Terraform scan stack overflow in countBlockRecursion (sort.go) - v0.69.3 #10466

dabcoder · 2026-03-31T08:45:41Z

dabcoder
Mar 31, 2026

Description

Trivy crashes with a Go stack overflow while scanning a directory containing Terraform files:

runtime: goroutine stack exceeds 1000000000-byte limit
runtime: sp=0xff32f300350 stack=[0xff32f300000, 0xff34f300000]
fatal error: stack overflow

runtime stack:
runtime.throw({0x105b31c45?, 0x100e5f294?})
	runtime/panic.go:1229 +0x38 fp=0x17385edd0 sp=0x17385eda0 pc=0x100eab0d8
runtime.newstack()
	runtime/stack.go:1178 +0x498 fp=0x17385ef00 sp=0x17385edd0 pc=0x100e8f388
runtime.morestack()
	runtime/asm_arm64.s:507 +0x70 fp=0x17385ef00 sp=0x17385ef00 pc=0x100eb1a40

goroutine 1 gp=0xff305c3a1e0 m=10 mp=0xff306300008 [running]:
runtime.growslice(0x0?, 0x1?, 0x0?, 0x1?, 0x10b35d3e0?)
	runtime/slice.go:178 +0x5a0 fp=0xff32f300350 sp=0xff32f300350 pc=0x100eae740
github.com/hashicorp/hcl/v2/hclsyntax.Variables.func1({0xff30c4cb1c0, 0x3, 0x4})
	github.com/hashicorp/hcl/v2@v2.24.0/hclsyntax/variables.go:19 +0x60 fp=0xff32f3003b0 sp=0xff32f300350 pc=0x1018465e0
github.com/hashicorp/hcl/v2/hclsyntax.(*variablesWalker).Enter(0xff30e2290c0, {0x10ba0f910?, 0xff309ad6e40?})
	github.com/hashicorp/hcl/v2@v2.24.0/hclsyntax/variables.go:52 +0x2a8 fp=0xff32f3004f0 sp=0xff32f3003b0 pc=0x101846928
github.com/hashicorp/hcl/v2/hclsyntax.Walk({0x10ba0f910, 0xff309ad6e40}, {0x10ba0f938, 0xff30e2290c0})
	github.com/hashicorp/hcl/v2@v2.24.0/hclsyntax/walk.go:37 +0x54 fp=0xff32f300560 sp=0xff32f3004f0 pc=0x101846bf4
github.com/hashicorp/hcl/v2/hclsyntax.Walk.func1({0x10ba0f910?, 0xff309ad6e40?})
	github.com/hashicorp/hcl/v2@v2.24.0/hclsyntax/walk.go:39 +0x30 fp=0xff32f3005c0 sp=0xff32f300560 pc=0x101846db0
github.com/hashicorp/hcl/v2/hclsyntax.(*ForExpr).walkChildNodes(0xff30c470500, 0xff30e2290e0)
	github.com/hashicorp/hcl/v2@v2.24.0/hclsyntax/expression.go:1736 +0x58 fp=0xff32f300620 sp=0xff32f3005c0 pc=0x101816e58
github.com/hashicorp/hcl/v2/hclsyntax.Walk({0x13cbc8230, 0xff30c470500}, {0x10ba0f938, 0xff30e2290c0})
	github.com/hashicorp/hcl/v2@v2.24.0/hclsyntax/walk.go:38 +0xd8 fp=0xff32f300690 sp=0xff32f300620 pc=0x101846c78
github.com/hashicorp/hcl/v2/hclsyntax.Variables({0x10ba4c860, 0xff30c470500})
	github.com/hashicorp/hcl/v2@v2.24.0/hclsyntax/variables.go:24 +0xc4 fp=0xff32f3006d0 sp=0xff32f300690 pc=0x101846514
github.com/hashicorp/hcl/v2/hclsyntax.(*ForExpr).Variables(0x10b2af440?)
	github.com/hashicorp/hcl/v2@v2.24.0/hclsyntax/expression_vars.go:30 +0x28 fp=0xff32f3006f0 sp=0xff32f3006d0 pc=0x10181cb28
github.com/aquasecurity/trivy/pkg/iac/terraform.(*Attribute).referencesFromExpression(0xff30c5b2640, {0x13cbc81f8, 0xff30c470500})
	github.com/aquasecurity/trivy/pkg/iac/terraform/attribute.go:736 +0x15c fp=0xff32f3007b0 sp=0xff32f3006f0 pc=0x10185b4bc
github.com/aquasecurity/trivy/pkg/iac/terraform.(*Attribute).AllReferences(...)
	github.com/aquasecurity/trivy/pkg/iac/terraform/attribute.go:725
github.com/aquasecurity/trivy/pkg/iac/terraform.(*Attribute).ReferencesBlock(0xff30c5b08c0?, 0xff30c466a80)
	github.com/aquasecurity/trivy/pkg/iac/terraform/attribute.go:713 +0x34 fp=0xff32f300a20 sp=0xff32f3007b0 pc=0x10185b1c4
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:43 +0x240 fp=0xff32f300c70 sp=0xff32f300a20 pc=0x102a21f20
