certsum encounters deadlock with when attempting to perform bulk scan

[atc0005]

Overview

With a small sample set (e.g., 3 hosts) the problem doesn't occur. Once I increase the hosts list past a certain point (?) deadlocks begin occurring.

Snippet of the output:

fatal error: all goroutines are asleep - deadlock!

goroutine 1 [sync.WaitGroup.Wait]:
sync.runtime_SemacquireWaitGroup(0x5e?)
        runtime/sema.go:110 +0x25
sync.(*WaitGroup).Wait(0xc000318150?)
        sync/waitgroup.go:118 +0x48
main.main()
        github.com/atc0005/check-cert/cmd/certsum/main.go:145 +0x1612

goroutine 731 [chan send]:
main.portScanner.func2.2({0x745c10, 0xc0001bef50}, {{0x7ffdfbe66f9d, 0xe}, {0xc0000a0a10, 0xf}, {0xc00019dcb0, 0x1, 0x1}}, 0x1bb, ...)
        github.com/atc0005/check-cert/cmd/certsum/portscan.go:230 +0x374
created by main.portScanner.func2 in goroutine 738
        github.com/atc0005/check-cert/cmd/certsum/portscan.go:164 +0x13d

goroutine 738 [sync.WaitGroup.Wait]:
sync.runtime_SemacquireWaitGroup(0xc0004ba1c0?)
        runtime/sema.go:110 +0x25
sync.(*WaitGroup).Wait(0xc000318000?)
        sync/waitgroup.go:118 +0x48
main.portScanner.func2({0x745c10, 0xc0001bef50}, {{0x7ffdfbe66f9d, 0xe}, {0xc0000a0a10, 0xf}, {0xc00019dcb0, 0x1, 0x1}}, 0xc0002a6c40)
        github.com/atc0005/check-cert/cmd/certsum/portscan.go:239 +0x51f
created by main.portScanner in goroutine 301
        github.com/atc0005/check-cert/cmd/certsum/portscan.go:103 +0x438

goroutine 302 [chan send]:
main.certScanner({0x745c10, 0xc0001bef50}, 0xc0002a6af0, 0xc0002a6c40, 0x1, 0x1, 0x2540be400, 0xc0002a6cb0, 0xc0002a6b60, {{0x744c88, ...}, ...}, ...)
        github.com/atc0005/check-cert/cmd/certsum/certcheck.go:190 +0x665
created by main.main in goroutine 1
        github.com/atc0005/check-cert/cmd/certsum/main.go:115 +0x13e7

goroutine 733 [chan send]:
main.portScanner.func2.2({0x745c10, 0xc0001bef50}, {{0x7ffdfbe66fac, 0x19}, {0xc0000a0a40, 0xf}, {0xc00019dcb0, 0x1, 0x1}}, 0x1bb, ...)
        github.com/atc0005/check-cert/cmd/certsum/portscan.go:230 +0x374
created by main.portScanner.func2 in goroutine 730
        github.com/atc0005/check-cert/cmd/certsum/portscan.go:164 +0x13d

goroutine 730 [sync.WaitGroup.Wait]:
sync.runtime_SemacquireWaitGroup(0xc0004ba9a0?)
        runtime/sema.go:110 +0x25
sync.(*WaitGroup).Wait(0xc000318150?)
        sync/waitgroup.go:118 +0x48
main.portScanner.func2({0x745c10, 0xc0001bef50}, {{0x7ffdfbe66fac, 0x19}, {0xc0000a0a40, 0xf}, {0xc00019dcb0, 0x1, 0x1}}, 0xc0002a6c40)
        github.com/atc0005/check-cert/cmd/certsum/portscan.go:239 +0x51f
created by main.portScanner in goroutine 301
        github.com/atc0005/check-cert/cmd/certsum/portscan.go:103 +0x438

When I revert to commit 3465cc2 the problem goes away. It looks like the issue was introduced with commit 1ec1938. Unfortunately commit 46d4bd4 does not appear to resolve this issue.

Note: Encountered this while auditing/evaluating a new collection of FQDNs (CNAMEs).

References

• https://github.com/atc0005/check-cert/commits/master/cmd/certsum

[atc0005]

Trying again, I'm seeing the same bulk list of hosts successfully scanned when I move the --show-valid-certs flag to the first position in the list.

Change from this:

certsum --hosts "host1,host2" --show-valid-certs

to this:

certsum --show-valid-certs --hosts "host1,host2"

[atc0005]

Probably worth reviewing debug log output to determine whether the flag position is having an affect on the config structure created from parsing CLI flag values. It shouldn't, but odd behavior is definitely occurring.