Your message dated Fri, 23 Jan 2026 23:36:46 -0800
with message-id
<CAHnKnK352yLztfTBESTm=jneqkcna99grs4zuck-eeucfgo...@mail.gmail.com>
and subject line Re: Bug#1117750: golang-github-sigstore-sigstore: FTBFS:
panic: runtime error: invalid memory address or nil pointer dereference
[recovered]
has caused the Debian Bug report #1117750,
regarding golang-github-sigstore-sigstore: FTBFS: panic: runtime error: invalid
memory address or nil pointer dereference [recovered]
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1117750: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117750
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: src:golang-github-sigstore-sigstore
Version: 1.9.5-1
Severity: serious
Tags: ftbfs forky sid
Dear maintainer:
During a rebuild of all packages in unstable, this package failed to build.
Below you will find the last part of the build log (probably the most
relevant part, but not necessarily). If required, the full build log
is available here:
https://people.debian.org/~sanvila/build-logs/202510/
About the archive rebuild: The build was made on virtual machines from AWS,
using sbuild and a reduced chroot with only build-essential packages.
If you cannot reproduce the bug please contact me privately, as I
am willing to provide ssh access to a virtual machine where the bug is
fully reproducible.
If this is really a bug in one of the build-depends, please use
reassign and add an affects on src:golang-github-sigstore-sigstore, so that
this is still
visible in the BTS web page for this package.
Thanks.
--------------------------------------------------------------------------------
[...]
debian/rules clean
dh clean --builddirectory=_build --buildsystem=golang --with=golang
dh_auto_clean -O--builddirectory=_build -O--buildsystem=golang
dh_autoreconf_clean -O--builddirectory=_build -O--buildsystem=golang
dh_clean -O--builddirectory=_build -O--buildsystem=golang
debian/rules binary
dh binary --builddirectory=_build --buildsystem=golang --with=golang
dh_update_autotools_config -O--builddirectory=_build -O--buildsystem=golang
dh_autoreconf -O--builddirectory=_build -O--buildsystem=golang
dh_auto_configure -O--builddirectory=_build -O--buildsystem=golang
dh_auto_configure: warning: "github.com/sigstore/sigstore" is already
installed. Please check for circular dependencies.
debian/rules execute_before_dh_auto_build
make[1]: Entering directory '/<<PKGBUILDDIR>>'
cd _build/src/github.com/sigstore/sigstore/pkg; \
[... snipped ...]
=== RUN TestPluginArgsJSON/defaultAlgorithm
=== PAUSE TestPluginArgsJSON/defaultAlgorithm
=== RUN TestPluginArgsJSON/supportedAlgorithms
=== PAUSE TestPluginArgsJSON/supportedAlgorithms
=== RUN TestPluginArgsJSON/createKey
=== PAUSE TestPluginArgsJSON/createKey
=== RUN TestPluginArgsJSON/publicKey
=== PAUSE TestPluginArgsJSON/publicKey
=== RUN TestPluginArgsJSON/signMessage
=== PAUSE TestPluginArgsJSON/signMessage
=== RUN TestPluginArgsJSON/verifySignature
=== PAUSE TestPluginArgsJSON/verifySignature
=== CONT TestHashFuncJSON
=== RUN TestHashFuncJSON/MD4
=== PAUSE TestHashFuncJSON/MD4
=== RUN TestHashFuncJSON/MD5
=== PAUSE TestHashFuncJSON/MD5
=== RUN TestHashFuncJSON/SHA-1
=== PAUSE TestHashFuncJSON/SHA-1
=== RUN TestHashFuncJSON/SHA-224
=== PAUSE TestHashFuncJSON/SHA-224
=== RUN TestHashFuncJSON/SHA-256
=== PAUSE TestHashFuncJSON/SHA-256
=== RUN TestHashFuncJSON/SHA-384
=== CONT TestPluginRespJSON
=== RUN TestPluginRespJSON/defaultAlgorithm
=== PAUSE TestPluginRespJSON/defaultAlgorithm
=== RUN TestPluginRespJSON/supportedAlgorithms
=== PAUSE TestPluginRespJSON/supportedAlgorithms
=== RUN TestPluginRespJSON/createKey
=== PAUSE TestPluginRespJSON/createKey
=== RUN TestPluginRespJSON/publicKey
=== PAUSE TestPluginRespJSON/publicKey
=== RUN TestPluginRespJSON/signMessage
=== PAUSE TestPluginRespJSON/signMessage
=== RUN TestPluginRespJSON/verifySignature
=== PAUSE TestPluginRespJSON/verifySignature
=== CONT TestPluginArgsJSON/defaultAlgorithm
=== CONT TestPluginArgsJSON/signMessage
=== CONT TestPluginArgsJSON/verifySignature
=== CONT TestPluginArgsJSON/createKey
=== CONT TestPluginArgsJSON/publicKey
=== CONT TestPluginArgsJSON/supportedAlgorithms
--- PASS: TestPluginArgsJSON (0.00s)
--- PASS: TestPluginArgsJSON/defaultAlgorithm (0.00s)
--- PASS: TestPluginArgsJSON/signMessage (0.00s)
--- PASS: TestPluginArgsJSON/verifySignature (0.00s)
--- PASS: TestPluginArgsJSON/createKey (0.00s)
--- PASS: TestPluginArgsJSON/publicKey (0.00s)
--- PASS: TestPluginArgsJSON/supportedAlgorithms (0.00s)
=== CONT TestPluginRespJSON/defaultAlgorithm
=== CONT TestPluginRespJSON/verifySignature
=== CONT TestPluginRespJSON/signMessage
=== CONT TestPluginRespJSON/publicKey
=== CONT TestPluginRespJSON/createKey
=== CONT TestPluginRespJSON/supportedAlgorithms
--- PASS: TestPluginRespJSON (0.00s)
--- PASS: TestPluginRespJSON/defaultAlgorithm (0.00s)
--- PASS: TestPluginRespJSON/verifySignature (0.00s)
--- PASS: TestPluginRespJSON/signMessage (0.00s)
--- PASS: TestPluginRespJSON/publicKey (0.00s)
--- PASS: TestPluginRespJSON/createKey (0.00s)
--- PASS: TestPluginRespJSON/supportedAlgorithms (0.00s)
=== PAUSE TestHashFuncJSON/SHA-384
=== RUN TestHashFuncJSON/SHA-512
=== PAUSE TestHashFuncJSON/SHA-512
=== RUN TestHashFuncJSON/MD5+SHA1
=== PAUSE TestHashFuncJSON/MD5+SHA1
=== RUN TestHashFuncJSON/RIPEMD-160
=== PAUSE TestHashFuncJSON/RIPEMD-160
=== RUN TestHashFuncJSON/SHA3-224
=== PAUSE TestHashFuncJSON/SHA3-224
=== RUN TestHashFuncJSON/SHA3-256
=== PAUSE TestHashFuncJSON/SHA3-256
=== RUN TestHashFuncJSON/SHA3-384
=== PAUSE TestHashFuncJSON/SHA3-384
=== RUN TestHashFuncJSON/SHA3-512
=== PAUSE TestHashFuncJSON/SHA3-512
=== RUN TestHashFuncJSON/SHA-512/224
=== PAUSE TestHashFuncJSON/SHA-512/224
=== RUN TestHashFuncJSON/SHA-512/256
=== PAUSE TestHashFuncJSON/SHA-512/256
=== RUN TestHashFuncJSON/BLAKE2s-256
=== PAUSE TestHashFuncJSON/BLAKE2s-256
=== RUN TestHashFuncJSON/BLAKE2b-256
=== PAUSE TestHashFuncJSON/BLAKE2b-256
=== RUN TestHashFuncJSON/BLAKE2b-384
=== PAUSE TestHashFuncJSON/BLAKE2b-384
=== RUN TestHashFuncJSON/BLAKE2b-512
=== PAUSE TestHashFuncJSON/BLAKE2b-512
=== CONT TestHashFuncJSON/MD4
=== CONT TestHashFuncJSON/BLAKE2b-512
=== CONT TestHashFuncJSON/BLAKE2b-384
=== CONT TestHashFuncJSON/SHA3-224
=== CONT TestHashFuncJSON/BLAKE2b-256
=== CONT TestHashFuncJSON/BLAKE2s-256
=== CONT TestHashFuncJSON/SHA-512/256
=== CONT TestHashFuncJSON/SHA-512/224
=== CONT TestHashFuncJSON/SHA3-512
=== CONT TestHashFuncJSON/SHA3-384
=== CONT TestHashFuncJSON/SHA3-256
=== CONT TestHashFuncJSON/SHA-384
=== CONT TestHashFuncJSON/RIPEMD-160
=== CONT TestHashFuncJSON/MD5+SHA1
=== CONT TestHashFuncJSON/SHA-512
=== CONT TestHashFuncJSON/SHA-224
=== CONT TestHashFuncJSON/SHA-256
=== CONT TestHashFuncJSON/SHA-1
=== CONT TestHashFuncJSON/MD5
--- PASS: TestHashFuncJSON (0.00s)
--- PASS: TestHashFuncJSON/MD4 (0.00s)
--- PASS: TestHashFuncJSON/BLAKE2b-512 (0.00s)
--- PASS: TestHashFuncJSON/BLAKE2b-384 (0.00s)
--- PASS: TestHashFuncJSON/SHA3-224 (0.00s)
--- PASS: TestHashFuncJSON/BLAKE2b-256 (0.00s)
--- PASS: TestHashFuncJSON/BLAKE2s-256 (0.00s)
--- PASS: TestHashFuncJSON/SHA-512/256 (0.00s)
--- PASS: TestHashFuncJSON/SHA-512/224 (0.00s)
--- PASS: TestHashFuncJSON/SHA3-512 (0.00s)
--- PASS: TestHashFuncJSON/SHA3-384 (0.00s)
--- PASS: TestHashFuncJSON/SHA3-256 (0.00s)
--- PASS: TestHashFuncJSON/SHA-384 (0.00s)
--- PASS: TestHashFuncJSON/RIPEMD-160 (0.00s)
--- PASS: TestHashFuncJSON/MD5+SHA1 (0.00s)
--- PASS: TestHashFuncJSON/SHA-512 (0.00s)
--- PASS: TestHashFuncJSON/SHA-224 (0.00s)
--- PASS: TestHashFuncJSON/SHA-256 (0.00s)
--- PASS: TestHashFuncJSON/SHA-1 (0.00s)
--- PASS: TestHashFuncJSON/MD5 (0.00s)
PASS
ok github.com/sigstore/sigstore/pkg/signature/kms/cliplugin/common 0.003s
=== RUN TestPackRPCOptions
=== PAUSE TestPackRPCOptions
=== RUN TestUnpackRPCOptions
=== PAUSE TestUnpackRPCOptions
=== RUN TestPackMessageOptions
=== PAUSE TestPackMessageOptions
=== RUN TestUnpackMessageOptions
=== PAUSE TestUnpackMessageOptions
=== RUN TestPackPublicKeyOptions
=== PAUSE TestPackPublicKeyOptions
=== RUN TestUnpackPublicKeyOptions
=== PAUSE TestUnpackPublicKeyOptions
=== RUN TestPackSignOptions
=== PAUSE TestPackSignOptions
=== RUN TestUnpackSignOptions
=== PAUSE TestUnpackSignOptions
=== RUN TestPackVerifyOptions
=== PAUSE TestPackVerifyOptions
=== RUN TestUnpackVerifyOptions
=== PAUSE TestUnpackVerifyOptions
