runtime: "runtime·lock: lock count" fatal error when cgo is enabled [1.19 backport] #56309

gopherbot · 2022-10-18T20:59:02Z

@prattmic requested issue #56243 to be considered for backport to the next 1.19 minor release.

@gopherbot Please backport to 1.18 and 1.19

This issue is not new but can cause random memory corruption in any program that has a goroutine exit with LockOSThread set.

gopherbot · 2022-10-18T21:13:52Z

Change https://go.dev/cl/443815 mentions this issue: [release-branch.go1.19] runtime: always keep global reference to mp until mexit completes

gopherbot · 2022-10-24T17:29:41Z

Closed by merging 0cc20ec to release-branch.go1.19.

…ntil mexit completes Ms are allocated via standard heap allocation (`new(m)`), which means we must keep them alive (i.e., reachable by the GC) until we are completely done using them. Ms are primarily reachable through runtime.allm. However, runtime.mexit drops the M from allm fairly early, long before it is done using the M structure. If that was the last reference to the M, it is now at risk of being freed by the GC and used for some other allocation, leading to memory corruption. Ms with a Go-allocated stack coincidentally already keep a reference to the M in sched.freem, so that the stack can be freed lazily. This reference has the side effect of keeping this Ms reachable. However, Ms with an OS stack skip this and are at risk of corruption. Fix this lifetime by extending sched.freem use to all Ms, with the value of mp.freeWait determining whether the stack needs to be freed or not. For #56243. Fixes #56309. Change-Id: Ic0c01684775f5646970df507111c9abaac0ba52e Reviewed-on: https://go-review.googlesource.com/c/go/+/443716 TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Michael Pratt <mpratt@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> (cherry picked from commit e252dcf) Reviewed-on: https://go-review.googlesource.com/c/go/+/443815 Reviewed-by: Austin Clements <austin@google.com>

On Windows, syscall.StartProcess and os/exec.Cmd did not properly check for invalid environment variable values. A malicious environment variable value could exploit this behavior to set a value for a different environment variable. For example, the environment variable string "A=B\x00C=D" set the variables "A=B" and "C=D". Thanks to RyotaK (https://twitter.com/ryotkak) for reporting this issue. This is CVE-2022-41716 and Go issue https://go.dev/issue/56284. This Go release also fixes golang/go#56309, a runtime bug which can cause random memory corruption when a goroutine exits with runtime.LockOSThread() set. This fix is necessary to unblock work to replace certain uses of pkg/reexec with unshared OS threads. Signed-off-by: Cory Snider <csnider@mirantis.com>

On Windows, syscall.StartProcess and os/exec.Cmd did not properly check for invalid environment variable values. A malicious environment variable value could exploit this behavior to set a value for a different environment variable. For example, the environment variable string "A=B\x00C=D" set the variables "A=B" and "C=D". Thanks to RyotaK (https://twitter.com/ryotkak) for reporting this issue. This is CVE-2022-41716 and Go issue https://go.dev/issue/56284. This Go release also fixes golang/go#56309, a runtime bug which can cause random memory corruption when a goroutine exits with runtime.LockOSThread() set. This fix is necessary to unblock work to replace certain uses of pkg/reexec with unshared OS threads. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

On Windows, syscall.StartProcess and os/exec.Cmd did not properly check for invalid environment variable values. A malicious environment variable value could exploit this behavior to set a value for a different environment variable. For example, the environment variable string "A=B\x00C=D" set the variables "A=B" and "C=D". Thanks to RyotaK (https://twitter.com/ryotkak) for reporting this issue. This is CVE-2022-41716 and Go issue https://go.dev/issue/56284. This Go release also fixes golang/go#56309, a runtime bug which can cause random memory corruption when a goroutine exits with runtime.LockOSThread() set. This fix is necessary to unblock work to replace certain uses of pkg/reexec with unshared OS threads. Signed-off-by: Cory Snider <csnider@mirantis.com> (cherry picked from commit f9d4589) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

On Windows, syscall.StartProcess and os/exec.Cmd did not properly check for invalid environment variable values. A malicious environment variable value could exploit this behavior to set a value for a different environment variable. For example, the environment variable string "A=B\x00C=D" set the variables "A=B" and "C=D". Thanks to RyotaK (https://twitter.com/ryotkak) for reporting this issue. This is CVE-2022-41716 and Go issue https://go.dev/issue/56284. This Go release also fixes golang/go#56309, a runtime bug which can cause random memory corruption when a goroutine exits with runtime.LockOSThread() set. This fix is necessary to unblock work to replace certain uses of pkg/reexec with unshared OS threads. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

fixes golang/go#56309

This Go release fixes golang/go#56309 Fixes kata-containers#5773 Signed-off-by: Alexandru Matei <alexandru.matei@uipath.com>

