-    EXPECT_THROW(getMachines(), FormatError);
-}
-
-TEST(machines, getMachinesWithCorrectFileReference) {
-    auto path = absPath("src/libstore/tests/test-data/machines.valid");
-    ASSERT_TRUE(pathExists(path));
-
-    settings.builders = std::string("@") + path;
-    Machines actual = getMachines();
-    ASSERT_THAT(actual, SizeIs(3));
-    EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, EndsWith("nix@scratchy.labs.cs.uu.nl"))));
-    EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, EndsWith("nix@itchy.labs.cs.uu.nl"))));
-    EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, EndsWith("nix@poochie.labs.cs.uu.nl"))));
-}
-
-TEST(machines, getMachinesWithCorrectFileReferenceToEmptyFile) {
-    auto path = "/dev/null";
-    ASSERT_TRUE(pathExists(path));
-
-    settings.builders = std::string("@") + path;
-    Machines actual = getMachines();
-    ASSERT_THAT(actual, SizeIs(0));
-}
-
-TEST(machines, getMachinesWithIncorrectFileReference) {
-    settings.builders = std::string("@") + absPath("/not/a/file");
-    Machines actual = getMachines();
-    ASSERT_THAT(actual, SizeIs(0));
-}
-
-TEST(machines, getMachinesWithCorrectFileReferenceToIncorrectFile) {
-    settings.builders = std::string("@") + absPath("src/libstore/tests/test-data/machines.bad_format");
-    EXPECT_THROW(getMachines(), FormatError);
-}

src/libstore/tests/test-data/machines.bad_format

@@ -1 +0,0 @@
-nix@scratchy.labs.cs.uu.nl - - eight

src/libstore/tests/test-data/machines.valid

@@ -1,3 +0,0 @@
-nix@scratchy.labs.cs.uu.nl  i686-linux      /home/nix/.ssh/id_scratchy_auto        8 1 kvm
-nix@itchy.labs.cs.uu.nl     i686-linux      /home/nix/.ssh/id_scratchy_auto        8 2
-nix@poochie.labs.cs.uu.nl   i686-linux      /home/nix/.ssh/id_scratchy_auto        1 2 kvm benchmark c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFDQVFDWWV5R1laNTNzd1VjMUZNSHBWL1BCcXlKaFR5S1JoRkpWWVRpRHlQN2h5c1JGa0w4VDlLOGdhL2Y2L3c3QjN2SjNHSFRIUFkybENiUEdZbGNLd2h6M2ZRbFNNOEViNi95b3ZLajdvM1FsMEx5Y0dzdGJvRmcwWkZKNldncUxsR0ltS0NobUlxOGZ3TW5ZTWUxbnRQeTBUZFZjSU1tOTV3YzF3SjBMd2c3cEVMRmtHazdkeTVvYnM4a3lGZ0pORDVRSmFwQWJjeWp4Z1QzdzdMcktNZ2xzeWhhd01JNVpkMGZsQTVudW5OZ3pid3plYVhLaUsyTW0vdGJXYTU1YTd4QmNYdHpIZGlPSWdSajJlRWxaMGh5bk10YjBmcklsdmxIcEtLaVFaZ3pQdCtIVXQ2bXpRMkRVME52MGYyYnNSU0krOGpJU2pQcmdlcVVHRldMUzVIUTg2N2xSMlpiaWtyclhZNTdqbVFEZk5DRHY1VFBHZU9UekFEd2pjMDc2aFZ3VFJCd3VTZFhtaWNxTS95b3lrWitkV1dnZ25MenE5QU1tdlNZcDhmZkZDcS9CSDBZNUFXWTFHay9vS3hMVTNaOWt3ZDd2UWNFQWFCQ2dxdnVZRGdTaHE1RlhndDM3OVZESWtEL05ZSTg2QXVvajVDRmVNTzlRM2pJSlRadlh6c1VldjVoSnA2djcxSVh5ODVtbTY5R20zcXdicVE1SjVQZDU1Um56SitpaW5BNjZxTEFSc0Y4amNsSnd5ekFXclBoYU9DRVY2bjVMeVhVazhzMW9EVVR4V1pWN25rVkFTbHJ0MllGcjN5dzdjRTRXQVhsemhHcDhocmdLMVVkMUlyeDVnZWRaSnBWcy9uNWVybmJFMUxmb2x5UHUvRUFIWlh6VGd4dHVDUFNobXc9PQo=