=== CONT TestPackRPCOptions
--- PASS: TestPackRPCOptions (0.00s)
=== CONT TestUnpackVerifyOptions
--- PASS: TestUnpackVerifyOptions (0.00s)
=== CONT TestPackVerifyOptions
--- PASS: TestPackVerifyOptions (0.00s)
=== CONT TestUnpackSignOptions
--- PASS: TestUnpackSignOptions (0.00s)
=== CONT TestPackSignOptions
--- PASS: TestPackSignOptions (0.00s)
=== CONT TestUnpackPublicKeyOptions
--- PASS: TestUnpackPublicKeyOptions (0.00s)
=== CONT TestPackPublicKeyOptions
--- PASS: TestPackPublicKeyOptions (0.00s)
=== CONT TestUnpackMessageOptions
--- PASS: TestUnpackMessageOptions (0.00s)
=== CONT TestPackMessageOptions
--- PASS: TestPackMessageOptions (0.00s)
=== CONT TestUnpackRPCOptions
--- PASS: TestUnpackRPCOptions (0.00s)
PASS
ok github.com/sigstore/sigstore/pkg/signature/kms/cliplugin/encoding
0.007s
? github.com/sigstore/sigstore/pkg/signature/kms/cliplugin/handler
[no test files]
?
github.com/sigstore/sigstore/pkg/signature/kms/cliplugin/internal/signerverifier
[no test files]
=== RUN TestFakeSigner
--- PASS: TestFakeSigner (0.00s)
=== RUN TestFakeSignerWithPrivateKey
--- PASS: TestFakeSignerWithPrivateKey (0.00s)
PASS
ok github.com/sigstore/sigstore/pkg/signature/kms/fake 0.003s
? github.com/sigstore/sigstore/pkg/signature/options [no test files]
=== RUN TestMarshalCosign
=== PAUSE TestMarshalCosign
=== RUN TestUnmarshalCosign
=== PAUSE TestUnmarshalCosign
=== CONT TestMarshalCosign
=== RUN TestMarshalCosign/no_claims
=== PAUSE TestMarshalCosign/no_claims
=== RUN TestMarshalCosign/standard_atomic_signature
=== PAUSE TestMarshalCosign/standard_atomic_signature
=== RUN TestMarshalCosign/arbitrary_claims
=== PAUSE TestMarshalCosign/arbitrary_claims
=== RUN TestMarshalCosign/custom_identity
=== PAUSE TestMarshalCosign/custom_identity
=== CONT TestMarshalCosign/no_claims
=== CONT TestUnmarshalCosign
=== RUN TestUnmarshalCosign/no_claims
=== PAUSE TestUnmarshalCosign/no_claims
=== RUN TestUnmarshalCosign/arbitrary_claims
=== PAUSE TestUnmarshalCosign/arbitrary_claims
=== RUN TestUnmarshalCosign/unknown_type
=== PAUSE TestUnmarshalCosign/unknown_type
=== CONT TestMarshalCosign/arbitrary_claims
=== CONT TestMarshalCosign/standard_atomic_signature
=== CONT TestMarshalCosign/custom_identity
=== CONT TestUnmarshalCosign/no_claims
=== CONT TestUnmarshalCosign/unknown_type
=== CONT TestUnmarshalCosign/arbitrary_claims
--- PASS: TestUnmarshalCosign (0.00s)
--- PASS: TestUnmarshalCosign/no_claims (0.00s)
--- PASS: TestUnmarshalCosign/unknown_type (0.00s)
--- PASS: TestUnmarshalCosign/arbitrary_claims (0.00s)
--- PASS: TestMarshalCosign (0.00s)
--- PASS: TestMarshalCosign/no_claims (0.00s)
--- PASS: TestMarshalCosign/arbitrary_claims (0.00s)
--- PASS: TestMarshalCosign/custom_identity (0.00s)
--- PASS: TestMarshalCosign/standard_atomic_signature (0.00s)
PASS