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f300ec0 sp=0xff32f300c70 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f301110 sp=0xff32f300ec0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f301360 sp=0xff32f301110 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f3015b0 sp=0xff32f301360 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f301800 sp=0xff32f3015b0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f301a50 sp=0xff32f301800 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f301ca0 sp=0xff32f301a50 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f301ef0 sp=0xff32f301ca0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f302140 sp=0xff32f301ef0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f302390 sp=0xff32f302140 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f3025e0 sp=0xff32f302390 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f302830 sp=0xff32f3025e0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f302a80 sp=0xff32f302830 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f302cd0 sp=0xff32f302a80 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f302f20 sp=0xff32f302cd0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f303170 sp=0xff32f302f20 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f3033c0 sp=0xff32f303170 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f303610 sp=0xff32f3033c0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f303860 sp=0xff32f303610 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f303ab0 sp=0xff32f303860 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f303d00 sp=0xff32f303ab0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f303f50 sp=0xff32f303d00 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f3041a0 sp=0xff32f303f50 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f3043f0 sp=0xff32f3041a0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f304640 sp=0xff32f3043f0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f304890 sp=0xff32f304640 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f304ae0 sp=0xff32f304890 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f304d30 sp=0xff32f304ae0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f304f80 sp=0xff32f304d30 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f3051d0 sp=0xff32f304f80 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f305420 sp=0xff32f3051d0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f305670 sp=0xff32f305420 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f3058c0 sp=0xff32f305670 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f305b10 sp=0xff32f3058c0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f305d60 sp=0xff32f305b10 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f305fb0 sp=0xff32f305d60 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff32f306200 sp=0xff32f305fb0 pc=0x102a21f48
...906723 frames elided...
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f0140 sp=0xff34f2efef0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f0390 sp=0xff34f2f0140 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f05e0 sp=0xff34f2f0390 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f0830 sp=0xff34f2f05e0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f0a80 sp=0xff34f2f0830 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f0cd0 sp=0xff34f2f0a80 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f0f20 sp=0xff34f2f0cd0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f1170 sp=0xff34f2f0f20 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f13c0 sp=0xff34f2f1170 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f1610 sp=0xff34f2f13c0 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f1860 sp=0xff34f2f1610 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*counter).countBlockRecursion(0xff34f2f1e50, 0xff30c5b08c0, {0xff30b781600, 0x23, 0x40}, 0x0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:44 +0x268 fp=0xff34f2f1ab0 sp=0xff34f2f1860 pc=0x102a21f48
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.sortBlocksByHierarchy.func1(0x10, 0x8)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:16 +0x84 fp=0xff34f2f1b30 sp=0xff34f2f1ab0 pc=0x102a21c34
sort.order2_func(...)
	sort/zsortfunc.go:299
sort.median_func({0xff307991e28?, 0xff30c53dd80?}, 0x8, 0x10, 0x18, 0xff34f2f1ba8)
