Problem
When gh-aw compiles a workflow with many imports or inlined-imports: true, the assembled prompt can be 100–200+ KB. The compiler generates the agent command as:
copilot_driver.cjs ... --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"
This shell-expands the entire prompt file into a single argv element. Combined with the container environment (even after the --env-all size filtering from #1978), the total argv + envp can exceed the Linux kernel's ~2 MB ARG_MAX limit, causing:
/bin/bash: line 1: /usr/local/bin/node: Argument list too long
Exit code 126. The agent never starts.
Root Cause
The execve syscall rejects the process launch when argv + envp > ARG_MAX. The prompt is inlined into argv via $(cat ...) shell expansion, which means a 150 KB prompt consumes 150 KB of the ~2 MB budget. The remaining budget is consumed by environment variables forwarded into the container.
PR #1978 addressed the environment side (size-based filtering for --env-all), but the prompt-in-argv side is still unmitigated. For workflows with large imported content, the prompt alone can be a significant fraction of ARG_MAX.
AWF's Role
The primary fix belongs in gh-aw (the compiler), which generates the --prompt "$(cat ...)" command. However, AWF can contribute:
1. Ensure prompt file is accessible inside the container
The prompt file at /tmp/gh-aw/aw-prompts/prompt.txt is already accessible inside the AWF container because /tmp is bind-mounted read-write. The gh-aw compiler can switch from --prompt "$(cat file)" to --prompt-file file (if the engine CLI supports it) or cat file | engine --prompt - (stdin pipe) without any AWF changes.
Verification needed: Confirm /tmp/gh-aw/aw-prompts/ is visible inside the chroot at /host/tmp/gh-aw/aw-prompts/ and accessible to the agent user.
2. Consider a fallback wrapper (defense-in-depth)
AWF's entrypoint could detect when the agent command contains --prompt "$(cat ..." and automatically rewrite it to read from the file instead. This would provide a safety net even for older gh-aw versions. However, this is fragile and the compiler-side fix is preferred.
3. ARG_MAX budget logging
When --env-all is active, AWF already logs the environment size. It could also estimate the total argv + envp size and warn when it approaches ARG_MAX, helping users diagnose E2BIG failures before they happen.
Proposed Fix (gh-aw side)
The compiler should generate:
# Option A: --prompt-file (cleanest, requires engine CLI support)
copilot_driver.cjs ... --prompt-file /tmp/gh-aw/aw-prompts/prompt.txt
# Option B: stdin pipe (works today, no engine changes needed)
cat /tmp/gh-aw/aw-prompts/prompt.txt | copilot_driver.cjs ... --prompt -
This keeps the prompt on disk and reads it after execve succeeds, completely bypassing ARG_MAX.
Related
Problem
When gh-aw compiles a workflow with many imports or
inlined-imports: true, the assembled prompt can be 100–200+ KB. The compiler generates the agent command as:copilot_driver.cjs ... --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"This shell-expands the entire prompt file into a single
argvelement. Combined with the container environment (even after the--env-allsize filtering from #1978), the totalargv + envpcan exceed the Linux kernel's ~2 MBARG_MAXlimit, causing:Exit code 126. The agent never starts.
Root Cause
The
execvesyscall rejects the process launch whenargv + envp > ARG_MAX. The prompt is inlined into argv via$(cat ...)shell expansion, which means a 150 KB prompt consumes 150 KB of the ~2 MB budget. The remaining budget is consumed by environment variables forwarded into the container.PR #1978 addressed the environment side (size-based filtering for
--env-all), but the prompt-in-argv side is still unmitigated. For workflows with large imported content, the prompt alone can be a significant fraction of ARG_MAX.AWF's Role
The primary fix belongs in gh-aw (the compiler), which generates the
--prompt "$(cat ...)"command. However, AWF can contribute:1. Ensure prompt file is accessible inside the container
The prompt file at
/tmp/gh-aw/aw-prompts/prompt.txtis already accessible inside the AWF container because/tmpis bind-mounted read-write. The gh-aw compiler can switch from--prompt "$(cat file)"to--prompt-file file(if the engine CLI supports it) orcat file | engine --prompt -(stdin pipe) without any AWF changes.Verification needed: Confirm
/tmp/gh-aw/aw-prompts/is visible inside the chroot at/host/tmp/gh-aw/aw-prompts/and accessible to the agent user.2. Consider a fallback wrapper (defense-in-depth)
AWF's entrypoint could detect when the agent command contains
--prompt "$(cat ..."and automatically rewrite it to read from the file instead. This would provide a safety net even for older gh-aw versions. However, this is fragile and the compiler-side fix is preferred.3. ARG_MAX budget logging
When
--env-allis active, AWF already logs the environment size. It could also estimate the totalargv + envpsize and warn when it approaches ARG_MAX, helping users diagnose E2BIG failures before they happen.Proposed Fix (gh-aw side)
The compiler should generate:
This keeps the prompt on disk and reads it after
execvesucceeds, completely bypassing ARG_MAX.Related
Argument list too long(E2BIG) when prompt + env exceed ARG_MAX gh-aw#26045Argument list too long(E2BIG) when prompt + env exceed ARG_MAX gh-aw#26045 (comment)