ok github.com/sigstore/sigstore/pkg/signature/payload 0.003s
=== RUN TestFromOpenSSH
sign_test.go:154: skip TestFromOpenSSH: missing ssh-keygen in PATH
--- SKIP: TestFromOpenSSH (0.00s)
=== RUN TestToOpenSSH
sign_test.go:214: skip TestToOpenSSH: missing ssh-keygen in PATH
--- SKIP: TestToOpenSSH (0.00s)
=== RUN TestRoundTrip
=== RUN TestRoundTrip/rsa
=== RUN TestRoundTrip/ed25519
--- PASS: TestRoundTrip (0.01s)
--- PASS: TestRoundTrip/rsa (0.01s)
--- PASS: TestRoundTrip/ed25519 (0.00s)
PASS
ok github.com/sigstore/sigstore/pkg/signature/ssh 0.018s
=== RUN TestKeyHandleToSignerECDSA
=== RUN TestKeyHandleToSignerECDSA/ECDSA-P256-SHA256
=== RUN TestKeyHandleToSignerECDSA/ECDSA-P384-SHA512
=== RUN TestKeyHandleToSignerECDSA/ECDSA-P521-SHA512
--- PASS: TestKeyHandleToSignerECDSA (0.02s)
--- PASS: TestKeyHandleToSignerECDSA/ECDSA-P256-SHA256 (0.00s)
--- PASS: TestKeyHandleToSignerECDSA/ECDSA-P384-SHA512 (0.00s)
--- PASS: TestKeyHandleToSignerECDSA/ECDSA-P521-SHA512 (0.02s)
=== RUN TestKeyHandleToSignerED25519
--- PASS: TestKeyHandleToSignerED25519 (0.00s)
=== RUN TestKeyHandleToSignerFailsWithInvalidKeyType
--- PASS: TestKeyHandleToSignerFailsWithInvalidKeyType (0.83s)
PASS
ok github.com/sigstore/sigstore/pkg/signature/tink 0.850s
=== RUN TestMarshalStatusType
--- PASS: TestMarshalStatusType (0.00s)
=== RUN TestMarshalInvalidStatusType
--- PASS: TestMarshalInvalidStatusType (0.00s)
=== RUN TestUnmarshalStatusType
--- PASS: TestUnmarshalStatusType (0.00s)
=== RUN TestUnmarshalStatusTypeCapitalization
--- PASS: TestUnmarshalStatusTypeCapitalization (0.00s)
=== RUN TestUnmarshalInvalidStatusType
--- PASS: TestUnmarshalInvalidStatusType (0.00s)
=== RUN TestMarshalUsageType
--- PASS: TestMarshalUsageType (0.00s)
=== RUN TestMarshalInvalidUsageType
--- PASS: TestMarshalInvalidUsageType (0.00s)
=== RUN TestUnmarshalUsageType
--- PASS: TestUnmarshalUsageType (0.00s)
=== RUN TestUnmarshalUsageTypeCapitalization
--- PASS: TestUnmarshalUsageTypeCapitalization (0.00s)
=== RUN TestUnmarshalInvalidUsageType
--- PASS: TestUnmarshalInvalidUsageType (0.00s)
PASS
ok github.com/sigstore/sigstore/pkg/tuf 0.003s
? github.com/sigstore/sigstore/test [no test files]
FAIL
rm -fr -- /tmp/dh-xdg-rundir-UcWrXfoc
dh_auto_test: error: cd _build && go test -vet=off -v -p 2 -
[too-long-redacted] store/test returned exit code 1
make[1]: *** [debian/rules:21: override_dh_auto_test] Error 25
make[1]: Leaving directory '/<<PKGBUILDDIR>>'
make: *** [debian/rules:8: binary] Error 2
dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2
--------------------------------------------------------------------------------
--- End Message ---
--- Begin Message ---
As noted in the bug log, this was fixed in 1.24.9-1 (which has long
since migrated to testing now).
♥,
- Tianon
--- End Message ---