	sort/zsortfunc.go:308 +0x48 fp=0xff34f2f1b70 sp=0xff34f2f1b30 pc=0x100fbe328
sort.choosePivot_func({0xff307991e28?, 0xff30c53dd80?}, 0x0?, 0x0?)
	sort/zsortfunc.go:284 +0x10c fp=0xff34f2f1c00 sp=0xff34f2f1b70 pc=0x100fbe27c
sort.pdqsort_func({0xff307991e28?, 0xff30c53dd80?}, 0x18?, 0x10ab37800?, 0x69?)
	sort/zsortfunc.go:89 +0x9c fp=0xff34f2f1ca0 sp=0xff34f2f1c00 pc=0x100fbd8bc
sort.Slice({0x10af35da0?, 0xff30accb3c8?}, 0xff307991e28)
	sort/slice.go:29 +0xc4 fp=0xff34f2f1d10 sp=0xff34f2f1ca0 pc=0x100fbce74
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.sortBlocksByHierarchy({0xff30b781600, 0x23, 0x40})
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/sort.go:13 +0xc8 fp=0xff34f2f1e60 sp=0xff34f2f1d10 pc=0x102a21b88
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*Parser).readBlocks(0xff30c470280, {0xff309bea1e0, 0x4, 0xfffffffffffffffc?})
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/parser.go:427 +0x4dc fp=0xff34f2f2040 sp=0xff34f2f1e60 pc=0x102a216ec
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*Parser).Load(0xff30c470280, {0x10ba38d78?, 0xff30c33ac30?})
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/parser.go:262 +0xfc fp=0xff34f2f2390 sp=0xff34f2f2040 pc=0x102a1fd7c
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).loadSubmodules(0xff307336fa0, {0x10ba38d78, 0xff30c33ac30})
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:218 +0xa0 fp=0xff34f2f2510 sp=0xff34f2f2390 pc=0x102a0dc90
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).evaluateSubmodules(0xff307336fa0, {0x10ba38d78, 0xff30c33ac30}, 0xff3098e4360, 0xff30c46dda0)
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:166 +0x38 fp=0xff34f2f26b0 sp=0xff34f2f2510 pc=0x102a0d768
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*evaluator).EvaluateAll(0xff307336fa0, {0x10ba38d78, 0xff30c33ac30})
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/evaluator.go:156 +0x294 fp=0xff34f2f27d0 sp=0xff34f2f26b0 pc=0x102a0d5d4
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser.(*Parser).EvaluateAll(0xff3066d6000, {0x10ba38d78, 0xff30c33ac30})
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/parser/parser.go:386 +0x74 fp=0xff34f2f2860 sp=0xff34f2f27d0 pc=0x102a210c4
github.com/aquasecurity/trivy/pkg/iac/scanners/terraform.(*Scanner).ScanFS(0xff30befb710, {0x10ba38d78, 0xff30c33ac30}, {0x10b9a9c40, 0xff30aca5b00}, {0x106685ed0, 0x1})
	github.com/aquasecurity/trivy/pkg/iac/scanners/terraform/scanner.go:123 +0x604 fp=0xff34f2f3290 sp=0xff34f2f2860 pc=0x102a231d4
github.com/aquasecurity/trivy/pkg/misconf.(*Scanner).Scan(0xff30be87dc0, {0x10ba38e20, 0xff306a11110}, {0x10b9a9c40, 0xff30ac948d0})
	github.com/aquasecurity/trivy/pkg/misconf/scanner.go:159 +0x208 fp=0xff34f2f3470 sp=0xff34f2f3290 pc=0x103d2d608
github.com/aquasecurity/trivy/pkg/fanal/analyzer/config.(*Analyzer).PostAnalyze(0xff30c24ad80, {0x10ba38e20?, 0xff306a11110?}, {{0x10b9a9c40, 0xff30ac948d0}, {0x0, 0x0, 0x0}, {0x0, 0x0}})
	github.com/aquasecurity/trivy/pkg/fanal/analyzer/config/config.go:44 +0x44 fp=0xff34f2f34f0 sp=0xff34f2f3470 pc=0x10562cc64
github.com/aquasecurity/trivy/pkg/fanal/analyzer.AnalyzerGroup.postAnalyze({0x0, {0x0, 0x101, 0xa}, {0x10c0ba1c8, 0x0, 0xff3079935f8}, 0x100e35b18, {0x0, 0x0}}, ...)
	github.com/aquasecurity/trivy/pkg/fanal/analyzer/analyzer.go:353 +0x50 fp=0xff34f2f3550 sp=0xff34f2f34f0 pc=0x103d35270
github.com/aquasecurity/trivy/pkg/fanal/analyzer.AnalyzerGroup.PostAnalyze({0xff30c24f9b0, {0xff30b780a00, 0x1f, 0x20}, {0xff30b780c00, 0x19, 0x20}, 0xff30c262db0, {0x105ae111d, 0x7}}, ...)
	github.com/aquasecurity/trivy/pkg/fanal/analyzer/analyzer.go:574 +0x440 fp=0xff34f2f3880 sp=0xff34f2f3550 pc=0x103d371f0
github.com/aquasecurity/trivy/pkg/fanal/artifact/local.Artifact.Inspect({{0x16efdf3e9, 0x1}, 0xff30c2722e0, {0x13cbb8ed0, 0xff30843b4a0}, {0x10b9a9b80, 0x10c0ba1c8}, {0xff30c24f9b0, {0xff30b780a00, 0x1f, ...}, ...}, ...}, ...)
