search

sonatype-nexus-community / nancy

A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index
Apache License 2.0
564 stars 74 forks source link

Thing doesn't work (Error initializing cache) #124

Closed fitzoh closed 4 years ago

fitzoh commented 4 years ago

Thanks for creating an issue! Please fill out this form so we can be sure to have all the information we need, and to minimize back and forth.

$ nancy Gopkg.lock 
open /Users/fitz/.ossindex/.oss-index-config: no such file or directory
 __  __
/\ \/\ \
\ \ `\\ \      __       ___      ___    __  __
 \ \ , ` \   /'__`\   /' _ `\   /'___\ /\ \/\ \
  \ \ \`\ \ /\ \L\.\_ /\ \/\ \ /\ \__/ \ \ \_\ \
   \ \_\ \_\\ \__/.\_\\ \_\ \_\\ \____\ \/`____ \
    \/_/\/_/ \/__/\/_/ \/_/\/_/ \/____/  `/___/> \
                                            /\___/
                                            \/__/
  _        _                           _    _
 /_)      /_` _  _  _ _/_     _  _    (/   /_` _ . _  _   _/  _
/_) /_/  ._/ /_// //_|/  /_/ /_//_'  (_X  /   / / /_'/ //_/ _\
    _/                   _/ /
Nancy version: 0.1.17
Error initializing cache - error: Unable to mmap RDWR log file: cannot allocate memory
For more information, check the log file at /Users/fitz/.ossindex/nancy.combined.log
nancy version: 0.1.17

Super verbose logs:

{"level":"info","msg":"Starting Nancy","time":"2020-04-12T16:36:14-04:00"}
{"level":"info","msg":"Nancy parsing config for OSS Index","time":"2020-04-12T16:36:14-04:00"}
{"level":"info","msg":"Unable to load config from file","time":"2020-04-12T16:36:14-04:00"}
{"level":"info","msg":"Attempting to print header","time":"2020-04-12T16:36:14-04:00"}
{"level":"info","msg":"Printing Nancy version","time":"2020-04-12T16:36:14-04:00","version":"0.1.17"}
{"level":"info","msg":"Finished printing header","time":"2020-04-12T16:36:14-04:00"}
{"level":"info","msg":"Parsing config for file based scan","time":"2020-04-12T16:36:14-04:00"}
{"level":"trace","msg":"Attempting to get database directory","time":"2020-04-12T16:36:14-04:00"}
{"home_dir":"/Users/fitz","level":"trace","msg":"Obtained user directory","time":"2020-04-12T16:36:14-04:00"}
{"level":"debug","msg":"Attempting to open Badger DB","time":"2020-04-12T16:36:14-04:00"}
{"level":"trace","msg":"Attempting to get database directory","time":"2020-04-12T16:36:14-04:00"}
{"home_dir":"/Users/fitz","level":"trace","msg":"Obtained user directory","time":"2020-04-12T16:36:14-04:00"}
{"level":"trace","msg":"Attempting to get database directory","time":"2020-04-12T16:36:14-04:00"}
{"home_dir":"/Users/fitz","level":"trace","msg":"Obtained user directory","time":"2020-04-12T16:36:14-04:00"}
{"badger_opts":{"Dir":"/Users/fitz/.ossindex/golang","ValueDir":"/Users/fitz/.ossindex/golang","SyncWrites":true,"TableLoadingMode":1,"ValueLogLoadingMode":2,"NumVersionsToKeep":1,"MaxTableSize":67108864,"LevelSizeMultiplier":10,"MaxLevels":7,"ValueThreshold":32,"NumMemtables":5,"NumLevelZeroTables":5,"NumLevelZeroTablesStall":10,"LevelOneSize":268435456,"ValueLogFileSize":1073741823,"ValueLogMaxEntries":1000000,"NumCompactors":3,"DoNotCompact":false,"ReadOnly":false,"Truncate":false},"level":"debug","msg":"Set Badger Options","time":"2020-04-12T16:36:14-04:00"}
{"error":"Unable to mmap RDWR log file: cannot allocate memory","level":"error","msg":"Error initializing cache","time":"2020-04-12T16:36:14-04:00"}

Running on OSX 10.14.6

Looks similar to https://github.com/dgraph-io/badger/issues/246

cc @bhamail / @DarthHater

zendern commented 4 years ago

@fitzoh how did you install nancy out of curiosity?? Just download from github page?? from source...go install?? something else??

Only way I could reproduce this is if I tried to use the 386 version of the binary for mac.... just wondering if that is part of the issue or not??

You can see first run below with 386 version gets the error you reported, second run is with amd64 version and it works no issues. 

zender [projects/oss/nancy]  master ✔ → rm -rf ~/.ossindex/ && go list -m all | ~/Downloads/nancy-darwin.386-v0.1.17                         [a76019e]
open /Users/zender/.ossindex/.oss-index-config: no such file or directory
 __  __
/\ \/\ \
\ \ `\\ \      __       ___      ___    __  __
 \ \ , ` \   /'__`\   /' _ `\   /'___\ /\ \/\ \
  \ \ \`\ \ /\ \L\.\_ /\ \/\ \ /\ \__/ \ \ \_\ \
   \ \_\ \_\\ \__/.\_\\ \_\ \_\\ \____\ \/`____ \
    \/_/\/_/ \/__/\/_/ \/_/\/_/ \/____/  `/___/> \
                                            /\___/
                                            \/__/
  _        _                           _    _
 /_)      /_` _  _  _ _/_     _  _    (/   /_` _ . _  _   _/  _
/_) /_/  ._/ /_// //_|/  /_/ /_//_'  (_X  /   / / /_'/ //_/ _\
    _/                   _/ /
Nancy version: 0.1.17
Error initializing cache - error: Unable to mmap RDWR log file: cannot allocate memory
For more information, check the log file at /Users/zender/.ossindex/nancy.combined.log
nancy version: 0.1.17
zender [projects/oss/nancy]  master ✔ → rm -rf ~/.ossindex/ && go list -m all | ~/Downloads/nancy-darwin.amd64-v0.1.17                       [a76019e]
open /Users/zender/.ossindex/.oss-index-config: no such file or directory
 __  __
/\ \/\ \
\ \ `\\ \      __       ___      ___    __  __
 \ \ , ` \   /'__`\   /' _ `\   /'___\ /\ \/\ \
  \ \ \`\ \ /\ \L\.\_ /\ \/\ \ /\ \__/ \ \ \_\ \
   \ \_\ \_\\ \__/.\_\\ \_\ \_\\ \____\ \/`____ \
    \/_/\/_/ \/__/\/_/ \/_/\/_/ \/____/  `/___/> \
                                            /\___/
                                            \/__/
  _        _                           _    _
 /_)      /_` _  _  _ _/_     _  _    (/   /_` _ . _  _   _/  _
/_) /_/  ._/ /_// //_|/  /_/ /_//_'  (_X  /   / / /_'/ //_/ _\
    _/                   _/ /
Nancy version: 0.1.17
[1/39]pkg:golang/github.com/AndreasBriese/bbloom@0.0.0-20180913140656-343706a395b7   No known vulnerabilities against package/version
[2/39]pkg:golang/github.com/BurntSushi/toml@0.3.1   No known vulnerabilities against package/version
[3/39]pkg:golang/github.com/Flaque/filet@0.0.0-20190209224823-fc4d33cfcf93   No known vulnerabilities against package/version
[4/39]pkg:golang/github.com/Masterminds/semver@0.0.0-20180403130225-3c92f33da7a8   No known vulnerabilities against package/version
[5/39]pkg:golang/github.com/Masterminds/vcs@1.13.1   No known vulnerabilities against package/version
[6/39]pkg:golang/github.com/armon/go-radix@1.0.0   No known vulnerabilities against package/version
[7/39]pkg:golang/github.com/beevik/etree@1.1.0   No known vulnerabilities against package/version
[8/39]pkg:golang/github.com/boltdb/bolt@1.3.1   No known vulnerabilities against package/version
[9/39]pkg:golang/github.com/common-nighthawk/go-figure@0.0.0-20190529165535-67e0ed34491a   No known vulnerabilities against package/version
[10/39]pkg:golang/github.com/davecgh/go-spew@1.1.1   No known vulnerabilities against package/version
[11/39]pkg:golang/github.com/dgraph-io/badger@1.5.5-0.20181004181505-439fd464b155   No known vulnerabilities against package/version