src/libstore/uds-remote-store.cc

@@ -56,7 +56,14 @@ ref<RemoteStore::Connection> UDSRemoteStore::openConnection()
     auto conn = make_ref<Connection>();
 
     /* Connect to a daemon that does the privileged work for us. */
-    conn->fd = createUnixDomainSocket();
+    conn->fd = socket(PF_UNIX, SOCK_STREAM
+        #ifdef SOCK_CLOEXEC
+        | SOCK_CLOEXEC
+        #endif
+        , 0);
+    if (!conn->fd)
+        throw SysError("cannot create Unix domain socket");
+    closeOnExec(conn->fd.get());
 
     nix::connect(conn->fd.get(), path ? *path : settings.nixDaemonSocketFile);
 

src/libutil/compression.cc

@@ -16,8 +16,6 @@
 
 namespace nix {
 
-static const int COMPRESSION_LEVEL_DEFAULT = -1;
-
 // Don't feed brotli too much at once.
 struct ChunkedCompressionSink : CompressionSink
 {
@@ -67,16 +65,14 @@ struct ArchiveCompressionSink : CompressionSink
     Sink & nextSink;
     struct archive * archive;
 
-    ArchiveCompressionSink(Sink & nextSink, std::string format, bool parallel, int level = COMPRESSION_LEVEL_DEFAULT) : nextSink(nextSink)
-    {
+    ArchiveCompressionSink(Sink & nextSink, std::string format, bool parallel) : nextSink(nextSink) {
         archive = archive_write_new();
         if (!archive) throw Error("failed to initialize libarchive");
         check(archive_write_add_filter_by_name(archive, format.c_str()), "couldn't initialize compression (%s)");
         check(archive_write_set_format_raw(archive));
-        if (parallel)
+        if (format == "xz" && parallel) {
             check(archive_write_set_filter_option(archive, format.c_str(), "threads", "0"));
-        if (level != COMPRESSION_LEVEL_DEFAULT)
-            check(archive_write_set_filter_option(archive, format.c_str(), "compression-level", std::to_string(level).c_str()));
+        }
         // disable internal buffering
         check(archive_write_set_bytes_per_block(archive, 0));
         // disable output padding
@@ -130,11 +126,7 @@ private:
 struct NoneSink : CompressionSink
 {
     Sink & nextSink;
-    NoneSink(Sink & nextSink, int level = COMPRESSION_LEVEL_DEFAULT) : nextSink(nextSink)
-    {
-        if (level != COMPRESSION_LEVEL_DEFAULT)
-            warn("requested compression level '%d' not supported by compression method 'none'", level);
-    }
+    NoneSink(Sink & nextSink) : nextSink(nextSink) { }
     void finish() override { flush(); }
     void write(std::string_view data) override { nextSink(data); }
 };
@@ -265,13 +257,13 @@ struct BrotliCompressionSink : ChunkedCompressionSink
     }
 };
 