	github.com/aquasecurity/trivy/pkg/fanal/artifact/local/fs.go:234 +0x768 fp=0xff34f2f4100 sp=0xff34f2f3880 pc=0x104697138
github.com/aquasecurity/trivy/pkg/fanal/artifact/local.(*Artifact).Inspect(_, {_, _})
	<autogenerated>:1 +0xf4 fp=0xff34f2f4f20 sp=0xff34f2f4100 pc=0x1046985a4
github.com/aquasecurity/trivy/pkg/scan.Service.ScanArtifact({{_, _}, {_, _}}, {_, _}, {{0xff305fd57c0, 0x2, 0x2}, {0xff30657a700, ...}, ...})
	github.com/aquasecurity/trivy/pkg/scan/service.go:52 +0xc4 fp=0xff34f2f5e80 sp=0xff34f2f4f20 pc=0x104537794
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scan(_, {_, _}, {{{0x105afcd64, 0xa}, 0x0, 0x0, 0x1, 0x0, 0x0, ...}, ...}, ...)
	github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:704 +0x380 fp=0xff34f2f7960 sp=0xff34f2f5e80 pc=0x105719f80
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanArtifact(_, {_, _}, {{{0x105afcd64, 0xa}, 0x0, 0x0, 0x1, 0x0, 0x0, ...}, ...}, ...)
	github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:302 +0xc4 fp=0xff34f2f89a0 sp=0xff34f2f7960 pc=0x105715404
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanFS(_, {_, _}, {{{0x105afcd64, 0xa}, 0x0, 0x0, 0x1, 0x0, 0x0, ...}, ...})
	github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:247 +0xd4 fp=0xff34f2f99d0 sp=0xff34f2f89a0 pc=0x105714cb4
github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).ScanFilesystem(_, {_, _}, {{{0x105afcd64, 0xa}, 0x0, 0x0, 0x1, 0x0, 0x0, ...}, ...})
	github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:227 +0x1dc fp=0xff34f2faa10 sp=0xff34f2f99d0 pc=0x10571491c
github.com/aquasecurity/trivy/pkg/commands/artifact.Runner.ScanFilesystem-fm({_, _}, {{{0x105afcd64, 0xa}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x45d964b800, ...}, ...})
	<autogenerated>:1 +0xcc fp=0xff34f2fba40 sp=0xff34f2faa10 pc=0x10571d2ac
github.com/aquasecurity/trivy/pkg/commands/artifact.run({_, _}, {{{0x105afcd64, 0xa}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x45d964b800, ...}, ...}, ...)
	github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:450 +0x69c fp=0xff34f2fd330 sp=0xff34f2fba40 pc=0x105716c2c
github.com/aquasecurity/trivy/pkg/commands/artifact.Run({_, _}, {{{0x105afcd64, 0xa}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x45d964b800, ...}, ...}, ...)
	github.com/aquasecurity/trivy/pkg/commands/artifact/run.go:409 +0x1ec fp=0xff34f2fe860 sp=0xff34f2fd330 pc=0x10571601c
github.com/aquasecurity/trivy/pkg/commands.NewFilesystemCommand.func2(0xff306a02608, {0xff307010780, 0x1, 0xa})
	github.com/aquasecurity/trivy/pkg/commands/app.go:378 +0x1a4 fp=0xff34f2ffa50 sp=0xff34f2fe860 pc=0x105822d84
github.com/spf13/cobra.(*Command).execute(0xff306a02608, {0xff307010640, 0xa, 0xa})
	github.com/spf13/cobra@v1.10.2/command.go:1015 +0x814 fp=0xff34f2ffc00 sp=0xff34f2ffa50 pc=0x1010961e4
github.com/spf13/cobra.(*Command).ExecuteC(0xff306a02008)
	github.com/spf13/cobra@v1.10.2/command.go:1148 +0x350 fp=0xff34f2ffcf0 sp=0xff34f2ffc00 pc=0x1010969c0
github.com/spf13/cobra.(*Command).Execute(...)
	github.com/spf13/cobra@v1.10.2/command.go:1071
github.com/spf13/cobra.(*Command).ExecuteContext(...)
	github.com/spf13/cobra@v1.10.2/command.go:1064
github.com/aquasecurity/trivy/pkg/commands.Run({0x10ba39168, 0xff306842200})
	github.com/aquasecurity/trivy/pkg/commands/run.go:23 +0x5c fp=0xff34f2ffd60 sp=0xff34f2ffcf0 pc=0x10582c8bc
main.run()
	github.com/aquasecurity/trivy/cmd/trivy/main.go:50 +0x150 fp=0xff34f2ffe50 sp=0xff34f2ffd60 pc=0x1059e77a0
main.main()
	github.com/aquasecurity/trivy/cmd/trivy/main.go:19 +0x20 fp=0xff34f2fff30 sp=0xff34f2ffe50 pc=0x1059e74c0
runtime.main()
	runtime/proc.go:290 +0x2b4 fp=0xff34f2fffd0 sp=0xff34f2fff30 pc=0x100e73f74
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff34f2fffd0 sp=0xff34f2fffd0 pc=0x100eb3ab4

