Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

runtime: multi-arch build via qemu fails to exec go binary #68976

Closed
bjohnso5 opened this issue Aug 20, 2024 · 57 comments
Closed

runtime: multi-arch build via qemu fails to exec go binary #68976

bjohnso5 opened this issue Aug 20, 2024 · 57 comments
Labels
NeedsFix The path to resolution is known, but the work has not been done. telemetry x/telemetry issues
Milestone

Comments

@bjohnso5
Copy link

Go version

go version 1.23.0 linux/arm64

Output of go env in your module/workspace:

I'm unable to provide the output of `go env` as it fails with the same telemetry fork/exec error.

What did you do?

Our automated image build process fails to perform any step that invokes the go binary with the following error:

can't start telemetry child process: fork/exec /usr/local/go/bin/go: invalid argument

The Dockerfile is here, and is being built via a script that invokes docker buildx with multiple platforms, like:

docker buildx build --platform=linux/amd64,linux/arm64 --file 1.23/Dockerfile

It seems that there is something inherent in the qemu arm64 environment that renders go unable to fork itself to complete the telemetry setup. I'm fairly confident it's something specific to the 1.23 release as 1.22.6 builds successfully using the same setup today.

What did you see happen?

Failures to invoke any go command

What did you expect to see?

A successful install and configuration of go 1.23.0 in a multi-arch docker build.

@ianlancetaylor ianlancetaylor changed the title fork/exec failure: multi-arch build via qemu fails to exec go binary syscall: multi-arch build via qemu fails to exec go binary Aug 20, 2024
@ianlancetaylor ianlancetaylor added the compiler/runtime Issues related to the Go compiler and/or runtime. label Aug 20, 2024
@fearfate
Copy link

fearfate commented Aug 21, 2024

I got the error when build arm64 image in amd host machine with buildx

docker buildx create --use --name=baker --driver docker-container  --platform=linux/amd64 --platform=linux/arm64 
docker buildx build --builder baker --platform=linux/amd64 --platform=linux/arm64  -t {tag} --push .

then I tried to run manually with docker run -it --rm --platform linux/arm64 {tag}

after unzip the command, I got the same error can't start telemetry child process: fork/exec /usr/local/go/bin/go: invalid argument, but when I exec the chmod a+x ${GOROOT}/bin/*, it works without any permission changes. However, after apply this command to Dockerfile,the error was not dealed

Dockerfile example:

FROM almalinux:9.4-20240530

ENV GOROOT=/usr/local/go \
    GOLANG_VERSION=1.23.0 \
    GOPATH=/go

ENV PATH=$GOPATH/bin:$PATH:$GOROOT/bin

RUN set -eox pipefail \
    && dnf install -y curl \
    && mkdir -p "${GOROOT}" "$GOPATH/src" "$GOPATH/bin" && chmod -R 1777 "$GOPATH" \
    && curl -sSL "https://go.dev/dl/go${GOLANG_VERSION}.linux-$(cat < /etc/arch).tar.gz" | tar -zxvC ${GOROOT} --strip-components=1 \
#    && chmod a+x ${GOROOT}/bin/* \
    && go version

WORKDIR $GOPATH

@seankhliao
Copy link
Member

With the circleci dockerfile, I get a segfault in gcc cc1 rather than something in go directly:

 > [linux/arm64 5/5] RUN	GO install "golang.org/x/vuln/cmd/[email protected]" && go clean -cache -modcache && rm -rf "/home/circleci/go/pkg":                                                                                                   
0.120 + go install golang.org/x/vuln/cmd/[email protected]                                                                 
0.528 go: downloading golang.org/x/vuln v1.1.3                                                                              
1.116 go: downloading golang.org/x/telemetry v0.0.0-20240522233618-39ace7a40ae7                                             
1.120 go: downloading golang.org/x/mod v0.19.0                                                                              
1.120 go: downloading golang.org/x/tools v0.23.0                                                                            
1.171 go: downloading golang.org/x/sync v0.7.0                                                                              
50.74 # net                                                                                                                 
50.74 gcc: internal compiler error: Segmentation fault signal terminated program cc1                                        
50.74 Please submit a full bug report,
50.74 with preprocessed source if appropriate.
50.74 See <file:///usr/share/doc/gcc-11/README.Bugs> for instructions.
------
WARNING: No output specified with docker-container driver. Build result will only remain in the build cache. To push result image into registry use --push or to load image into docker use --load