-ref<CompressionSink> makeCompressionSink(const std::string & method, Sink & nextSink, const bool parallel, int level)
+ref<CompressionSink> makeCompressionSink(const std::string & method, Sink & nextSink, const bool parallel)
 {
     std::vector<std::string> la_supports = {
         "bzip2", "compress", "grzip", "gzip", "lrzip", "lz4", "lzip", "lzma", "lzop", "xz", "zstd"
     };
     if (std::find(la_supports.begin(), la_supports.end(), method) != la_supports.end()) {
-        return make_ref<ArchiveCompressionSink>(nextSink, method, parallel, level);
+        return make_ref<ArchiveCompressionSink>(nextSink, method, parallel);
     }
     if (method == "none")
         return make_ref<NoneSink>(nextSink);
@@ -281,10 +273,10 @@ ref<CompressionSink> makeCompressionSink(const std::string & method, Sink & next
         throw UnknownCompressionMethod("unknown compression method '%s'", method);
 }
 
-ref<std::string> compress(const std::string & method, const std::string & in, const bool parallel, int level)
+ref<std::string> compress(const std::string & method, const std::string & in, const bool parallel)
 {
     StringSink ssink;
-    auto sink = makeCompressionSink(method, ssink, parallel, level);
+    auto sink = makeCompressionSink(method, ssink, parallel);
     (*sink)(in);
     sink->finish();
     return ssink.s;

src/libutil/compression.hh

@@ -19,9 +19,9 @@ ref<std::string> decompress(const std::string & method, const std::string & in);
 
 std::unique_ptr<FinishSink> makeDecompressionSink(const std::string & method, Sink & nextSink);
 
-ref<std::string> compress(const std::string & method, const std::string & in, const bool parallel = false, int level = -1);
+ref<std::string> compress(const std::string & method, const std::string & in, const bool parallel = false);
 
-ref<CompressionSink> makeCompressionSink(const std::string & method, Sink & nextSink, const bool parallel = false, int level = -1);
+ref<CompressionSink> makeCompressionSink(const std::string & method, Sink & nextSink, const bool parallel = false);
 
 MakeError(UnknownCompressionMethod, Error);
 

src/libutil/config.cc

@@ -1,7 +1,6 @@
 #include "config.hh"
 #include "args.hh"
 #include "abstract-setting-to-json.hh"
-#include "experimental-features.hh"
 
 #include <nlohmann/json.hpp>
 
@@ -314,31 +313,6 @@ template<> std::string BaseSetting<StringSet>::to_string() const
     return concatStringsSep(" ", value);
 }
 
-template<> void BaseSetting<std::set<ExperimentalFeature>>::set(const std::string & str, bool append)
-{
-    if (!append) value.clear();
-    for (auto & s : tokenizeString<StringSet>(str)) {
-        auto thisXpFeature = parseExperimentalFeature(s);
-        if (thisXpFeature)
-            value.insert(thisXpFeature.value());
-        else
-            warn("unknown experimental feature '%s'", s);
-    }
-}
-
-template<> bool BaseSetting<std::set<ExperimentalFeature>>::isAppendable()
-{
-    return true;
-}
-
-template<> std::string BaseSetting<std::set<ExperimentalFeature>>::to_string() const
-{
-    StringSet stringifiedXpFeatures;
-    for (auto & feature : value)
-        stringifiedXpFeatures.insert(std::string(showExperimentalFeature(feature)));
-    return concatStringsSep(" ", stringifiedXpFeatures);
-}
-
 template<> void BaseSetting<StringMap>::set(const std::string & str, bool append)
 {
     if (!append) value.clear();
@@ -374,7 +348,6 @@ template class BaseSetting<std::string>;
 template class BaseSetting<Strings>;
 template class BaseSetting<StringSet>;
 template class BaseSetting<StringMap>;
-template class BaseSetting<std::set<ExperimentalFeature>>;
 
