Rlimit cache rework for Go 1.23+ #4290
Conversation
|
This will fail CI because https://go.dev/cl/588076 is not yet in released Go versions. |
|
Thanks for working on this! <3 |
If we need golang to improve this issue, why not choose a simple way which can reduce two unnecessary syscalls. golang/go#66797 (comment) |
kolyshkin
added
backport/1.1-todo
We only do Set here (will update PR in a sec). |
|
|
a853a82 |
|
TODO: add CI for gotip, similar to how it's implemented here: Will do later. |
kolyshkin
force-pushed
the
rlimit-rework
branch
2 times, most recently
from
76a6a86
to
8860620
Compare
|
Codespell CI failure is unrelated; being fixed in #4291 |
kolyshkin
force-pushed
the
rlimit-rework
branch
7 times, most recently
from
b115856
to
adae1d2
Compare
|
OK, this PR now has an infra in place to test https://go.dev/cl/588076 once it will be merged. Currently, in Go 1.23 we have failures like this one (because the rlimit cache is not cleaned): Marking as draft for now, pending https://go.dev/cl/588076 merge. |
|
Now https://go.dev/cl/588076 is merged and everything works as it should, incl. go 1.23. |
|
Does that mean this is ready for review? 😅 (I see it's still in draft) |
It is now; PTAL. |
.github/workflows/test.yml
Outdated
| @@ -24,7 +24,7 @@ jobs: | |||
| fail-fast: false | |||
| matrix: | |||
| os: [ubuntu-20.04, ubuntu-22.04, actuated-arm64-6cpu-8gb] | |||
| go-version: [1.20.x, 1.21.x] | |||
| go-version: [1.20.x, 1.21.x, tip] | |||
There was a problem hiding this comment.
So we have to alway test the unreleased go version in the future? If there was something wrong in master branch of go repository, we would get ci failure too.
There was a problem hiding this comment.
So we have to alway test the unreleased go version in the future?
No, we don't.
The reason for adding this is simple. The code added is for Go 1.23, and there's no other way to test it, and I don't want to push the code that's not tested.
I can remove the gotip commit now when we saw it's working.
There was a problem hiding this comment.
Removed; PTAL @lifubang
|
Let's merge this so we can move forward with https://go-review.googlesource.com/c/go/+/587918 |
|
(and with the backport) |
Go 1.23 tightens access to internal symbols, and even puts runc into "hall of shame" for using an internal symbol (recently added by commit da68c8e). So, while not impossible, it becomes harder to access those internal symbols, and it is a bad idea in general. Since Go 1.23 includes https://go.dev/cl/588076, we can clean the internal rlimit cache by setting the RLIMIT_NOFILE for ourselves, essentially disabling the rlimit cache. Once Go 1.22 is no longer supported, we will remove the go:linkname hack. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
kolyshkin
added
backport/1.1-done
Since CL 588076 runc can do fine without the kludge. The code accessing the symbol is now guarded with `go:build !go1.23` in all supported runc branches (main: [1], release-1.1: [2]). This reverts part of CL 587219. Updates #67401. For #66797. [1]: opencontainers/runc#4290 [2]: opencontainers/runc#4299 Change-Id: I204843a93c36857e21ab9b43bd7aaf046e8b9787 Reviewed-on: https://go-review.googlesource.com/c/go/+/587918 Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Go 1.23 tightens access to internal symbols, and even puts runc into
"hall of shame" for using an internal symbol (recently added by commit
da68c8e). So, while not impossible, it becomes harder to access those
internal symbols, and it is a bad idea in general.
Since Go 1.23 includes https://go.dev/cl/588076, we can clean the
internal rlimit cache by setting the RLIMIT_NOFILE for ourselves,
essentially disabling the rlimit cache.
Once Go 1.22 is no longer supported, we will remove the go:linkname hack.