goroutine 18 gp=0xff305d843c0 m=nil [force gc (idle)]:
runtime.gopark(0x0?, 0x0?, 0x0?, 0x0?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d36790 sp=0xff305d36770 pc=0x100eab8ec
runtime.goparkunlock(...)
	runtime/proc.go:468
runtime.forcegchelper()
	runtime/proc.go:375 +0xb4 fp=0xff305d367d0 sp=0xff305d36790 pc=0x100e74294
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d367d0 sp=0xff305d367d0 pc=0x100eb3ab4
created by runtime.init.7 in goroutine 1
	runtime/proc.go:363 +0x24

goroutine 19 gp=0xff305d845a0 m=nil [GC sweep wait]:
runtime.gopark(0x10c075c01?, 0x0?, 0x0?, 0x0?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d36f70 sp=0xff305d36f50 pc=0x100eab8ec
runtime.goparkunlock(...)
	runtime/proc.go:468
runtime.bgsweep(0xff305d94000)
	runtime/mgcsweep.go:324 +0x178 fp=0xff305d36fb0 sp=0xff305d36f70 pc=0x100e5ad88
runtime.gcenable.gowrap1()
	runtime/mgc.go:214 +0x20 fp=0xff305d36fd0 sp=0xff305d36fb0 pc=0x100e4bad0
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d36fd0 sp=0xff305d36fd0 pc=0x100eb3ab4
created by runtime.gcenable in goroutine 1
	runtime/mgc.go:214 +0x6c