 2 warnings found (use docker --debug to expand):
 - LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format (line 27)
 - LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format (line 28)
Dockerfile:48
--------------------
  46 |     USER circleci
  47 |     
  48 | >>> RUN	go install "golang.org/x/vuln/cmd/govulncheck@v${GOVULNCHECK_VERSION}" && go clean -cache -modcache && rm -rf "${GOPATH}/pkg"
  49 |     
--------------------
ERROR: failed to solve: process "/dev/.buildkit_qemu_emulator /bin/bash -exo pipefail -c go install \"golang.org/x/vuln/cmd/govulncheck@v${GOVULNCHECK_VERSION}\" && go clean -cache -modcache && rm -rf \"${GOPATH}/pkg\"" did not complete successfully: exit code: 1

@mgabeler-lee-6rs
Copy link

Might this have something to do with apparmor or other host "controls"? I was able to run the multiarch build on an Ubuntu 22.04 host using Docker 24.0.7 (from Ubuntu's packages) without errors, and inside the resulting arm64 container was able to run without errors:

  • go version
  • go telemetry on
  • go install golang.org/x/telemetry/cmd/gotelemetry@latest
  • gotelemetry on
  • gotelemetry upload (didn't have anything to upload, unsurprisingly)

@prattmic
Copy link
Member

Could you run the failing command under strace -F so we can see exactly which system call is failing?

@prattmic
Copy link
Member

cc @golang/telemetry

@findleyr findleyr added this to the Go1.23.1 milestone Aug 21, 2024
@findleyr
Copy link
Contributor

CC @matloob

Independent of the root cause, a failure to start the telemetry child process shouldn't prevent the go command from being used.

@bjohnso5
Copy link
Author

Could you run the failing command under strace -F so we can see exactly which system call is failing?

It appears the ptrace function(s) aren't implemented in the emulation environment:
image

@bjohnso5
Copy link
Author

Not sure if this is helpful, but I'm attaching two strace -f output files from the linux/arm64 golang:1.23.0 and golang:1.22.6 official images running go env. Note that these are in the successful case, but I'm hoping it might help with comparison if required.

go1.22.6_go_env_strace.txt
go1.23_go_env_strace.txt

@dmitshur
Copy link
Contributor

dmitshur commented Aug 21, 2024

Moved to Go1.24 milestone since this need to be fixed on the main branch first (for Go 1.24), before being considered for backporting. Please use the usual process (https://go.dev/wiki/MinorReleases) to create a separate backport tracking issue in the Go1.23.1 milestone.

@findleyr It's important that issues in the minor milestones are the backport kind with a CherryPickCandidate label, otherwise we might miss them in our release meeting review. Thanks.

@dmitshur dmitshur modified the milestones: Go1.23.1, Go1.24 Aug 21, 2024
@dmitshur dmitshur added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Aug 21, 2024
@findleyr
Copy link
Contributor

Thanks again @dmitshur.

@gopherbot please backport this issue to 1.23: it is a regression that breaks the go command in certain environments.

@gopherbot
Copy link
Contributor

Backport issue(s) opened: #68995 (for 1.23).

Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://go.dev/wiki/MinorReleases.

@gabyhelp

This comment was marked as duplicate.

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/607595 mentions this issue: telemetry: do not crash parent if child could not be started

nirui added a commit to nirui/sshwifty that referenced this issue Aug 24, 2024
…ng/go#68976). We'll disable bugged `linux/arm64` and `linux/arm` Docker image builds for now to avoid the failure, and re-enable it after Golang team fixed the problem.
@findleyr findleyr added the telemetry x/telemetry issues label Aug 26, 2024
gopherbot pushed a commit to golang/telemetry that referenced this issue Aug 27, 2024
Instead of calling log.Fatal if the child could not be started, call
log.Print. Various factors in the user's environment could cause the
child to not be able to start, but that shouldn't crash the parent
process (usually the go command).

Change other fatals into prints with early returns when attempting to
start the child.

Reset the crash output file to clean up if the child process could not
be started and crashmonitoring is enabled.

Updates golang/go#68976

Change-Id: I42f55dc90f68f91b272a7ebf64d2a4a3b00815c7
Reviewed-on: https://go-review.googlesource.com/c/telemetry/+/607595
Commit-Queue: Michael Matloob <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Robert Findley <[email protected]>
@gopherbot
Copy link
Contributor

Change https://go.dev/cl/609195 mentions this issue: gopls: update x/telemetry to pick up recent bug fixes

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/609196 mentions this issue: [gopls-release-branch.0.16] gopls: update x/telemetry to pick up recent bug fixes

bwplotka added a commit to GoogleCloudPlatform/prometheus-engine that referenced this issue Sep 20, 2024
bwplotka added a commit to GoogleCloudPlatform/prometheus-engine that referenced this issue Sep 20, 2024
deadprogram added a commit to hybridgroup/gocv that referenced this issue Sep 21, 2024
deadprogram added a commit to hybridgroup/gocv that referenced this issue Sep 24, 2024
deadprogram added a commit to hybridgroup/gocv that referenced this issue Sep 27, 2024
@samstride
Copy link

samstride commented Oct 2, 2024

@prattmic

It will likely be in 1.23.2.