 void PathSetting::set(const std::string & str, bool append)
 {

src/libutil/experimental-features.cc

@@ -1,59 +0,0 @@
-#include "experimental-features.hh"
-#include "util.hh"
-
-#include "nlohmann/json.hpp"
-
-namespace nix {
-
-std::map<ExperimentalFeature, std::string> stringifiedXpFeatures = {
-    { Xp::CaDerivations, "ca-derivations" },
-    { Xp::Flakes, "flakes" },
-    { Xp::NixCommand, "nix-command" },
-    { Xp::RecursiveNix, "recursive-nix" },
-    { Xp::NoUrlLiterals, "no-url-literals" },
-};
-
-const std::optional<ExperimentalFeature> parseExperimentalFeature(const std::string_view & name)
-{
-    using ReverseXpMap = std::map<std::string_view, ExperimentalFeature>;
-
-    static auto reverseXpMap = []()
-    {
-        auto reverseXpMap = std::make_unique<ReverseXpMap>();
-        for (auto & [feature, name] : stringifiedXpFeatures)
-            (*reverseXpMap)[name] = feature;
-        return reverseXpMap;
-    }();
-
-    if (auto feature = get(*reverseXpMap, name))
-        return *feature;
-    else
-        return std::nullopt;
-}
-
-std::string_view showExperimentalFeature(const ExperimentalFeature feature)
-{
-    return stringifiedXpFeatures.at(feature);
-}
-
-std::set<ExperimentalFeature> parseFeatures(const std::set<std::string> & rawFeatures)
-{
-    std::set<ExperimentalFeature> res;
-    for (auto & rawFeature : rawFeatures) {
-        if (auto feature = parseExperimentalFeature(rawFeature))
-            res.insert(*feature);
-    }
-    return res;
-}
-
-MissingExperimentalFeature::MissingExperimentalFeature(ExperimentalFeature feature)
-    : Error("experimental Nix feature '%1%' is disabled; use '--extra-experimental-features %1%' to override", showExperimentalFeature(feature))
-    , missingFeature(feature)
-{}
-
-std::ostream & operator <<(std::ostream & str, const ExperimentalFeature & feature)
-{
-    return str << showExperimentalFeature(feature);
-}
-
-}

src/libutil/experimental-features.hh

@@ -1,56 +0,0 @@
-#pragma once
-
-#include "comparator.hh"
-#include "error.hh"
-#include "nlohmann/json_fwd.hpp"
-#include "types.hh"
-
-namespace nix {
-
-/**
- * The list of available experimental features.
- *
- * If you update this, don’t forget to also change the map defining their
- * string representation in the corresponding `.cc` file.
- **/
-enum struct ExperimentalFeature
-{
-    CaDerivations,
-    Flakes,
-    NixCommand,
-    RecursiveNix,
-    NoUrlLiterals
-};
-
-/**
- * Just because writing `ExperimentalFeature::CaDerivations` is way too long
- */
-using Xp = ExperimentalFeature;
-
-const std::optional<ExperimentalFeature> parseExperimentalFeature(
-        const std::string_view & name);
-std::string_view showExperimentalFeature(const ExperimentalFeature);
-
-std::ostream & operator<<(
-        std::ostream & str,
-        const ExperimentalFeature & feature);
-
-/**
- * Parse a set of strings to the corresponding set of experimental features,
- * ignoring (but warning for) any unkwown feature.
- */
-std::set<ExperimentalFeature> parseFeatures(const std::set<std::string> &);
-
-class MissingExperimentalFeature : public Error
-{
-public:
-    ExperimentalFeature missingFeature;
-
-    MissingExperimentalFeature(ExperimentalFeature);
-    virtual const char * sname() const override
-    {
-        return "MissingExperimentalFeature";
-    }
-};
-
-}

src/libutil/util.cc

@@ -1672,7 +1672,7 @@ std::unique_ptr<InterruptCallback> createInterruptCallback(std::function<void()>
 }
 
 
-AutoCloseFD createUnixDomainSocket()
+AutoCloseFD createUnixDomainSocket(const Path & path, mode_t mode)
 {
     AutoCloseFD fdSocket = socket(PF_UNIX, SOCK_STREAM
         #ifdef SOCK_CLOEXEC
@@ -1681,14 +1681,8 @@ AutoCloseFD createUnixDomainSocket()
         , 0);
     if (!fdSocket)
         throw SysError("cannot create Unix domain socket");
+
     closeOnExec(fdSocket.get());
-    return fdSocket;
-}
-
-
-AutoCloseFD createUnixDomainSocket(const Path & path, mode_t mode)
-{
-    auto fdSocket = nix::createUnixDomainSocket();
 
     bind(fdSocket.get(), path);
 
@@ -1717,7 +1711,7 @@ void bind(int fd, const std::string & path)
             std::string base(baseNameOf(path));
             if (base.size() + 1 >= sizeof(addr.sun_path))
                 throw Error("socket path '%s' is too long", base);
-            memcpy(addr.sun_path, base.c_str(), base.size() + 1);
+            strcpy(addr.sun_path, base.c_str());
             if (bind(fd, (struct sockaddr *) &addr, sizeof(addr)) == -1)
                 throw SysError("cannot bind to socket '%s'", path);
             _exit(0);
@@ -1726,7 +1720,7 @@ void bind(int fd, const std::string & path)
         if (status != 0)
             throw Error("cannot bind to socket '%s'", path);
     } else {
-        memcpy(addr.sun_path, path.c_str(), path.size() + 1);
+        strcpy(addr.sun_path, path.c_str());
         if (bind(fd, (struct sockaddr *) &addr, sizeof(addr)) == -1)
             throw SysError("cannot bind to socket '%s'", path);
     }
@@ -1746,7 +1740,7 @@ void connect(int fd, const std::string & path)
             std::string base(baseNameOf(path));
             if (base.size() + 1 >= sizeof(addr.sun_path))
                 throw Error("socket path '%s' is too long", base);
-            memcpy(addr.sun_path, base.c_str(), base.size() + 1);
+            strcpy(addr.sun_path, base.c_str());
             if (connect(fd, (struct sockaddr *) &addr, sizeof(addr)) == -1)
                 throw SysError("cannot connect to socket at '%s'", path);
             _exit(0);
@@ -1755,7 +1749,7 @@ void connect(int fd, const std::string & path)
         if (status != 0)
             throw Error("cannot connect to socket at '%s'", path);
     } else {
-        memcpy(addr.sun_path, path.c_str(), path.size() + 1);
+        strcpy(addr.sun_path, path.c_str());
         if (connect(fd, (struct sockaddr *) &addr, sizeof(addr)) == -1)
             throw SysError("cannot connect to socket at '%s'", path);
     }

src/libutil/util.hh

@@ -511,29 +511,6 @@ std::optional<typename T::mapped_type> get(const T & map, const typename T::key_
 }
 
 
-/* Remove and return the first item from a container. */
-template <class T>
-std::optional<typename T::value_type> remove_begin(T & c)
-{
-    auto i = c.begin();
-    if (i == c.end()) return {};
-    auto v = std::move(*i);
-    c.erase(i);
-    return v;
-}
-
-
-/* Remove and return the first item from a container. */
-template <class T>
-std::optional<typename T::value_type> pop(T & c)
-{
-    if (c.empty()) return {};
-    auto v = std::move(c.front());
-    c.pop();
-    return v;
-}
-
-
 template<typename T>
 class Callback;
 
@@ -594,9 +571,6 @@ extern PathFilter defaultPathFilter;
 /* Common initialisation performed in child processes. */
 void commonChildInit(Pipe & logPipe);
 
-/* Create a Unix domain socket. */
-AutoCloseFD createUnixDomainSocket();
-
 /* Create a Unix domain socket in listen mode. */
 AutoCloseFD createUnixDomainSocket(const Path & path, mode_t mode);
 

src/nix-build/nix-build.cc

@@ -358,6 +358,7 @@ static void main_nix_build(int argc, char * * argv)
            is not set, then build bashInteractive from
            <nixpkgs>. */
         auto shell = getEnv("NIX_BUILD_SHELL");
+        std::optional<StorePath> shellDrv;
 
         if (!shell) {
 
@@ -374,8 +375,7 @@ static void main_nix_build(int argc, char * * argv)
                 auto bashDrv = store->parseStorePath(drv->queryDrvPath());
                 pathsToBuild.push_back({bashDrv});
                 pathsToCopy.insert(bashDrv);
-
-                shell = drv->queryOutPath() + "/bin/bash";
+                shellDrv = bashDrv;
 
