runtime: LockOSThread locked thread cloned and state inherited #29613
Labels
Comments
Thanks. This is almost certainly #28979 which will be fixed in the upcoming 1.11.5 and 1.12 releases. |
Indeed, that's it. I'll re-check w/ 1.11.5, thanks! |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
1.11.4 is currently the latest release
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
This behavior was noted as part of much larger program that runs as a setuid (non-root) binary so can't be reproduced on play.golang.org. The program makes heavy use of runtime.LockOSThread and syscall.SYS_SETRESUID to drop privileges by setting r=e=suid=(original ruid). However, I'm getting occasional failures in calls that explicitly set raised privileges:
Error: Privileged setresuid(1) call failed for 'incoming message': 1; thread 1459 r/e/suid: 56486/56486/56486
This shows that thread 1459 was cloned from a fully drop-privileged thread.
What did you expect to see?
New worker threads not being cloned from threads locked with LockOSThread
What did you see instead?
Threads cloned from LockOSThread altered-threads that carried over state, in this case irrevocably dropped privileges
The text was updated successfully, but these errors were encountered: