PackageFromDirectory segfault
howardjohn opened this issue · comments
We seemed to get a flake in the bom generation in one of our runs:
https://prow.istio.io/view/gs/istio-prow/logs/release_istio_postsubmit/1672283647324983296
2023-06-23T17:00:38.941316Z info Running command: bom --log-level error generate --name Istio Source 1.19-alpha.e472f349a52e8721616b3863831b0c30485715f2 --namespace https://storage.googleapis.com/istio-release/releases/1.19-alpha.e472f349a52e8721616b3863831b0c30485715f2/istio-source.spdx --dirs /tmp/tmp.tyao4dBCD0/build/work/src/istio.io/istio --output /tmp/tmp.tyao4dBCD0/build/out/istio-source.spdx
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x48 pc=0x8bcb58]
goroutine 1129 [running]:
sigs.k8s.io/bom/pkg/spdx.(*spdxDefaultImplementation).PackageFromDirectory.func1({0xc0002c4d00, 0x33}, 0xc0016b0680)
/tmp/go/pkg/mod/sigs.k8s.io/bom@v0.5.1/pkg/spdx/implementation.go:1032 +0x378
created by sigs.k8s.io/bom/pkg/spdx.(*spdxDefaultImplementation).PackageFromDirectory
/tmp/go/pkg/mod/sigs.k8s.io/bom@v0.5.1/pkg/spdx/implementation.go:1047 +0x995
Error: failed to build: failed to generate sbom: couldn't generate sbom for istio source: exit status 2
As far as I can tell there is nothing special about this specific run, so I am not sure why its failing now.
Huh. no clue how this can happen:
bom/pkg/spdx/implementation.go
Line 1032 in 5b4933b
lic is not nil per L1028 and f is not nil per L1027
Mmh it looks like a combo of scope creep and and a race conditions. I'll try a fix.
Thanks for the report @howardjohn !
/assign