Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/build: failing test in x/sys/unix since Linux builder update #25354

Closed
tklauser opened this issue May 11, 2018 · 6 comments

Comments

Projects
None yet
4 participants
@tklauser
Copy link
Member

commented May 11, 2018

TestSCMCredentials in golang.org/x/sys/unix fails on all linux builders:

https://build.golang.org/log/e3c1adc5394f1c8d24cf8eaffaac90b69105cccf
https://build.golang.org/log/221593d098a3343a7249689138ae3db458909cc4
https://build.golang.org/log/d03f8c8aa75e69e86d3527fe263ac16e6a291a1a

It already failed during the trybot runs for https://golang.org/cl/112696 but the CL is unrelated to the failing TestSCMCredentials.

Presumably this is caused by the recent Linux builder changes regarding #25108?

/cc @bradfitz

@gopherbot gopherbot added this to the Unreleased milestone May 11, 2018

@gopherbot

This comment has been minimized.

Copy link

commented May 11, 2018

Change https://golang.org/cl/107935 mentions this issue: runtime/race: implement race detector for ppc64le

@gopherbot gopherbot added the Builders label May 11, 2018

@bradfitz

This comment has been minimized.

Copy link
Member

commented May 11, 2018

The test tries to send a message to its PID minus one and expect it to not have permissions? But we're root now (unlike our fake root in Kubernetes before), so we do have permissions, but the PID-minus-one just doesn't exist?

                var ucred unix.Ucred
                ucred.Pid = int32(os.Getpid() - 1)
                ucred.Uid = uint32(os.Getuid())
                ucred.Gid = uint32(os.Getgid())
                oob := unix.UnixCredentials(&ucred)
                _, _, err = cli.(*net.UnixConn).WriteMsgUnix(nil, oob, nil)
                if op, ok := err.(*net.OpError); ok {
                        err = op.Err
                }
                if sys, ok := err.(*os.SyscallError); ok {
                        err = sys.Err
                }
                if err != syscall.EPERM {
                        t.Fatalf("WriteMsgUnix failed with %v, want EPERM", err)
                }
@bradfitz

This comment has been minimized.

Copy link
Member

commented May 11, 2018

@hugelgupf, can you help us fix this failing test?

We moved Go's builders from Kubernetes pods to privileged Docker containers under GCE Contained-Optimized OS and now there are behavior differences in this test you added in golang/sys@f67933e

Thanks!

@hugelgupf

This comment has been minimized.

Copy link
Contributor

commented May 11, 2018

Now that you are root, the test is somewhat moot. Both before and after I made that change, you were looking to elicit EPERM from the kernel -- once you have all capabilities, that's not going to happen. Essentially, you are testing the syscall here, not the Go logic.

You could add some logic where you spawn a new thread, lock it to an OS thread, drop capabilities and change user ID (just on the thread by doing syscall.Syscall(SYS_SETUID), not the POSIX-compliant thing that changes all threads), and then try to elicit EPERM -- but I would say it's not really worth it unless you are trying to test the syscall itself.

My 2c: just delete it.

@gopherbot

This comment has been minimized.

Copy link

commented May 11, 2018

Change https://golang.org/cl/112738 mentions this issue: unix: fix TestSCMCredentials to not fail when root

@bradfitz

This comment has been minimized.

Copy link
Member

commented May 11, 2018

@golang golang locked and limited conversation to collaborators May 11, 2019

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.