darwin's docker sandbox sets invalid TMPDIR

Open ashi009 opened this issue 1 year ago • 0 comments

Description of the bug:

Darwin sets TMPDIR in the login shell by default, and it will be forwarded to action. When using docker-sandbox, the TMPDIR refers to a host location that is not mounted in the container.

Which category does this issue belong to?

No response

What's the simplest, easiest way to reproduce this bug? Please provide a minimal example if possible.

bazel build --experimental_enable_docker_sandbox --experimental_docker_image=

Which operating system are you running Bazel on?

macOS

What is the output of `bazel info release`?

release 7.2.1

If `bazel info release` returns `development version` or `(@non-git)`, tell us how you built Bazel.

No response

What's the output of `git remote get-url origin; git rev-parse HEAD` ?

No response

If this is a regression, please try to identify the Bazel commit where the bug was introduced with bazelisk --bisect.

No response

Have you found anything relevant by searching the web?

No response

Any other information, logs, or outputs that you want to share?

The TMPDIR is passed to docker from https://cs.opensource.google/bazel/bazel/+/master:src/main/java/com/google/devtools/build/lib/sandbox/DockerSandboxedSpawnRunner.java;l=221;drc=3fddc7f38ace43981d839ed4558b8a457caf41fb, and on darwin, the rewriteLocalEnv will always keep the value of TMPDIR as in https://cs.opensource.google/bazel/bazel/+/master:src/main/java/com/google/devtools/build/lib/exec/local/XcodeLocalEnvProvider.java;l=65;drc=f34d8c925472b481e78d0a4d1dd9447093fbcc0b.

bazel build //third_party/cc/openssl --config=experimental-linux-docker-sandbox --sandbox_debug -s
INFO: Docker sandboxing is supported
INFO: Analyzed target //third_party/cc/openssl:openssl (0 packages loaded, 0 targets configured).
SUBCOMMAND: # @@rules_foreign_cc//toolchains/private:make_tool [action 'BootstrapGNUMake external/rules_foreign_cc/toolchains/private/make [for tool]', configuration: a5edad3eef4b8d39e5bc022d8e63cbd663ac08489690c02ed1e299355b02495b, execution platform: //tools/platform:linux_arm64, mnemonic: BootstrapGNUMake]
(cd /private/var/tmp/_bazel_xiaoyishi/79c76c5b4224312419386af2e6f9c092/execroot/__main__ && \
  exec env - \
  /bin/bash -c bazel-out/aarch64-opt-exec-ST-09a937efd641/bin/external/rules_foreign_cc/toolchains/private/make_tool_foreign_cc/wrapper_build_script.sh)
# Configuration: a5edad3eef4b8d39e5bc022d8e63cbd663ac08489690c02ed1e299355b02495b
# Execution platform: //tools/platform:linux_arm64
ERROR: /private/var/tmp/_bazel_xiaoyishi/79c76c5b4224312419386af2e6f9c092/external/rules_foreign_cc/toolchains/private/BUILD.bazel:23:10: BootstrapGNUMake external/rules_foreign_cc/toolchains/private/make [for tool] failed: (Exit 77): process-wrapper failed: error executing BootstrapGNUMake command
  (cd /private/var/tmp/_bazel_xiaoyishi/79c76c5b4224312419386af2e6f9c092/sandbox/docker/12/execroot/__main__ && \
  exec env - ... \
  /var/tmp/_bazel_xiaoyishi/install/abee1bc4a5caa87f8299faf78a2e8b97/process-wrapper '--kill_delay=15' /usr/local/bin/docker run --rm '--network=none' -e 'PATH=...' -e 'TMPDIR=/var/folders/67/vhyv_gwn0pjd0fjm5jxd_6fh0000gn/T/' -v /private/var/tmp/_bazel_xiaoyishi/79c76c5b4224312419386af2e6f9c092/sandbox/docker/12/execroot/__main__:/execroot/__main__ -w /execroot/__main__ -l 'command_id=aaf2ece8-08b1-450b-ad63-d684d08fbc31' --name f321fc40-bf96-4b4e-acfc-8b75e407c9cb bazel/infra/container:builder_arm64 /bin/bash -c bazel-out/aarch64-opt-exec-ST-09a937efd641/bin/external/rules_foreign_cc/toolchains/private/make_tool_foreign_cc/wrapper_build_script.sh)
rules_foreign_cc: Build failed!
rules_foreign_cc: Keeping temp build directory and dependencies directory for debug.
rules_foreign_cc: Please note that the directories inside a sandbox are still cleaned unless you specify --sandbox_debug Bazel command line flag.
rules_foreign_cc: Printing build logs:
_____ BEGIN BUILD LOGS _____
...
configure: error: C compiler cannot create executables
See `config.log' for more details
_____ END BUILD LOGS _____
rules_foreign_cc: Build wrapper script location: bazel-out/aarch64-opt-exec-ST-09a937efd641/bin/external/rules_foreign_cc/toolchains/private/make_tool_foreign_cc/wrapper_build_script.sh
rules_foreign_cc: Build script location: bazel-out/aarch64-opt-exec-ST-09a937efd641/bin/external/rules_foreign_cc/toolchains/private/make_tool_foreign_cc/build_script.sh
rules_foreign_cc: Build log location: bazel-out/aarch64-opt-exec-ST-09a937efd641/bin/external/rules_foreign_cc/toolchains/private/make_tool_foreign_cc/BootstrapGNUMake.log

Target //third_party/cc/openssl:openssl failed to build
Use --verbose_failures to see the command lines of failed build steps.
INFO: Elapsed time: 14.552s, Critical Path: 11.08s
INFO: 2 processes: 2 internal.
ERROR: Build did NOT complete successfully

and the config.log shows:

clang: error: unable to make temporary file: No such file or directory

Aug 14 '24 02:08 ashi009

darwin's docker sandbox sets invalid TMPDIR

Description of the bug:

Which category does this issue belong to?

What's the simplest, easiest way to reproduce this bug? Please provide a minimal example if possible.

Which operating system are you running Bazel on?

What is the output of bazel info release?

If bazel info release returns development version or (@non-git), tell us how you built Bazel.

What's the output of git remote get-url origin; git rev-parse HEAD ?

If this is a regression, please try to identify the Bazel commit where the bug was introduced with bazelisk --bisect.

Have you found anything relevant by searching the web?

Any other information, logs, or outputs that you want to share?

What is the output of `bazel info release`?

If `bazel info release` returns `development version` or `(@non-git)`, tell us how you built Bazel.

What's the output of `git remote get-url origin; git rev-parse HEAD` ?