Skip to content

crypto/x509: FetchPEMRoots in CGO crashed with signal SIGSEGV when using http.Client.Do() on https URL #30889

New issue
New issue
Closed
Closed
crypto/x509: FetchPEMRoots in CGO crashed with signal SIGSEGV when using http.Client.Do() on https URL#30889
Labels
FrozenDueToAgeOS-Darwin
@marques-work

Description

@marques-work
marques-work
opened on Mar 17, 2019

What version of Go are you using (go version)?

$ go version
go version go1.12.1 darwin/amd64

Does this issue reproduce with the latest release?

Yes. Also tried on penultimate release (1.12.0).

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GOARCH="amd64"
GOBIN=""
GOCACHE="/Users/marqueslee/Library/Caches/go-build"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GOOS="darwin"
GOPATH="/Users/marqueslee/go"
GOPROXY=""
GORACE=""
GOROOT="/usr/local/Cellar/go/1.12.1/libexec"
GOTMPDIR=""
GOTOOLDIR="/usr/local/Cellar/go/1.12.1/libexec/pkg/tool/darwin_amd64"
GCCGO="gccgo"
CC="clang"
CXX="clang++"
CGO_ENABLED="1"
GOMOD=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/hf/0mtvkj9x2bvfgn3jmpzj4x480000gp/T/go-build332587635=/tmp/go-build -gno-record-gcc-switches -fno-common"

What did you do?

I'm running El Capitan (10.11.6). kern.osrelease reports 15.6.0.

Here's a small program to demonstrate the error.

main.go:

package main

import (
	"log"
	"net/http"
)

func main() {
	req, _ := http.NewRequest(`GET`, `https://build.gocd.org/go/auth/login`, nil)
	c := &http.Client{}
	if _, err := c.Do(req); err != nil {
		log.Fatal(err)
	}
}

The error happens intermittently, but often. To reproduce, run this in succession:

# Compile
go build main.go

# Run in loop; this will panic in successive runs
while true; do
  ./main
  sleep 1
done

What did you expect to see?

This should not panic

What did you see instead?

A SIGSEGV panic


Details
fatal error: unexpected signal during runtime execution
[signal SIGSEGV: segmentation violation code=0x1 addr=0x474338 pc=0x7fff9ab594dd]

runtime stack:
runtime.throw(0x12c36ca, 0x2a)
	/usr/local/Cellar/go/1.12.1/libexec/src/runtime/panic.go:617 +0x72
runtime.sigpanic()
	/usr/local/Cellar/go/1.12.1/libexec/src/runtime/signal_unix.go:374 +0x4a9

