Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

terrascan scan crashes with runtime: goroutine stack exceeds 1000000000-byte limit #406

Closed
ismailyenigul opened this issue Nov 25, 2020 · 2 comments · Fixed by #393
Closed

terrascan scan crashes with runtime: goroutine stack exceeds 1000000000-byte limit #406

ismailyenigul opened this issue Nov 25, 2020 · 2 comments · Fixed by #393

Comments

@ismailyenigul
Copy link

  • terrascan version: version: v1.2.0
  • Operating System: MacOS

Description

terrascan scan -i terraform -t aws crashes

What I Did

testing terraform code at https://github.com/cloudposse/terraform-aws-vpc-flow-logs-s3-bucket

$ git clone https://github.com/cloudposse/terraform-aws-vpc-flow-logs-s3-bucket
$ cd terraform-aws-vpc-flow-logs-s3-bucket/examples/complete
$ mv fixtures.us-east-2.tfvars terraform.tfvars
$ cat main.tf

provider "aws" {
  region = var.region
}

module "vpc" {
  // https://github.com/cloudposse/terraform-aws-vpc
  source     = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=0.17.0"
  enabled    = module.this.enabled
  namespace  = module.this.namespace
  stage      = module.this.stage
  name       = module.this.name
  cidr_block = "172.16.0.0/16"
}

module "flow_logs" {
  source = "../../"

  context = module.this.context
  region  = var.region
  vpc_id  = module.vpc.vpc_id

  // For testing
  force_destroy = true
}
  

$ terraform plan # to verify the code functionality
...
 module.flow_logs.module.s3_bucket.aws_s3_bucket_public_access_block.default[0] will be created
  + resource "aws_s3_bucket_public_access_block" "default" {
      + block_public_acls       = true
      + block_public_policy     = true
      + bucket                  = (known after apply)
      + id                      = (known after apply)
      + ignore_public_acls      = true
      + restrict_public_buckets = true
    }

Plan: 8 to add, 0 to change, 0 to destroy.

then If I issue terrascan scan -i terraform -t aws it crashes after running for a few minutes.
I've seen the following line tens of thousands of times.

2020-11-25T17:58:23.347+0300	debug	v12/variable-references.go:109	resolving variable ref "${var.force_destroy}" in parent module call

$ terrascan scan -i terraform -t aws

...2020-11-25T17:58:23.347+0300 debug v12/variable-references.go:57 extracted variable name "force_destroy" from reference "${var.force_destroy}"
2020-11-25T17:58:23.347+0300 debug v12/variable-references.go:151 resolved str variable ref: '${var.force_destroy}', value: '${var.force_destroy}'
2020-11-25T17:58:23.347+0300 debug v12/variable-references.go:109 resolving variable ref "${var.force_destroy}" in parent module call
2020-11-25T17:58:23.347+0300 debug v12/variable-references.go:57 extracted variable name "force_destroy" from reference "${var.force_destroy}"
2020-11-25T17:58:23.347+0300 debug v12/variable-references.go:151 resolved str variable ref: '${var.force_destroy}', value: '${var.force_destroy}'
2020-11-25T17:58:23.347+0300 debug v12/variable-references.go:109 resolving variable ref "${var.force_destroy}" in parent module call
runtime: goroutine stack exceeds 1000000000-byte limit
runtime: sp=0xc022700388 stack=[0xc022700000, 0xc042700000]
fatal error: stack overflow

runtime stack:
runtime.throw(0x5e72cf2, 0xe)
runtime/panic.go:1116 +0x72
runtime.newstack()
runtime/stack.go:1067 +0x78d
runtime.morestack()
runtime/asm_amd64.s:449 +0x8f

goroutine 1 [running]:
time.tzsetName(0xc0006bc2f8, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0)
time/zoneinfo.go:337 +0x265 fp=0xc022700398 sp=0xc022700390 pc=0x40d4ae5
time.tzset(0xc0006bc2f8, 0x7, 0x7fffffffffffffff, 0x5fbe710f, 0xc0227004e4, 0xe6700, 0x6e52aa9, 0xe523c, 0xe523c, 0x1)
time/zoneinfo.go:253 +0x4d fp=0xc022700490 sp=0xc022700398 pc=0x40d414d
time.(*Location).lookup(0x7048c40, 0x5fbe710f, 0x591, 0xc0227005a0, 0x40584ff, 0x6f16a6f, 0x54)
time/zoneinfo.go:181 +0x197 fp=0xc022700518 sp=0xc022700490 pc=0x40d3db7
time.Time.locabs(0xbfe7ba23d4bbb570, 0x301c019916, 0x7048c40, 0x3900000a89, 0x6f16a6f, 0x6f16a6f, 0x54)
time/time.go:464 +0xf9 fp=0xc022700568 sp=0xc022700518 pc=0x40d03d9
time.Time.AppendFormat(0xbfe7ba23d4bbb570, 0x301c019916, 0x7048c40, 0xc022700778, 0x0, 0x40, 0x5e8de62, 0x1c, 0x3, 0x57ea300, ...)
time/format.go:513 +0x5d fp=0xc022700718 sp=0xc022700568 pc=0x40c77bd
time.Time.Format(0xbfe7ba23d4bbb570, 0x301c019916, 0x7048c40, 0x5e8de62, 0x1c, 0xc000182390, 0xc0017880c0)
time/format.go:505 +0xc5 fp=0xc0227007c8 sp=0xc022700718 pc=0x40c76c5
go.uber.org/zap/zapcore.ISO8601TimeEncoder(0xbfe7ba23d4bbb570, 0x301c019916, 0x7048c40, 0x6201a00, 0xc0017880c0)
go.uber.org/zap@v1.13.0/zapcore/encoder.go:118 +0x54 fp=0xc022700810 sp=0xc0227007c8 pc=0x41ae034
go.uber.org/zap/zapcore.consoleEncoder.EncodeEntry(0xc0006e6db0, 0xff, 0xbfe7ba23d4bbb570, 0x301c019916, 0x7048c40, 0x0, 0x0, 0xc00214f810, 0x4d, 0x1, ...)
go.uber.org/zap@v1.13.0/zapcore/console_encoder.go:77 +0x902 fp=0xc0227008c8 sp=0xc022700810 pc=0x41acda2
go.uber.org/zap/zapcore.(*ioCore).Write(0xc0006e6de0, 0xff, 0xbfe7ba23d4bbb570, 0x301c019916, 0x7048c40, 0x0, 0x0, 0xc00214f810, 0x4d, 0x1, ...)
go.uber.org/zap@v1.13.0/zapcore/core.go:86 +0xa9 fp=0xc0227009a0 sp=0xc0227008c8 pc=0x41ad709
go.uber.org/zap/zapcore.(*CheckedEntry).Write(0xc000c16000, 0x0, 0x0, 0x0)
go.uber.org/zap@v1.13.0/zapcore/entry.go:216 +0x12d fp=0xc022700b40 sp=0xc0227009a0 pc=0x41af40d
go.uber.org/zap.(*SugaredLogger).log(0xc000010438, 0xff, 0x5eb5087, 0x2c, 0xc022700c48, 0x2, 0x2, 0x0, 0x0, 0x0)
go.uber.org/zap@v1.13.0/sugar.go:234 +0xf6 fp=0xc022700b90 sp=0xc022700b40 pc=0x43ce3f6
go.uber.org/zap.(*SugaredLogger).Debugf(...)
go.uber.org/zap@v1.13.0/sugar.go:133
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12.getVarName(0xc0004a2200, 0x14, 0x5ebf10d, 0x2f, 0xc022700eb8, 0x1)
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12/variable-references.go:57 +0x296 fp=0xc022700db8 sp=0xc022700b90 pc=0x57ea596
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12.(*RefResolver).ResolveVarRefFromParentModuleCall(0xc0426ff698, 0xc0004a2200, 0x14, 0x43ce3f6, 0xc000c16000)
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12/variable-references.go:117 +0x116 fp=0xc022700f90 sp=0xc022700db8 pc=0x57eb116
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12.(*RefResolver).ResolveStrRef(0xc0426ff698, 0xc0004a2200, 0x14, 0x2c, 0xc0227011a8)
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12/references.go:147 +0xe5 fp=0xc022701000 sp=0xc022700f90 pc=0x57e9805
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12.(*RefResolver).ResolveVarRefFromParentModuleCall(0xc0426ff698, 0xc0004a2200, 0x14, 0x43ce3f6, 0xc000c16000)
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12/variable-references.go:152 +0x57e fp=0xc0227011d8 sp=0xc022701000 pc=0x57eb57e
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12.(*RefResolver).ResolveStrRef(0xc0426ff698, 0xc0004a2200, 0x14, 0x2c, 0xc0227013f0)
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12/references.go:147 +0xe5 fp=0xc022701248 sp=0xc0227011d8 pc=0x57e9805
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12.(*RefResolver).ResolveVarRefFromParentModuleCall(0xc0426ff698, 0xc0004a2200, 0x14, 0x43ce3f6, 0xc000c16000)
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12/variable-references.go:152 +0x57e fp=0xc022701420 sp=0xc022701248 pc=0x57eb57e
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12.(*RefResolver).ResolveStrRef(0xc0426ff698, 0xc0004a2200, 0x14, 0x2c, 0xc022701638)
github.com/accurics/terrascan/pkg/iac-providers/terraform/v12/references.go:147 +0xe5 fp=0xc022701490 sp=0xc022701420 pc=0x57e9805
@kanchwala-yusuf
Copy link
Contributor

Thanks for creating this issue.

PR #393 should fix this.

@kanchwala-yusuf kanchwala-yusuf mentioned this issue Nov 26, 2020
Merged
@ismailyenigul
Copy link
Author

Thanks @kanchwala-yusuf
when can we get the new release to test?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix infinite loop on variable resolution dinedal/terrascan
2 participants
@ismailyenigul @kanchwala-yusuf