…ntil mexit completes Ms are allocated via standard heap allocation (`new(m)`), which means we must keep them alive (i.e., reachable by the GC) until we are completely done using them. Ms are primarily reachable through runtime.allm. However, runtime.mexit drops the M from allm fairly early, long before it is done using the M structure. If that was the last reference to the M, it is now at risk of being freed by the GC and used for some other allocation, leading to memory corruption. Ms with a Go-allocated stack coincidentally already keep a reference to the M in sched.freem, so that the stack can be freed lazily. This reference has the side effect of keeping this Ms reachable. However, Ms with an OS stack skip this and are at risk of corruption. Fix this lifetime by extending sched.freem use to all Ms, with the value of mp.freeWait determining whether the stack needs to be freed or not. For golang#56243. Fixes golang#56309. Change-Id: Ic0c01684775f5646970df507111c9abaac0ba52e Reviewed-on: https://go-review.googlesource.com/c/go/+/443716 TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Michael Pratt <mpratt@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> (cherry picked from commit e252dcf) Reviewed-on: https://go-review.googlesource.com/c/go/+/443815 Reviewed-by: Austin Clements <austin@google.com>

On Windows, syscall.StartProcess and os/exec.Cmd did not properly check for invalid environment variable values. A malicious environment variable value could exploit this behavior to set a value for a different environment variable. For example, the environment variable string "A=B\x00C=D" set the variables "A=B" and "C=D". Thanks to RyotaK (https://twitter.com/ryotkak) for reporting this issue. This is CVE-2022-41716 and Go issue https://go.dev/issue/56284. This Go release also fixes golang/go#56309, a runtime bug which can cause random memory corruption when a goroutine exits with runtime.LockOSThread() set. This fix is necessary to unblock work to replace certain uses of pkg/reexec with unshared OS threads. Signed-off-by: Cory Snider <csnider@mirantis.com> (cherry picked from commit f9d4589) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

On Windows, syscall.StartProcess and os/exec.Cmd did not properly check for invalid environment variable values. A malicious environment variable value could exploit this behavior to set a value for a different environment variable. For example, the environment variable string "A=B\x00C=D" set the variables "A=B" and "C=D". Thanks to RyotaK (https://twitter.com/ryotkak) for reporting this issue. This is CVE-2022-41716 and Go issue https://go.dev/issue/56284. This Go release also fixes golang/go#56309, a runtime bug which can cause random memory corruption when a goroutine exits with runtime.LockOSThread() set. This fix is necessary to unblock work to replace certain uses of pkg/reexec with unshared OS threads. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 85eee32) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

On Windows, syscall.StartProcess and os/exec.Cmd did not properly check for invalid environment variable values. A malicious environment variable value could exploit this behavior to set a value for a different environment variable. For example, the environment variable string "A=B\x00C=D" set the variables "A=B" and "C=D". Thanks to RyotaK (https://twitter.com/ryotkak) for reporting this issue. This is CVE-2022-41716 and Go issue https://go.dev/issue/56284. This Go release also fixes golang/go#56309, a runtime bug which can cause random memory corruption when a goroutine exits with runtime.LockOSThread() set. This fix is necessary to unblock work to replace certain uses of pkg/reexec with unshared OS threads. Signed-off-by: Cory Snider <csnider@mirantis.com> (cherry picked from commit f9d4589) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

On Windows, syscall.StartProcess and os/exec.Cmd did not properly check for invalid environment variable values. A malicious environment variable value could exploit this behavior to set a value for a different environment variable. For example, the environment variable string "A=B\x00C=D" set the variables "A=B" and "C=D". Thanks to RyotaK (https://twitter.com/ryotkak) for reporting this issue. This is CVE-2022-41716 and Go issue https://go.dev/issue/56284. This Go release also fixes golang/go#56309, a runtime bug which can cause random memory corruption when a goroutine exits with runtime.LockOSThread() set. This fix is necessary to unblock work to replace certain uses of pkg/reexec with unshared OS threads. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 85eee32) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

gopherbot added the CherryPickCandidate Used during the release process for point releases label Oct 18, 2022