goroutine 23 [syscall]:
runtime.cgocall(0x1001840, 0xc000155470, 0xc000126fd8)
	/usr/local/Cellar/go/1.12.1/libexec/src/runtime/cgocall.go:128 +0x5b fp=0xc000155440 sp=0xc000155408 pc=0x1004a5b
crypto/x509._Cfunc_FetchPEMRoots(0xc000126fd0, 0xc000126fd8, 0xc00013ec00, 0x0)
	_cgo_gotypes.go:110 +0x4d fp=0xc000155470 sp=0xc000155440 pc=0x116473d
crypto/x509.loadSystemRoots.func1(0xc000126fd0, 0xc000126fd8, 0x10181df)
	/usr/local/Cellar/go/1.12.1/libexec/src/crypto/x509/root_cgo_darwin.go:281 +0x12d fp=0xc0001554b0 sp=0xc000155470 pc=0x116886d
crypto/x509.loadSystemRoots(0x0, 0x0, 0x0)
	/usr/local/Cellar/go/1.12.1/libexec/src/crypto/x509/root_cgo_darwin.go:281 +0xec fp=0xc000155580 sp=0xc0001554b0 pc=0x11648ac
crypto/x509.initSystemRoots()
	/usr/local/Cellar/go/1.12.1/libexec/src/crypto/x509/root.go:21 +0x26 fp=0xc0001555a8 sp=0xc000155580 pc=0x11595f6
sync.(*Once).Do(0x14f1ed8, 0x12cb840)
	/usr/local/Cellar/go/1.12.1/libexec/src/sync/once.go:44 +0xb3 fp=0xc0001555d8 sp=0xc0001555a8 pc=0x106a203
crypto/x509.systemRootsPool(...)
	/usr/local/Cellar/go/1.12.1/libexec/src/crypto/x509/root.go:16
crypto/x509.(*Certificate).Verify(0xc000164000, 0xc0000c20c0, 0xe, 0xc0001385a0, 0x0, 0xbf1b96b860085910, 0x5402e41, 0x14d55e0, 0x0, 0x0, ...)
	/usr/local/Cellar/go/1.12.1/libexec/src/crypto/x509/verify.go:744 +0x6ca fp=0xc0001556f0 sp=0xc0001555d8 pc=0x115d2da
crypto/tls.(*Conn).verifyServerCertificate(0xc00010e380, 0xc000138060, 0x2, 0x2, 0xadb, 0x0)
	/usr/local/Cellar/go/1.12.1/libexec/src/crypto/tls/handshake_client.go:838 +0x26a fp=0xc000155888 sp=0xc0001556f0 pc=0x118c36a
crypto/tls.(*clientHandshakeState).doFullHandshake(0xc000155dc8, 0xc00013a070, 0x6a)
	/usr/local/Cellar/go/1.12.1/libexec/src/crypto/tls/handshake_client.go:454 +0x1869 fp=0xc000155bc0 sp=0xc000155888 pc=0x118a4b9
crypto/tls.(*clientHandshakeState).handshake(0xc000155dc8, 0xc00013c000, 0x0)
	/usr/local/Cellar/go/1.12.1/libexec/src/crypto/tls/handshake_client.go:399 +0x3fb fp=0xc000155cc8 sp=0xc000155bc0 pc=0x118887b
crypto/tls.(*Conn).clientHandshake(0xc00010e380, 0x0, 0x0)
	/usr/local/Cellar/go/1.12.1/libexec/src/crypto/tls/handshake_client.go:208 +0x2cd fp=0xc000155f38 sp=0xc000155cc8 pc=0x1186ecd
crypto/tls.(*Conn).Handshake(0xc00010e380, 0x0, 0x0)
	/usr/local/Cellar/go/1.12.1/libexec/src/crypto/tls/conn.go:1343 +0xef fp=0xc000155f78 sp=0xc000155f38 pc=0x118559f
net/http.(*persistConn).addTLS.func2(0x0, 0xc00010e380, 0xc0000b42d0, 0xc0000b07e0)
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/transport.go:1190 +0x42 fp=0xc000155fc0 sp=0xc000155f78 pc=0x1222d02
runtime.goexit()
	/usr/local/Cellar/go/1.12.1/libexec/src/runtime/asm_amd64.s:1337 +0x1 fp=0xc000155fc8 sp=0xc000155fc0 pc=0x1058401
created by net/http.(*persistConn).addTLS
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/transport.go:1186 +0x1ab

goroutine 1 [select]:
net/http.(*Transport).getConn(0x14d07a0, 0xc0000bebd0, 0x0, 0x12c1819, 0x5, 0xc0000c20c0, 0x12, 0x0, 0x0, 0x0, ...)
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/transport.go:1020 +0x63d
net/http.(*Transport).roundTrip(0x14d07a0, 0xc000120000, 0x0, 0xc0000e5bb0, 0xc0000e5b88)
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/transport.go:467 +0x6ef
net/http.(*Transport).RoundTrip(0x14d07a0, 0xc000120000, 0x14d07a0, 0x0, 0x0)
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/roundtrip.go:17 +0x35
net/http.send(0xc000120000, 0x130f7c0, 0x14d07a0, 0x0, 0x0, 0x0, 0xc0000ae020, 0x0, 0x1, 0x0)
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/client.go:250 +0x461
net/http.(*Client).send(0xc0000bea80, 0xc000120000, 0x0, 0x0, 0x0, 0xc0000ae020, 0x0, 0x1, 0x14d6060)
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/client.go:174 +0xfb
net/http.(*Client).do(0xc0000bea80, 0xc000120000, 0x0, 0x0, 0x0)
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/client.go:641 +0x279
net/http.(*Client).Do(...)
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/client.go:509
main.main()
	/Users/marqueslee/repos/go/main.go:11 +0x8a

goroutine 18 [chan receive]:
net/http.(*persistConn).addTLS(0xc0000c47e0, 0xc0000c20c0, 0xe, 0x0, 0xc0000c20cf, 0x3)
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/transport.go:1196 +0x1d4
net/http.(*Transport).dialConn(0x14d07a0, 0x1314240, 0xc0000c0048, 0x0, 0x12c1819, 0x5, 0xc0000c20c0, 0x12, 0x0, 0x0, ...)
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/transport.go:1269 +0x1cde
net/http.(*Transport).getConn.func4(0x14d07a0, 0x1314240, 0xc0000c0048, 0xc0000bec00, 0xc0000ca0c0)
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/transport.go:1015 +0xa6
created by net/http.(*Transport).getConn
	/usr/local/Cellar/go/1.12.1/libexec/src/net/http/transport.go:1014 +0x455

Metadata

Metadata

Assignees

No one assigned

    Labels

    FrozenDueToAgeOS-Darwin

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions