builtins.hashString non-deterministic when paired with builtins.fetchGit in pure evaluation mode. #368
Description
Minimal reproducible example:
flake.nix:
{
outputs =
{ self }:
{
testHash =
let
fetched = builtins.fetchGit {
url = "https://github.com/nix-community/home-manager";
rev = "91be7cce763fa4022c7cf025a71b0c366d1b6e77";
};
str = toString fetched;
hash = builtins.hashString "sha256" str;
context = builtins.getContext str;
in
{
inherit str hash context;
narHash = fetched.narHash;
};
};
}calling eval in pure mode results in different hash even though the input string and its context are the same:
➜ nix-hash-bug nix eval --json .\#testHash
{
"context": {
"/nix/store/3iikb429ymkxli36jw9q9x1a9zmz6295-source": {
"path": true
}
},
"hash": "6a1d1de2986e09bdb250f8d74503e1bc9b7596155575593aea094936ecdcc429",
"narHash": "sha256-1R3Wx6KUkMb4x4E5UOhW9p6rqiexzSGGWxZqSHqW5n0=",
"str": "/nix/store/3iikb429ymkxli36jw9q9x1a9zmz6295-source"
}
➜ nix-hash-bug nix eval --json .\#testHash
{
"context": {
"/nix/store/3iikb429ymkxli36jw9q9x1a9zmz6295-source": {
"path": true
}
},
"hash": "f6aef0c12770abc24aeb125a5783bdb05ff849463a3d900ca1c4516216a7a0b3",
"narHash": "sha256-1R3Wx6KUkMb4x4E5UOhW9p6rqiexzSGGWxZqSHqW5n0=",
"str": "/nix/store/3iikb429ymkxli36jw9q9x1a9zmz6295-source"
}
➜ nix-hash-bug nix eval --json .\#testHash
{
"context": {
"/nix/store/3iikb429ymkxli36jw9q9x1a9zmz6295-source": {
"path": true
}
},
"hash": "d464a0dd5407616548573e3abc27c80eed7d93f2b7d5eb81960b151d821d15a3",
"narHash": "sha256-1R3Wx6KUkMb4x4E5UOhW9p6rqiexzSGGWxZqSHqW5n0=",
"str": "/nix/store/3iikb429ymkxli36jw9q9x1a9zmz6295-source"
}It is stable when using actual string literals, it seems to be related to feeding it builtins.fetchGit associated data.
Discarding the string context doesn't fix this, and the context is stable anyway.
Tested with nix (Determinate Nix 3.16.0) 2.33.3
This is not an issue when upstream nix is used.