What is the newer version of QEMU that did not work?

Just tried a multi-arch build with go 1.23.2 and running into the same issue.

Has https://go.dev/cl/612218 been merged?

@dfioravanti
Copy link

dfioravanti commented Oct 2, 2024

@samstride It was not backported to 1.23.2, it now targets 1.23.3. You can follow the bug here. No idea why but I guess we need to wait for the next release

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/617417 mentions this issue: syscall: used SYS_EXIT_GROUP in CLONE_PIDFD feature check child

@prattmic
Copy link
Member

prattmic commented Oct 2, 2024

Apologies for that, there was confusion on the status of the backport because this issue wasn't closed when https://go.dev/cl/592078 went in. Closing now, as there are no more known issues (other than the maybe-Google-specifc #69259 (comment)).

@prattmic prattmic closed this as completed Oct 2, 2024
@dmitshur dmitshur added NeedsFix The path to resolution is known, but the work has not been done. and removed NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. labels Oct 2, 2024
gopherbot pushed a commit that referenced this issue Oct 3, 2024
Inside Google we have seen issues with QEMU user mode failing to wake a
parent waitid when this child exits with SYS_EXIT. This bug appears to
not affect SYS_EXIT_GROUP.

It is currently unclear if this is a general QEMU or specific to
Google's configuration, but SYS_EXIT and SYS_EXIT_GROUP are semantically
equivalent here, so we can use the latter here in case this is a general
QEMU bug.

For #68976.

Change-Id: I34e51088c9a6b7493a060e2a719a3cc4a3d54aa0
Reviewed-on: https://go-review.googlesource.com/c/go/+/617417
Reviewed-by: Ian Lance Taylor <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
@gopherbot
Copy link
Contributor

Change https://go.dev/cl/617716 mentions this issue: [release-branch.go1.23] syscall: use SYS_EXIT_GROUP in CLONE_PIDFD feature check child

gopherbot pushed a commit that referenced this issue Oct 11, 2024
…ture check

clone(CLONE_PIDFD) was added in Linux 5.2 and pidfd_open was added in
Linux 5.3. Thus our feature check for pidfd_open should be sufficient to
ensure that clone(CLONE_PIDFD) works.

Unfortuantely, some alternative Linux implementations may not follow
this strict ordering. For example, QEMU 7.2 (Dec 2022) added pidfd_open,
but clone(CLONE_PIDFD) was only added in QEMU 8.0 (Apr 2023).

Debian bookworm provides QEMU 7.2 by default.

For #68976.
Fixes #69259.

Change-Id: Ie3f3dc51f0cd76944871bf98690abf59f68fd7bf
Reviewed-on: https://go-review.googlesource.com/c/go/+/592078
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Cherry Mui <[email protected]>
(cherry picked from commit 7a5fc9b)
Reviewed-on: https://go-review.googlesource.com/c/go/+/612218
gopherbot pushed a commit that referenced this issue Oct 11, 2024
…ature check child

Inside Google we have seen issues with QEMU user mode failing to wake a
parent waitid when this child exits with SYS_EXIT. This bug appears to
not affect SYS_EXIT_GROUP.

It is currently unclear if this is a general QEMU or specific to
Google's configuration, but SYS_EXIT and SYS_EXIT_GROUP are semantically
equivalent here, so we can use the latter here in case this is a general
QEMU bug.

For #68976.
For #69259.

Change-Id: I34e51088c9a6b7493a060e2a719a3cc4a3d54aa0
Reviewed-on: https://go-review.googlesource.com/c/go/+/617417
Reviewed-by: Ian Lance Taylor <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
(cherry picked from commit 47a9935)
Reviewed-on: https://go-review.googlesource.com/c/go/+/617716
jc21 added a commit to jc21/docker-gotools that referenced this issue Nov 4, 2024
jc21 added a commit to NginxProxyManager/nginx-proxy-manager that referenced this issue Nov 4, 2024
mickael-kerjean added a commit to mickael-kerjean/filestash that referenced this issue Nov 20, 2024
As of today, arm had issue on go 1.23. The issue is known and not fixed
yet: golang/go#68976

Considering we can't downgrade to go 1.22 because of the missing
Partition Cookie feature, we have to disable arm for now
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
NeedsFix The path to resolution is known, but the work has not been done. telemetry x/telemetry issues
Projects
None yet
Development

No branches or pull requests