Manifest-based runfiles lookup is non-hermetic #14500
Comments
|
I think that bfdfa6e has to be reverted as the resulting lookup process is inherently unsound. This will of course break #10598, but I don't think that issue should be solved by modifying the runfiles lookup process. Would it be possible to merge in runfiles of the top-level target when using |
|
AIUI bfdfa6e is inconsistent with https://docs.google.com/document/d/e/2PACX-1vSDIrFnFvEYhKsCMdGdD40wZRBX3m3aZ5HhVj4CtHPmiXKDCxioTUbYsDydjKtFDAzER5eg7OjJWs3V/pub. The section "Action items" in https://docs.google.com/document/d/e/2PACX-1vSDIrFnFvEYhKsCMdGdD40wZRBX3m3aZ5HhVj4CtHPmiXKDCxioTUbYsDydjKtFDAzER5eg7OjJWs3V/pub states (emphasis mine):
That statement in https://docs.google.com/document/d/e/2PACX-1vSDIrFnFvEYhKsCMdGdD40wZRBX3m3aZ5HhVj4CtHPmiXKDCxioTUbYsDydjKtFDAzER5eg7OjJWs3V/pub appears to be inconsistent with the "Runfiles discovery" section in the same document, which says to check for |
|
I think that the runfiles libraries were indeed working as intended before bfdfa6e and the issue in #10598 is not an issue in Bazel, but in the particular target used with |
|
Yeah, I agree that at the very least bfdfa6e should be reverted (and an integration test case be added so that it stays reverted). |
|
/cc @mai93 |
|
Thanks for reporting this. Taking a closer look, I agree we shouldn't have changed the logic of |
meteorcloudy
added
breakage
P1
*** Reason for rollback *** Due to #14500 *** Original change description *** Update find runfiles manifest file logic This pull request updates the `FindManifestFileImpl` function to look for the runfiles manifest file of the binary first. If it is not found, it can use the manifest file specified in the environment variables `RUNFILES_MANIFEST_FILE` if it exists. The same logic is applied in `runfiles_src.cc` to find runfiles manifest file / directory of cc binaries. This is done to avoid using the manifest file... *** PiperOrigin-RevId: 419548921
*** Reason for rollback *** Due to bazelbuild#14500 *** Original change description *** Update find runfiles manifest file logic This pull request updates the `FindManifestFileImpl` function to look for the runfiles manifest file of the binary first. If it is not found, it can use the manifest file specified in the environment variables `RUNFILES_MANIFEST_FILE` if it exists. The same logic is applied in `runfiles_src.cc` to find runfiles manifest file / directory of cc binaries. This is done to avoid using the manifest file... *** PiperOrigin-RevId: 419548921
|
OK I sent #14515 to cherry-pick the rollback into 5.0 |
*** Reason for rollback *** Due to #14500 *** Original change description *** Update find runfiles manifest file logic This pull request updates the `FindManifestFileImpl` function to look for the runfiles manifest file of the binary first. If it is not found, it can use the manifest file specified in the environment variables `RUNFILES_MANIFEST_FILE` if it exists. The same logic is applied in `runfiles_src.cc` to find runfiles manifest file / directory of cc binaries. This is done to avoid using the manifest file... *** PiperOrigin-RevId: 419548921
|
@Wyverald Could you update the doc at https://docs.google.com/document/d/e/2PACX-1vSDIrFnFvEYhKsCMdGdD40wZRBX3m3aZ5HhVj4CtHPmiXKDCxioTUbYsDydjKtFDAzER5eg7OjJWs3V/pub with the (previous and now again current) behavior of the runfiles discovery process implemented in Bazel? Specifically, the points 1 and 2 under
have to be interchanged. This would help me get this fix into third-party runfiles libraries, e.g. the one for Go. |
|
I don't actually have write access to that doc (I can't find the edit link at all, in fact). @meteorcloudy do you have write access? |
|
Hmmm, unfortunately nope, not even comment access.. |
|
Since this is more or less the only canonical place where the behavior is documented (except for the code itself) and is linked to from a number of commits and third-party resources, it would be great if you could identify the author and regain edit rights. |
|
@laszlocsomor do you by any chance know what happened to your doc? :) |
|
Hey @Wyverald , I think @lberki obtained access to it. If not, you should be able to request ownership access if the doc is owned by a xoogler. @meteorcloudy I hope you know how this works :) |
|
OK, we'll figure it out! |
|
Yeah the problem is really that we can't find the actual link to the doc, just the /pub link. But I'll ask Lukács anyhow. Thanks! |
|
Thanks for @laszlocsomor's help, we have recovered the access and fixed the documentation! |
Now that bazelbuild/bazel#14500 is fixed it should no longer be necessary.
Now that bazelbuild/bazel#14500 is fixed it should no longer be necessary.
This addresses bazelbuild/bazel#14343. This is only possible because bazelbuild/bazel#14500 has been fixed in all supported Bazel versions.
This addresses bazelbuild/bazel#14343. This is only possible because bazelbuild/bazel#14500 has been fixed in all supported Bazel versions.
Now that bazelbuild/bazel#14500 is fixed it should no longer be necessary.
Now that bazelbuild/bazel#14500 is fixed it should no longer be necessary.
This reverts commit ca3ba21. With bazelbuild/bazel#14500 and bazelbuild/bazel#14515, this should now be resolved in all supported Bazel versions.
This reverts commit ca3ba21. With bazelbuild/bazel#14500 and bazelbuild/bazel#14515, this should now be resolved in all supported Bazel versions.
This reverts commit ca3ba21. With bazelbuild/bazel#14500 and bazelbuild/bazel#14515, this should now be resolved in all supported Bazel versions.
This reverts commit ca3ba21. With bazelbuild/bazel#14500 and bazelbuild/bazel#14515, this should now be resolved in all supported Bazel versions.
Description of the problem / feature request:
The Bazel runfiles libraries behave non-hermetically with
--enable_runfiles=false.Bugs: what's the simplest, easiest way to reproduce this bug? Please provide a minimal example if possible.
bazel run //parent:Parentand observe that the runfiles lookup succeeds.datadependency of//child.bazel build //child.bazel build //child.bazel run //parent:Parentand observe that the runfiles lookup fails.What operating system are you running Bazel on?
Linux, but applies to all OSes. This is particularly important on Windows where
--enable_runfilesdefaults tofalse.What's the output of
bazel info release?5.0.0rc3
Have you found anything relevant by searching the web?
The change that introduced the regression is bfdfa6e. The same behavior can't be reproduced with Bazel 4.2.2, since the runfiles env variables are checked first there before the runfiles manifest is looked up next to the binary.
The root cause of the issue is that the first manifest-based lookup returns a path in the Bazel cache. But the contents of the cache are not hermetic and may contain outdated runfiles manifests for non-top-level binaries. If any of these binaries is invoked and first searches for the manifest next to itself instead of using the manifest set in
RUNFILES_MANIFEST_FILE, it will behave non-hermetically.The same issue can be reproduced with
--enable_runfiles=trueif for some reason the parent process resolves the runfiles tree symlink to the child process before launching it.The process described in the original design doc is also affected. I do not know whether it has been updated after the breaking commit or has always been buggy in this way.
Any other information, logs, or outputs that you want to share?
The output of the reproducer with Bazel 4.2.2:
The output of the last step of the reproducer with Bazel 5.0.0rc3:
The text was updated successfully, but these errors were encountered: