Error with GitLab SAST Template: “runtime/cgo: pthread_create failed: Operation not permitted”

Hello everyone,

I am currently trying to use the GitLab SAST template, specifically the MobSF Android scan, in a GitLab CI pipeline. However, I’ve encountered an issue that I’m hoping someone might be able to help me with.

When the “analyzer run” is executed in the runner, I get the following error: "runtime/cgo: pthread_create failed: Operation not permitted". I’m not sure why this error is occurring or how to fix it.

Here’s some information about my current setup:

  • I am using a self-hosted runner.
  • The runner is running on Ubuntu 20.04.2 LTS.
  • Docker version 20.10.7 was installed via the “sudo apt install” command.
  • I’m using gitlab-runner-v14.7.0.

I would appreciate any insights into why this error might be occurring and how I can fix it. I’m ready to share any additional information that might be required to diagnose this issue.

My assumptions are that the package might be the issue and installing the official docker from the site, not that sure on this take.

Thank you in advance for your help!

I searched for this specific error string using Google search, and landed on runtime/cgo: pthread_create failed: Operation not permitted · Issue #467 · docker-library/golang · GitHub which says to upgrade Docker to 20.10.24 or newer. To my knowledge, the upstream Ubuntu packages for Docker are often outdated, and it is recommended to use the official Docker package repository instead.

Potentially unrelated note - GitLab Runner 14.7.0 is 2+ years old and not supported anymore. Suggest planning an upgrade, too. Similar to Ubuntu 20.04 LTS which will be EOL in April 2025.

1 Like

Thanks for the reply Michael, I see your point about using the official docker repo, and updating the runner and the os.
But when we suggested this changes to the runner, the team’s response was hesitant and they wanted a POC for this fix, and as of now I’m trying to setup another runner of the identical specs but I cannot find the older and install it.
So for now i’m trying to figure out a workaround without touching the runner as it might also break the other jobs of the gitlab CI. Any suggestions will be helpful.

If you are a customer, I’d suggest working with our support teams and figure out a potential path forward, through a support ticket.

For conducting a PoC, it could be an idea to clone the virtual machine with GitLab Runner and Docker installed, and then do

  1. Re-register the runner as a new temporary fix runner
  2. Upgrade Docker and verify if the problem is fixed
  3. Document the process and results