             } catch (Error & e) {
                 logError(e.info());
@@ -401,7 +401,12 @@ static void main_nix_build(int argc, char * * argv)
 
         if (dryRun) return;
 
-        if (settings.isExperimentalFeatureEnabled(Xp::CaDerivations)) {
+        if (shellDrv) {
+            auto shellDrvOutputs = store->queryPartialDerivationOutputMap(shellDrv.value());
+            shell = store->printStorePath(shellDrvOutputs.at("out").value()) + "/bin/bash";
+        }
+
+        if (settings.isExperimentalFeatureEnabled("ca-derivations")) {
             auto resolvedDrv = drv.tryResolve(*store);
             assert(resolvedDrv && "Successfully resolved the derivation");
             drv = *resolvedDrv;

src/nix/develop.cc

@@ -195,7 +195,7 @@ static StorePath getDerivationEnvironment(ref<Store> store, ref<Store> evalStore
        'buildDerivation', but that's privileged. */
     drv.name += "-env";
     drv.inputSrcs.insert(std::move(getEnvShPath));
-    if (settings.isExperimentalFeatureEnabled(Xp::CaDerivations)) {
+    if (settings.isExperimentalFeatureEnabled("ca-derivations")) {
         for (auto & output : drv.outputs) {
             output.second = {
                 .output = DerivationOutputDeferred{},
@@ -392,12 +392,6 @@ struct CmdDevelop : Common, MixEnvironment
             .handler = {&phase},
         });
 
-        addFlag({
-            .longName = "unpack",
-            .description = "Run the `unpack` phase.",
-            .handler = {&phase, {"unpack"}},
-        });
-
         addFlag({
             .longName = "configure",
             .description = "Run the `configure` phase.",

src/nix/develop.md

@@ -29,7 +29,6 @@ R""(
 * Run a particular build phase directly:
 
