Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mysterious SES_ALREADY_LOCKED_DOWN failure when using @endo/init/debug.js #5570

Closed
erights opened this issue Jun 10, 2022 · 5 comments · Fixed by #5589
Closed

Mysterious SES_ALREADY_LOCKED_DOWN failure when using @endo/init/debug.js #5570

erights opened this issue Jun 10, 2022 · 5 comments · Fixed by #5589
Assignees
@kriskowal @erights
Labels
endo
Milestone
Mainnet 1 RC0

Comments

@erights
Copy link
Member

erights commented Jun 10, 2022

agoric-sdk/packages/cosmic-swingset/test/test-clean-core-eval.js

Line 1 in 09b239d

import '@endo/init';

Changing this to '@endo/init/debug.js' but that fails with SES_ALREADY_LOCKED_DOWN for reasons we have not yet diagnosed.

See #5567
@Tartuffo Tartuffo added the endo label Jun 13, 2022
@kriskowal
Copy link
Member

I’ve isolated the root cause. If the test imports @endo/init/debug.js, it then also imports ../scripts/clean-core-eval.js, which in turn imports @endo/init, resulting in another lockdown() call.

We can fix this immediately by changing both to debug.js. This would mean the script runs in debug mode. I’ll defer to @michaelfig whether that’s acceptable. If it’s not acceptable, we would need to factor debugEvaluableCode and compareEvaluate into shared library code.

@erights
Copy link
Member Author

erights commented Jun 14, 2022

Does this mean that lockdown was called twice, and would continue to be called twice? I thought we changed lockdown to unconditionally reject that.

@michaelfig
Copy link
Member

I’ll defer to @michaelfig whether that’s acceptable.

I believe the correct solution is to introduce state in the lockdown wrapper in @endo/lockdown/pre.js to only actually lock down the first time. I recognize that wasn't desirable behaviour for ses proper, but I think it's useful to ensure that the @endo/init and @endo/lockdown wrappers never cause errors of this kind.

@kriskowal kriskowal mentioned this issue Jun 14, 2022
Merged
@kriskowal
Copy link
Member

We do unconditionally reject calling lockdown again, and this issue illustrates that failure mode.

I’m weary of accidentally downgrading lockdown in an import-order dependent way and I do think this error has guided us to improve the software. I agree that the error, as presented here, is a bad developer experience. The underlying error reveals the stack at both points at lockdown, and ava occluded the stacks, even with verbose stack filtering.

To debug this, I instrumented a log with both the stack and PID into the SES version in the working copy, which is not something I’d expect a downstream developer to be able to do. However, we could include instructions in the error message or linked error code documentation to use another lockdown option to unconditionally log the stack and PID at lockdown.

@michaelfig
Copy link
Member

michaelfig commented Jun 14, 2022
edited
Loading

I think I have a recommendation. The current behaviour (fail fast if already locked down by anything else) should be implemented by@endo/init/lockdown.js. Then, the default @endo/init should be idempotent: a no-op if already locked down by anything else in @endo/init (like @endo/init/debug.js or @endo/init/lockdown.js).

@mergify mergify bot closed this as completed in #5589 Jun 15, 2022
@Tartuffo Tartuffo added this to the Mainnet 1 milestone Jul 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kriskowal kriskowal

@erights erights

Labels
endo
Projects
None yet
Milestone
Mainnet 1 RC0
Development

Successfully merging a pull request may close this issue.

fix(cosmic-swingset): Use Endo debug mode for tests and scripts Agoric/agoric-sdk
4 participants
@kriskowal @erights @michaelfig @Tartuffo