** Description changed: [Impact] The version of golang-google-grpc packaged in bionic and cosmic (1.6.0-3) crashes intermittently due to a race condition. Upstream bug report and pull requests: https://github.com/grpc/grpc-go/issues/1111 https://github.com/grpc/grpc-go/pull/1546 https://github.com/grpc/grpc-go/pull/1687 This can cause all packages Built-Using: golang-google-grpc=1.6.0-3 to crash as well (see https://bugs.launchpad.net/ubuntu/+source/etcd/+bug/1800973). The attached debdiff contains two upstream fixes squashed together: https://github.com/grpc/grpc-go/commit/22c3f92f5faea8db492fb0f5ae4daf0d2752b19e https://github.com/grpc/grpc-go/commit/c6b46087ab923e9f453ec433f99174cdd45b9b89 These fix the race by synchronizing the entire function. [Test Case] 1. Download the source: apt source golang-google-grpc && cd golang-google-grpc-1.6.0 2. Patch in the attached test cases: patch -p1 < test-cases-only.patch - Theses are part of the upstream patch. Only apply manually to verify problem pre-patch. 3. Build the package, running the test cases: dpkg-buildpackage --target clean,build - Since this is a race condition, the first test case is not guaranteed to fail. - The second test case should always fail. With the fixes applied there is no need for step 2 (the test cases are part of the patch) and step 3 succeeds every time without failure. [Regression Potential] - Any regressions are extremely unlikely due to the size and scope of the - patch. It removes a guard flag and instead synchronizes access to the - entire method with a mutex. The fix has been applied upstream since 30 - Nov 2017 and is still in use in the latest release: + Regressions are unlikely due to the size and scope of the patch. The fix + has been applied upstream since 30 Nov 2017 and is still in use in the + latest release: https://github.com/grpc/grpc- go/blob/v1.19.0/internal/transport/handler_server.go#L193 A possible source of regressions would be the squashing of the two commits into one. Luckily they were also applied upstream immediately one after the other so it should work without problems. + + Another source would be if these patches depended on some other changes + made since 1.6.0-3. However testing has not revealed this to be the + case. Issues might also arise from my inexperience in updating Ubuntu packages and submitting patches for Stable Release Updates. [Other Info] As golang-google-grpc is a Go library it is linked into other packages statically. This means that simply updating this package is not enough and dependents need to be rebuilt to benefit from these fixes. If this patch is accepted then I plan to open another SRU request to set the fixed version as a minimal build dependency for etcd to have it also rebuilt and resolve https://bugs.launchpad.net/ubuntu/+source/etcd/+bug/1800973. Release: Ubuntu 18.04.2 LTS Package: golang-google-grpc 1.6.0-3
** Patch added: "fix-race-sending-rpc-status.patch" https://bugs.launchpad.net/ubuntu/+source/golang-google-grpc/+bug/1819936/+attachment/5245886/+files/fix-race-sending-rpc-status.patch ** Also affects: etcd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1819936 Title: intermittent panic in 1.6.0-3 due to race in WriteStatus To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/etcd/+bug/1819936/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