   ```console
-  # nix develop --unpack
   # nix develop --configure
   # nix develop --build
   # nix develop --check

src/nix/flake.cc

@@ -252,14 +252,6 @@ struct CmdFlakeInfo : CmdFlakeMetadata
     }
 };
 
-static bool argHasName(std::string_view arg, std::string_view expected)
-{
-    return
-        arg == expected
-        || arg == "_"
-        || (hasPrefix(arg, "_") && arg.substr(1) == expected);
-}
-
 struct CmdFlakeCheck : FlakeCommand
 {
     bool build = true;
@@ -354,13 +346,11 @@ struct CmdFlakeCheck : FlakeCommand
         auto checkOverlay = [&](const std::string & attrPath, Value & v, const Pos & pos) {
             try {
                 state->forceValue(v, pos);
-                if (!v.isLambda()
-                    || v.lambda.fun->args.size() != 2
-                    || v.lambda.fun->args[0].formals
-                    || !argHasName(v.lambda.fun->args[0].arg, "final")
-                    || v.lambda.fun->args[1].formals
-                    || !argHasName(v.lambda.fun->args[1].arg, "prev"))
-                    throw Error("overlay is not a binary function with arguments 'final' and 'prev'");
+                if (!v.isLambda() || v.lambda.fun->hasFormals() || std::string(v.lambda.fun->arg) != "final")
+                    throw Error("overlay does not take an argument named 'final'");
+                auto body = dynamic_cast<ExprLambda *>(v.lambda.fun->body);
+                if (!body || body->hasFormals() || std::string(body->arg) != "prev")
+                    throw Error("overlay does not take an argument named 'prev'");
                 // FIXME: if we have a 'nixpkgs' input, use it to
                 // evaluate the overlay.
             } catch (Error & e) {
@@ -373,9 +363,7 @@ struct CmdFlakeCheck : FlakeCommand
             try {
                 state->forceValue(v, pos);
                 if (v.isLambda()) {
-                    if (v.lambda.fun->args.size() != 1
-                        || !v.lambda.fun->args[0].formals
-                        || !v.lambda.fun->args[0].formals->ellipsis)
+                    if (!v.lambda.fun->hasFormals() || !v.lambda.fun->formals->ellipsis)
                         throw Error("module must match an open attribute set ('{ config, ... }')");
                 } else if (v.type() == nAttrs) {
                     for (auto & attr : *v.attrs)
@@ -473,12 +461,12 @@ struct CmdFlakeCheck : FlakeCommand
         auto checkBundler = [&](const std::string & attrPath, Value & v, const Pos & pos) {
             try {
                 state->forceValue(v, pos);
-                if (!v.isLambda()
-                    || v.lambda.fun->args.size() != 1
-                    || !v.lambda.fun->args[0].formals
-                    || !v.lambda.fun->args[0].formals->argNames.count(state->symbols.create("program"))
-                    || !v.lambda.fun->args[0].formals->argNames.count(state->symbols.create("system")))
-                    throw Error("bundler must be a function that takes take arguments 'program' and 'system'");
+                if (!v.isLambda())
+                    throw Error("bundler must be a function");
+                if (!v.lambda.fun->formals ||
+                    !v.lambda.fun->formals->argNames.count(state->symbols.create("program")) ||
+                    !v.lambda.fun->formals->argNames.count(state->symbols.create("system")))
+                    throw Error("bundler must take formal arguments 'program' and 'system'");
             } catch (Error & e) {
                 e.addTrace(pos, hintfmt("while checking the template '%s'", attrPath));
                 reportError(e);
@@ -1150,7 +1138,7 @@ struct CmdFlake : NixMultiCommand
     {
         if (!command)
             throw UsageError("'nix flake' requires a sub-command.");
-        settings.requireExperimentalFeature(Xp::Flakes);
+        settings.requireExperimentalFeature("flakes");
         command->second->prepare();
         command->second->run();
     }

src/nix/main.cc

@@ -337,7 +337,7 @@ void mainWrapped(int argc, char * * argv)
     if (args.command->first != "repl"
         && args.command->first != "doctor"
