Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] go build errors after upgrading to 1.59.0 #2504

Closed
pdeva opened this issue Jan 13, 2024 · 11 comments · Fixed by #2524
Closed

[BUG] go build errors after upgrading to 1.59.0 #2504

pdeva opened this issue Jan 13, 2024 · 11 comments · Fixed by #2524
Labels
appsec bug unintended behavior that has to be fixed

Comments

@pdeva
Copy link

pdeva commented Jan 13, 2024

I upgraded from 1.58.1 to 1.59.0

Screenshot 2024-01-13 at 2 25 53 PM

Doing so results in tons of errors when running go build

Screenshot 2024-01-13 at 2 25 49 PM

system info:

Debian GNU/Linux 12 (bookworm)
go version go1.21.5 linux/amd64
@pdeva pdeva added the bug unintended behavior that has to be fixed label Jan 13, 2024
@github-actions github-actions bot added apm:ecosystem contrib/* related feature requests or bugs needs-triage New issues that have not yet been triaged labels Jan 13, 2024
@RomainMuller
Copy link
Contributor

Hey @pdeva,

Can you also provide the output of go env (feel free to redact any value that you don't feel comfortable sharing)?

@Julio-Guerra Julio-Guerra added appsec and removed apm:ecosystem contrib/* related feature requests or bugs needs-triage New issues that have not yet been triaged labels Jan 15, 2024
@RomainMuller
Copy link
Contributor

RomainMuller commented Jan 15, 2024
edited
Loading

Seems like hit isn't just with dd-trace-go so it could be a broken purego version (see ebitengine/purego#189). Can you please look in your go.sum file and tell us what version of github.com/ebitengine/purego is currently resolved?

We tested against v0.5.1 and suspect the v0.6.0-alpha is currently somehow broken.

@hajimehoshi hajimehoshi mentioned this issue Jan 15, 2024
Closed
@pdeva
Copy link
Author

pdeva commented Jan 16, 2024

seeing this for purego:

github.com/ebitengine/purego v0.6.0-alpha.2 h1:lYSvMtNBEjNGAzqPC5WP7bHUOxkFU3L+JZMdxK7krkw=
github.com/ebitengine/purego v0.6.0-alpha.2/go.mod h1:ah1In8AOtksoNK6yk5z1HTJeUkC1Ez4Wk2idgGslMwQ=

@pdeva
Copy link
Author

pdeva commented Jan 16, 2024

output of go env

GO111MODULE=''
GOARCH='amd64'
GOBIN=''
GOCACHE='/home/pdeva/.cache/go-build'
GOENV='/home/pdeva/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMODCACHE='/home/pdeva/go/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/home/pdeva/go'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.21.5'
GCCGO='gccgo'
GOAMD64='v1'
AR='ar'
CC='gcc'
CXX='g++'
CGO_ENABLED='1'
GOMOD='/home/pdeva/code/monorepo/go.mod'
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build2973484752=/tmp/go-build -gno-record-gcc-switches'

@RomainMuller
Copy link
Contributor

Okay, so it would appear the version of github.com/ebitengine/purego is not to blame here, and from tracking ebitengine/purego#189 it seems like a plausible cause for this issue could be that your package or one of its dependencies has CGO pragmas that add linker flags (e.g. //#cgo LDFLAGS: <...>) which end up breaking the linkage.

It would probably be a good starting point to grep your codebase & dependencies for //#cgo and see if anything stands out there... I also definitely would recommend following the issue on purego, as it might yield a workaround faster to get you un-blocked.

Also -- if you are not interested in Datadog's Application Security Management features, you should be able to unblock yourself (at least until we have a clean way to address this problem) by adding the datadog.no_waf build tag.

@pdeva
Copy link
Author

pdeva commented Jan 16, 2024

the datadog.no_waf tag stuff works. but now this is an arg we need to add everywhere. why is this the default? by default everything should compile without any flags or anything. the waf stuff should be opt-in considering how fragile it is. i dont know any cgo stuff in our codebase and i shouldnt have to go on a hunt cause you decided to turn on a feature by default that i dont want.

@RomainMuller
Copy link
Contributor

We're in complete agreement that things should work "out of the box" without any special configuration. We had extensively tested (including on Datadog's own services) and have not encountered any issue, which somewhat contradicts the WAF being "fragile".

I understand you have better things to do with you time than chase through your dependencies for something possibly incompatible. We're trying to understand what the problem is here so that we hopefully can address it quickly. We should be able to survey your dependencies if you're able to provide us the contents of the go.sum file.

We've also already started discussing alternative approaches here that would entirely remove this particular problem.

In therms of a workaround in the short term... you could also try to set CGO_ENABLED=0 in your build environments -- this can be easier to perform at scale than adding a go build tag, although there as well, we absolutely agree you should not normally have to do any of this.

@RomainMuller
Copy link
Contributor

Seems like purego released a fixed version, can you try to run go get -u again and see if the issue is fixed?

@eliottness
Copy link
Contributor

eliottness commented Jan 18, 2024
edited
Loading

The new versions are not tagged yet but you can run go get github.com/ebitengine/purego@main or wait until they release/backport it. It should not take more than a day or two.

@hajimehoshi
Copy link

hajimehoshi commented Jan 21, 2024
edited by eliottness
Loading

PureGo v0.5.2 was recently released. Please try this.

@eliottness eliottness mentioned this issue Jan 22, 2024
Merged
8 tasks
@eliottness
Copy link
Contributor

The definitive fix for this issue is to upgrade to v1.59.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
appsec bug unintended behavior that has to be fixed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

go.mod: upgrade purego v0.5.0 => upgrade purego v0.5.2 DataDog/dd-trace-go
5 participants
@hajimehoshi @Julio-Guerra @RomainMuller @pdeva @eliottness