delocate/delocating.py: Sanitize each file only once, parallelize

[mkoeppe]

Performance improvement based in part on a change in #256. PR is on top of #260, for fixing the handling of duplicate rpaths.

• _sanitize_rpaths now calls _remove_absolute_rpaths only once for the same file. This saves calls to otool to retrieve rpaths.
• Parallelize the calls of _remove_absolute_rpaths using concurrent.futures.ThreadPoolExecutor.

Pull Request Checklist

• Read and follow the CONTRIBUTING.md guide
• Mentioned relevant issues
• Append public facing changes to Changelog.md
• Ensure new features are covered by tests
• Ensure fixes are verified by tests

[HexDecimal]

Funny thing about this. If a library has a duplicate rpath than the CLI tool used to remove paths will only remove one of the duplicates.

[mkoeppe]

Right, but _delete_rpaths already takes care of calling install_name_tool the right number of times (once for every bad rpath)

[HexDecimal]

Right, but _delete_rpaths already takes care of calling install_name_tool the right number of times (once for every bad rpath)

"once for every bad rpath" is not the right number of times when duplicate paths are not accounted for. This has merged rpaths into a set via dictionary keys, removing duplicates which could cause them to be missed.

I'll only approve this if a test exists for sanitizing a library with duplicate absolute paths and duplicate relative paths.

I would agree that handling rpath duplicates should be accounted for by _remove_absolute_rpaths instead of its caller _sanitize_rpaths.

If this is for performance: The performance issues from this are caused by replace_signature. It would be better to properly defer signature generation instead of scrutinizing the number of times _remove_absolute_rpaths is called. Functions which invalidate a files signature could return the invalided files to the caller.

[HexDecimal]

I could also be misreading this. You might need to walk be through this if it's correct. Or else I might need to come back to it later.

[mkoeppe]

You are right, there's something fishy there, related to _remove_absolute_rpaths still using the deprecated function get_rpaths, which uniquifies the rpaths. This should probably be replaced by using _get_rpaths.

[HexDecimal]

My suggestion is to instead add ad_hoc_sign=False to the _remove_absolute_rpaths call and then call replace_signature on the modified files once. Assuming this was for performance.

[HexDecimal]

You are right, there's something fishy there, related to _remove_absolute_rpaths still using the deprecated function get_rpaths, which uniquifies the rpaths. This should probably be replaced by using _get_rpaths.

I would believe that _remove_absolute_rpaths code is actually wrong here. It looks like in its current state it would miss the duplicate paths that I mentioned. Specifically it looks like a regression caused by the get_rpaths function. #208 never added a test for the issue it fixed.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 97.47%. Comparing base (b6886bf) to head (4844ef3).

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #257      +/-   ##
==========================================
+ Coverage   97.42%   97.47%   +0.04%     
==========================================
  Files          16       16              
  Lines        1242     1265      +23     
==========================================
+ Hits         1210     1233      +23     
  Misses         32       32              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[mkoeppe]

The existing suite of test wheels seems much too limited to be sure about the correctness of the code regarding the rpath situation

[HexDecimal]

I think this method of conditional signage is wrong tactic. Files to be signed should to be propagated to the caller to be signed all at once. There are later steps of changes which will invalid the signatures of the currently touched code.

Note that there is also the validate_signature function which only signs files which were invalidated. Signatures can be disabled until a final step which validates all binary files at once.

[mkoeppe]

Rebased on top of #260

[mkoeppe]

Testing at https://github.com/passagemath/passagemath/actions/runs/19008534669?pr=1755

[mkoeppe]

This speeds up the sanitizing phase to 2 minutes, bringing the total down to 16.5 minutes.

https://github.com/passagemath/passagemath/actions/runs/19008534669/job/54293344668?pr=1755#step:25:3332

