Add a SandboxedSpawnActionContext interface and implementations for o…

…ur sandboxed execution strategies. -- MOS_MIGRATED_REVID=134054610
nitinreddy3 · Sep 23, 2016 · f399a21 · f399a21
1 parent 33ad376
commit f399a21
Show file tree

Hide file tree

Showing 4 changed files with 98 additions and 10 deletions.
diff --git a/src/main/java/com/google/devtools/build/lib/actions/SandboxedSpawnActionContext.java b/src/main/java/com/google/devtools/build/lib/actions/SandboxedSpawnActionContext.java
@@ -0,0 +1,51 @@
+// Copyright 2016 The Bazel Authors. All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.devtools.build.lib.actions;
+
+import java.util.concurrent.atomic.AtomicReference;
+
+/**
+ * A context that allows execution of {@link Spawn} instances similar to {@link SpawnActionContext},
+ * but with the additional restriction, that during execution the {@link Spawn} must not be allowed
+ * to modify the current execution root of the build. Instead, the {@link Spawn} should be executed
+ * in a sandbox or on a remote system and its output files only be moved to the execution root, if
+ * the implementation is able to {@code compareAndSet} the {@link AtomicReference} that is passed to
+ * the {@link #exec} method to its own class object (e.g. LinuxSandboxedStrategy.class).
+ *
+ * <p>If the {@code compareAndSet} fails, the Spawn strategy should abandon the output of its
+ * execution and throw an {@link InterruptedException} from its {@code exec} method.
+ */
+public interface SandboxedSpawnActionContext extends SpawnActionContext {
+
+  /**
+   * Executes the given spawn.
+   *
+   * <p>When the {@link SpawnActionContext} is about to move the output files of the spawn out of
+   * the sandbox into the execroot, it has to first verify that the {@link AtomicReference} is still
+   * null or already set to a value uniquely identifying the current {@link SpawnActionContext}
+   * (e.g. the class object of the strategy). This is to ensure that in case multiple {@link
+   * SandboxedSpawnActionContext} instances are processing the {@link Spawn} in parallel that only
+   * one strategy actually generates the output files.
+   *
+   * <p>If the {@link AtomicReference} is not null (thus {@code #compareAndSet} fails) and not set
+   * to the unique reference of the strategy, the {@link SandboxedSpawnActionContext} should abandon
+   * all results and raise {@link InterruptedException}.
+   */
+  void exec(
+      Spawn spawn,
+      ActionExecutionContext actionExecutionContext,
+      AtomicReference<Class<? extends SpawnActionContext>> writeOutputFiles)
+      throws ExecException, InterruptedException;
+}
diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/DarwinSandboxedStrategy.java b/src/main/java/com/google/devtools/build/lib/sandbox/DarwinSandboxedStrategy.java
@@ -54,6 +54,7 @@
 import java.util.UUID;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.atomic.AtomicInteger;
+import java.util.concurrent.atomic.AtomicReference;
 
 /** Strategy that uses sandboxing to execute a process, for Darwin */
 @ExecutionStrategy(
@@ -147,7 +148,16 @@ private static String getConfStr(String confVar) throws IOException {
 
   @Override
   public void exec(Spawn spawn, ActionExecutionContext actionExecutionContext)
-      throws ExecException {
+      throws ExecException, InterruptedException {
+    exec(spawn, actionExecutionContext, null);
+  }
+
+  @Override
+  public void exec(
+      Spawn spawn,
+      ActionExecutionContext actionExecutionContext,
+      AtomicReference<Class<? extends SpawnActionContext>> writeOutputFiles)
+      throws ExecException, InterruptedException {
     Executor executor = actionExecutionContext.getExecutor();
 
     // Certain actions can't run remotely or in a sandbox - pass them on to the standalone strategy.
@@ -210,14 +220,23 @@ public void exec(Spawn spawn, ActionExecutionContext actionExecutionContext)
             Spawns.getTimeoutSeconds(spawn),
             SandboxHelpers.shouldAllowNetwork(buildRequest, spawn));
       } finally {
-        hardlinkedExecRoot.copyOutputs(execRoot, outputs);
+        if (writeOutputFiles != null
+            && !writeOutputFiles.compareAndSet(null, DarwinSandboxedStrategy.class)) {
+          Thread.currentThread().interrupt();
+        } else {
+          hardlinkedExecRoot.copyOutputs(execRoot, outputs);
+        }
         if (!sandboxDebug) {
           SandboxHelpers.lazyCleanup(backgroundWorkers, runner);
         }
       }
     } catch (IOException e) {
       throw new UserExecException("I/O error during sandboxed execution", e);
     }
+
+    if (Thread.interrupted()) {
+      throw new InterruptedException();
+    }
   }
 