         && args.command->first != "upgrade-nix")
-        settings.requireExperimentalFeature(Xp::NixCommand);
+        settings.requireExperimentalFeature("nix-command");
 
     if (args.useNet && !haveInternet()) {
         warn("you don't have Internet access; disabling some network-dependent features");

src/nix/realisation.cc

@@ -46,7 +46,7 @@ struct CmdRealisationInfo : BuiltPathsCommand, MixJSON
 
     void run(ref<Store> store, BuiltPaths && paths) override
     {
-        settings.requireExperimentalFeature(Xp::CaDerivations);
+        settings.requireExperimentalFeature("ca-derivations");
         RealisedPath::Set realisations;
 
         for (auto & builtPath : paths) {

src/nix/repl.cc

@@ -644,8 +644,7 @@ void NixRepl::addVarToScope(const Symbol & name, Value & v)
 {
     if (displ >= envSize)
         throw Error("environment full; cannot add more variables");
-    staticEnv.vars.emplace_back(name, displ);
-    staticEnv.sort();
+    staticEnv.vars[name] = displ;
     env->values[displ++] = &v;
     varNames.insert((string) name);
 }

src/nix/sigs.cc

@@ -219,7 +219,7 @@ struct CmdKey : NixMultiCommand
     {
         if (!command)
             throw UsageError("'nix flake' requires a sub-command.");
-        settings.requireExperimentalFeature(Xp::Flakes);
+        settings.requireExperimentalFeature("flakes");
         command->second->prepare();
         command->second->run();
     }

src/nlohmann/local.mk

@@ -0,0 +1,2 @@
+$(foreach i, $(wildcard src/nlohmann/*.hpp), \
+  $(eval $(call install-file-in, $(i), $(includedir)/nlohmann, 0644)))

tests/ca-shell.nix

@@ -0,0 +1 @@
+{ ... }@args: import ./shell.nix (args // { contentAddressed = true; })

tests/ca/build-with-garbage-path.sh

@@ -8,7 +8,7 @@ requireDaemonNewerThan "2.4pre20210621"
 
 # Get the output path of `rootCA`, and put some garbage instead
 outPath="$(nix-build ./content-addressed.nix -A rootCA --no-out-link)"
-nix-store --delete $(nix-store -q --referrers-closure "$outPath")
+nix-store --delete "$outPath"
 touch "$outPath"
 
 # The build should correctly remove the garbage and put the expected path instead

tests/common.sh.in

@@ -36,8 +36,9 @@ export PATH=@bindir@:$PATH
 if [[ -n "${NIX_CLIENT_PACKAGE:-}" ]]; then
   export PATH="$NIX_CLIENT_PACKAGE/bin":$PATH
 fi
+DAEMON_PATH="$PATH"
 if [[ -n "${NIX_DAEMON_PACKAGE:-}" ]]; then
-  export NIX_DAEMON_COMMAND="$NIX_DAEMON_PACKAGE/bin/nix-daemon"
+  DAEMON_PATH="${NIX_DAEMON_PACKAGE}/bin:$DAEMON_PATH"
 fi
 coreutils=@coreutils@
 
@@ -89,7 +90,7 @@ startDaemon() {
     # Start the daemon, wait for the socket to appear.  !!!
     # ‘nix-daemon’ should have an option to fork into the background.
     rm -f $NIX_DAEMON_SOCKET_PATH
-    ${NIX_DAEMON_COMMAND:-nix daemon} &
+    PATH=$DAEMON_PATH nix daemon &
     for ((i = 0; i < 30; i++)); do
         if [[ -S $NIX_DAEMON_SOCKET_PATH ]]; then break; fi
         sleep 1

tests/compression-levels.sh

@@ -1,22 +0,0 @@
-source common.sh
-
-clearStore
-clearCache
-
-outPath=$(nix-build dependencies.nix --no-out-link)
-
-cacheURI="file://$cacheDir?compression=xz&compression-level=0"
-
-nix copy --to $cacheURI $outPath
-
-FILESIZES=$(cat ${cacheDir}/*.narinfo | awk '/FileSize: /{sum+=$2}END{print sum}')
-
-clearCache
-
-cacheURI="file://$cacheDir?compression=xz&compression-level=5"
-
-nix copy --to $cacheURI $outPath
-
-FILESIZES2=$(cat ${cacheDir}/*.narinfo | awk '/FileSize: /{sum+=$2}END{print sum}')
-
-[[ $FILESIZES -gt $FILESIZES2 ]]

tests/config.sh

@@ -50,4 +50,4 @@ exp_cores=$(nix show-config | grep '^cores' | cut -d '=' -f 2 | xargs)
 exp_features=$(nix show-config | grep '^experimental-features' | cut -d '=' -f 2 | xargs)
 [[ $prev != $exp_cores ]]
 [[ $exp_cores == "4242" ]]
-[[ $exp_features == "flakes nix-command" ]]
+[[ $exp_features == "nix-command flakes" ]]

tests/function-trace.sh

@@ -60,6 +60,8 @@ function-trace exited (string):1:1 at
 expect_trace '(x: x) 1 2' "
 function-trace entered (string):1:1 at
 function-trace exited (string):1:1 at
+function-trace entered (string):1:1 at
+function-trace exited (string):1:1 at
 "
 
 # Not a function