Sun, 02 Nov 2025 14:47:16 GMT
  + delocate-wheel --require-archs x86_64 -w /private/var/folders/5k/fq5ptf2906bgfn1krb78bmj00000gn/T/cibw-run-saub2489/cp310-macosx_x86_64/repaired_wheel -v /private/var/folders/5k/fq5ptf2906bgfn1krb78bmj00000gn/T/cibw-run-saub2489/cp310-macosx_x86_64/built_wheel/passagemath_fricas-10.6.31-cp310-cp310-macosx_13_0_x86_64.whl
Sun, 02 Nov 2025 14:51:50 GMT
  INFO:delocate.delocating:Copying library /Users/runner/sage-local/lib/libecl.24.5.10.dylib to passagemath_fricas.dylibs/libecl.24.5.10.dylib
Sun, 02 Nov 2025 14:51:50 GMT
  INFO:delocate.delocating:Copying library /Users/runner/sage-local/lib/libgmp.10.dylib to passagemath_fricas.dylibs/libgmp.10.dylib
Sun, 02 Nov 2025 14:51:50 GMT
  INFO:delocate.delocating:Copying library /Users/runner/sage-local/lib/libgc.1.dylib to passagemath_fricas.dylibs/libgc.1.dylib
Sun, 02 Nov 2025 14:51:50 GMT
  INFO:delocate.delocating:Copying library /Users/runner/sage-local/lib/libffi.8.dylib to passagemath_fricas.dylibs/libffi.8.dylib
Sun, 02 Nov 2025 14:51:50 GMT
  INFO:delocate.delocating:Modifying install name in sage_wheels/lib/fricas/target/x86_64-apple-darwin24.6.0/bin/FRICASsys from @rpath/libecl.24.5.dylib to @loader_path/../../../../../../passagemath_fricas.dylibs/libecl.24.5.10.dylib
...
Sun, 02 Nov 2025 14:59:16 GMT
  INFO:delocate.delocating:Modifying install name in passagemath_fricas.dylibs/libecl.24.5.10.dylib from /Users/runner/sage-local/lib/libffi.8.dylib to @loader_path/libffi.8.dylib
Sun, 02 Nov 2025 14:59:16 GMT
  INFO:delocate.tools:Sanitize: Deleting rpath '/Users/runner/sage-local/lib/' from '/private/var/folders/5k/fq5ptf2906bgfn1krb78bmj00000gn/T/tmpx5v9ah32/wheel/sage_wheels/lib/fricas/target/x86_64-apple-darwin24.6.0/bin/FRICASsys'
...
Sun, 02 Nov 2025 15:01:11 GMT
  INFO:delocate.tools:Sanitize: Deleting rpath '/Users/runner/sage-local/lib/' from '/private/var/folders/5k/fq5ptf2906bgfn1krb78bmj00000gn/T/tmpx5v9ah32/wheel/passagemath_fricas.dylibs/libecl.24.5.10.dylib'
Sun, 02 Nov 2025 15:03:56 GMT
  INFO:delocate.delocating:Output:/private/var/folders/5k/fq5ptf2906bgfn1krb78bmj00000gn/T/cibw-run-saub2489/cp310-macosx_x86_64/repaired_wheel/passagemath_fricas-10.6.31-cp310-cp310-macosx_13_0_x86_64.whl
Sun, 02 Nov 2025 15:03:56 GMT
  Fixing: /private/var/folders/5k/fq5ptf2906bgfn1krb78bmj00000gn/T/cibw-run-saub2489/cp310-macosx_x86_64/built_wheel/passagemath_fricas-10.6.31-cp310-cp310-macosx_13_0_x86_64.whl
Sun, 02 Nov 2025 15:03:56 GMT
  Copied to package .dylibs directory:
Sun, 02 Nov 2025 15:03:56 GMT
    /Users/runner/sage-local/lib/libecl.24.5.10.dylib
Sun, 02 Nov 2025 15:03:56 GMT
    /Users/runner/sage-local/lib/libffi.8.dylib
Sun, 02 Nov 2025 15:03:56 GMT
    /Users/runner/sage-local/lib/libgc.1.dylib
Sun, 02 Nov 2025 15:03:56 GMT
    /Users/runner/sage-local/lib/libgmp.10.dylib

[mkoeppe]

Testing at https://github.com/passagemath/passagemath/actions/runs/19055757176?pr=1755