[12/39]pkg:golang/github.com/dgryski/go-farm@0.0.0-20180109070241-2de33835d102   No known vulnerabilities against package/version
[13/39]pkg:golang/github.com/dustin/go-humanize@1.0.0   No known vulnerabilities against package/version
[14/39]pkg:golang/github.com/golang/dep@0.5.4   No known vulnerabilities against package/version
[15/39]pkg:golang/github.com/golang/protobuf@1.2.0   No known vulnerabilities against package/version
[16/39]pkg:golang/github.com/google/go-cmp@0.4.0   No known vulnerabilities against package/version
[17/39]pkg:golang/github.com/jarcoal/httpmock@1.0.4   No known vulnerabilities against package/version
[18/39]pkg:golang/github.com/jmank88/nuts@0.3.0   No known vulnerabilities against package/version
[19/39]pkg:golang/github.com/konsorten/go-windows-terminal-sequences@1.0.2   No known vulnerabilities against package/version
[20/39]pkg:golang/github.com/logrusorgru/aurora@0.0.0-20190803045625-94edacc10f9b   No known vulnerabilities against package/version
[21/39]pkg:golang/github.com/nightlyone/lockfile@0.0.0-20180618180623-0ad87eef1443   No known vulnerabilities against package/version
[22/39]pkg:golang/github.com/package-url/packageurl-go@0.1.0   No known vulnerabilities against package/version
[23/39]pkg:golang/github.com/pelletier/go-toml@1.4.0   No known vulnerabilities against package/version
[24/39]pkg:golang/github.com/pkg/errors@0.8.0   No known vulnerabilities against package/version
[25/39]pkg:golang/github.com/pmezard/go-difflib@1.0.0   No known vulnerabilities against package/version
[26/39]pkg:golang/github.com/sdboyer/constext@0.0.0-20170321163424-836a14457353   No known vulnerabilities against package/version
[27/39]pkg:golang/github.com/shopspring/decimal@0.0.0-20180709203117-cd690d0c9e24   No known vulnerabilities against package/version
[28/39]pkg:golang/github.com/sirupsen/logrus@1.5.0   No known vulnerabilities against package/version
[29/39]pkg:golang/github.com/spf13/afero@1.2.2   No known vulnerabilities against package/version
[30/39]pkg:golang/github.com/stretchr/objx@0.1.0   No known vulnerabilities against package/version
[31/39]pkg:golang/github.com/stretchr/testify@1.3.0   No known vulnerabilities against package/version
[32/39]pkg:golang/golang.org/x/net@0.0.0-20181220203305-927f97764cc3   No known vulnerabilities against package/version
[33/39]pkg:golang/golang.org/x/sync@0.0.0-20181221193216-37e7f081c4d4   No known vulnerabilities against package/version
[34/39]pkg:golang/golang.org/x/sys@0.0.0-20200409092240-59c9f1ba88fa   No known vulnerabilities against package/version
[35/39]pkg:golang/golang.org/x/text@0.3.0   No known vulnerabilities against package/version
[36/39]pkg:golang/golang.org/x/xerrors@0.0.0-20191204190536-9bdfabe68543   No known vulnerabilities against package/version
[37/39]pkg:golang/github.com/go-check/check@0.0.0-20161208181325-20d25e280405   No known vulnerabilities against package/version
[38/39]pkg:golang/github.com/go-playground/assert@1.2.1   No known vulnerabilities against package/version
[39/39]pkg:golang/github.com/go-yaml/yaml@2.2.8   No known vulnerabilities against package/version

Audited dependencies:39,Vulnerable:0
fitzoh commented 4 years ago

Yep, I'm dumb and downloaded the 386 version from the releases page, good call @zendern