gopherbot mentioned this issue Oct 18, 2022

runtime: "runtime·lock: lock count" fatal error when cgo is enabled #56243

Closed

gopherbot added this to the Go1.19.3 milestone Oct 18, 2022

gopherbot added the compiler/runtime Issues related to the Go compiler and/or runtime. label Oct 18, 2022

dr2chase added the CherryPickApproved Used during the release process for point releases label Oct 19, 2022

gopherbot removed the CherryPickCandidate Used during the release process for point releases label Oct 19, 2022

hawkingrei mentioned this issue Oct 20, 2022

TestFailBusyServerCop: runtime·lock: lock count pingcap/tidb#37022

Closed

gopherbot closed this as completed Oct 24, 2022

corhere mentioned this issue Nov 1, 2022

Update to Go 1.19.3 to address CVE-2022-41716 moby/moby#44388

Merged

hawkingrei mentioned this issue Nov 4, 2022

*: upgrade golang 1.19.3 pingcap/tidb#38805

Merged

12 tasks

thaJeztah mentioned this issue Nov 5, 2022

[master] update to Go 1.19.3 to address CVE-2022-41716 docker/docker-ce-packaging#781

Merged

thaJeztah mentioned this issue Nov 5, 2022

[20.10] update to Go 1.18.8 to address CVE-2022-41716 docker/docker-ce-packaging#782

Merged

This was referenced Nov 5, 2022

Update to Go 1.19.3 to address CVE-2022-41716 docker/cli#3850

Merged

[20.10] update to Go 1.18.8 to address CVE-2022-41716 docker/cli#3851

Merged

thaJeztah mentioned this issue Nov 5, 2022

[22.06 backport] Update to Go 1.19.3 to address CVE-2022-41716 moby/moby#44411

Merged

thaJeztah mentioned this issue Nov 5, 2022

[20.10] update to Go 1.18.8 to address CVE-2022-41716 moby/moby#44412

Merged

This was referenced Nov 5, 2022

[release/1.5] update to Go 1.18.8 to address CVE-2022-41716 containerd/containerd#7633

Merged

[release/1.6] update to Go 1.18.8 to address CVE-2022-41716 containerd/containerd#7634

Merged

samuelkarp added a commit to moby/moby that referenced this issue Nov 9, 2022

Merge pull request #44411 from thaJeztah/22.06_backport_bump_go1.19.3

38152f4

fixes golang/go#56309

samuelkarp added a commit to moby/moby that referenced this issue Nov 9, 2022

Merge pull request #44412 from thaJeztah/20.10_bump_go_1.18.8

4ed81ac

fixes golang/go#56309

alex-matei added a commit to UiPath/kata-containers that referenced this issue Nov 25, 2022

build: update golang version to 1.19.3

a8c9b3c

This Go release fixes golang/go#56309 Fixes kata-containers#5773 Signed-off-by: Alexandru Matei <alexandru.matei@uipath.com>

alex-matei mentioned this issue Nov 25, 2022

build: update golang version to 1.19.3 kata-containers/kata-containers#5774

Merged

alex-matei added a commit to UiPath/kata-containers that referenced this issue Nov 26, 2022

build: update golang version to 1.19.3

f8211e6

This Go release fixes golang/go#56309 Fixes kata-containers#5773 Signed-off-by: Alexandru Matei <alexandru.matei@uipath.com>

alex-matei added a commit to UiPath/kata-containers that referenced this issue Nov 28, 2022

build: update golang version to 1.19.3

f443b78

This Go release fixes golang/go#56309 Fixes kata-containers#5773 Signed-off-by: Alexandru Matei <alexandru.matei@uipath.com>

mheon mentioned this issue Jan 17, 2023

fatal error: runtime-unlock: lock count, followed by stacktrace containers/podman#17146

Closed

golang locked and limited conversation to collaborators Oct 24, 2023

gopherbot added the FrozenDueToAge label Oct 24, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

runtime: "runtime·lock: lock count" fatal error when cgo is enabled [1.19 backport] #56309

runtime: "runtime·lock: lock count" fatal error when cgo is enabled [1.19 backport] #56309

gopherbot commented Oct 18, 2022

gopherbot commented Oct 18, 2022

gopherbot commented Oct 24, 2022

runtime: "runtime·lock: lock count" fatal error when cgo is enabled [1.19 backport] #56309

runtime: "runtime·lock: lock count" fatal error when cgo is enabled [1.19 backport] #56309

Comments

gopherbot commented Oct 18, 2022

gopherbot commented Oct 18, 2022

gopherbot commented Oct 24, 2022