   @Override

diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedStrategy.java b/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedStrategy.java
@@ -34,6 +34,7 @@
 import java.util.UUID;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.atomic.AtomicInteger;
+import java.util.concurrent.atomic.AtomicReference;
 
 /** Strategy that uses sandboxing to execute a process. */
 @ExecutionStrategy(
@@ -81,12 +82,19 @@ public static boolean isSupported(CommandEnvironment env) {
     this.fullySupported = fullySupported;
   }
 
-  /**
-   * Executes the given {@code spawn}.
-   */
+  /** Executes the given {@code spawn}. */
   @Override
   public void exec(Spawn spawn, ActionExecutionContext actionExecutionContext)
-      throws ExecException {
+      throws ExecException, InterruptedException {
+    exec(spawn, actionExecutionContext, null);
+  }
+
+  @Override
+  public void exec(
+      Spawn spawn,
+      ActionExecutionContext actionExecutionContext,
+      AtomicReference<Class<? extends SpawnActionContext>> writeOutputFiles)
+      throws ExecException, InterruptedException {
     Executor executor = actionExecutionContext.getExecutor();
 
     // Certain actions can't run remotely or in a sandbox - pass them on to the standalone strategy.
@@ -129,6 +137,7 @@ public void exec(Spawn spawn, ActionExecutionContext actionExecutionContext)
       } else {
         runner = new ProcessWrapperRunner(execRoot, sandboxPath, sandboxExecRoot, verboseFailures);
       }
+
       try {
         runner.run(
             spawn.getArguments(),
@@ -137,14 +146,24 @@ public void exec(Spawn spawn, ActionExecutionContext actionExecutionContext)
             Spawns.getTimeoutSeconds(spawn),
             SandboxHelpers.shouldAllowNetwork(buildRequest, spawn));
       } finally {
-        symlinkedExecRoot.copyOutputs(execRoot, outputs);
+        if (writeOutputFiles != null
+            && !writeOutputFiles.compareAndSet(null, LinuxSandboxedStrategy.class)) {
+          Thread.currentThread().interrupt();
+        } else {
+          symlinkedExecRoot.copyOutputs(execRoot, outputs);
+        }
+
         if (!sandboxOptions.sandboxDebug) {
           SandboxHelpers.lazyCleanup(backgroundWorkers, runner);
         }
       }
     } catch (IOException e) {
       throw new UserExecException("I/O error during sandboxed execution", e);
     }
+
+    if (Thread.interrupted()) {
+      throw new InterruptedException();
+    }
   }
 
   private ImmutableSet<Path> getBindMounts(BlazeDirectories blazeDirs) {
@@ -159,5 +178,4 @@ private ImmutableSet<Path> getBindMounts(BlazeDirectories blazeDirs) {
     }
     return bindMounts.build();
   }
-
 }
diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/SandboxStrategy.java b/src/main/java/com/google/devtools/build/lib/sandbox/SandboxStrategy.java
@@ -19,16 +19,16 @@
 import com.google.devtools.build.lib.actions.ActionExecutionContext;
 import com.google.devtools.build.lib.actions.EnvironmentalExecException;
 import com.google.devtools.build.lib.actions.ExecException;
+import com.google.devtools.build.lib.actions.SandboxedSpawnActionContext;
 import com.google.devtools.build.lib.actions.Spawn;
-import com.google.devtools.build.lib.actions.SpawnActionContext;
 import com.google.devtools.build.lib.analysis.BlazeDirectories;
 import com.google.devtools.build.lib.vfs.Path;
 import com.google.devtools.build.lib.vfs.PathFragment;
 import java.io.IOException;
 import java.util.Map;
 
 /** Abstract common ancestor for sandbox strategies implementing the common parts. */
-abstract class SandboxStrategy implements SpawnActionContext {
+abstract class SandboxStrategy implements SandboxedSpawnActionContext {
 
   private final BlazeDirectories blazeDirs;
   private final boolean verboseFailures;