goroutine 20 gp=0xff305d84780 m=nil [GC scavenge wait]:
runtime.gopark(0xe29a6b?, 0xde4d52?, 0x0?, 0x0?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d37760 sp=0xff305d37740 pc=0x100eab8ec
runtime.goparkunlock(...)
	runtime/proc.go:468
runtime.(*scavengerState).park(0x10c084020)
	runtime/mgcscavenge.go:425 +0x5c fp=0xff305d37790 sp=0xff305d37760 pc=0x100e5876c
runtime.bgscavenge(0xff305d94000)
	runtime/mgcscavenge.go:658 +0xac fp=0xff305d377b0 sp=0xff305d37790 pc=0x100e58d2c
runtime.gcenable.gowrap2()
	runtime/mgc.go:215 +0x20 fp=0xff305d377d0 sp=0xff305d377b0 pc=0x100e4ba90
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d377d0 sp=0xff305d377d0 pc=0x100eb3ab4
created by runtime.gcenable in goroutine 1
	runtime/mgc.go:215 +0xac

goroutine 34 gp=0xff305e02000 m=nil [GOMAXPROCS updater (idle)]:
runtime.gopark(0x0?, 0x0?, 0x0?, 0x0?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305e08770 sp=0xff305e08750 pc=0x100eab8ec
runtime.goparkunlock(...)
	runtime/proc.go:468
runtime.updateMaxProcsGoroutine()
	runtime/proc.go:7095 +0xf4 fp=0xff305e087d0 sp=0xff305e08770 pc=0x100e82c44
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305e087d0 sp=0xff305e087d0 pc=0x100eb3ab4
created by runtime.defaultGOMAXPROCSUpdateEnable in goroutine 1
	runtime/proc.go:7083 +0x48

goroutine 2 gp=0xff305c3b4a0 m=nil [finalizer wait]:
runtime.gopark(0x0?, 0x0?, 0x0?, 0x0?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d3ad80 sp=0xff305d3ad60 pc=0x100eab8ec
runtime.runFinalizers()
	runtime/mfinal.go:210 +0x100 fp=0xff305d3afd0 sp=0xff305d3ad80 pc=0x100e4aaf0
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d3afd0 sp=0xff305d3afd0 pc=0x100eb3ab4
created by runtime.createfing in goroutine 1
	runtime/mfinal.go:172 +0x78

goroutine 3 gp=0xff3060483c0 m=nil [GC worker (idle)]:
runtime.gopark(0x8740851523b9?, 0x3?, 0x5e?, 0x97?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d3b720 sp=0xff305d3b700 pc=0x100eab8ec
runtime.gcBgMarkWorker(0xff3060a0000)
	runtime/mgc.go:1791 +0xe0 fp=0xff305d3b7b0 sp=0xff305d3b720 pc=0x100e4e530
runtime.gcBgMarkStartWorkers.gowrap1()
	runtime/mgc.go:1695 +0x20 fp=0xff305d3b7d0 sp=0xff305d3b7b0 pc=0x100e4e430
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d3b7d0 sp=0xff305d3b7d0 pc=0x100eb3ab4
created by runtime.gcBgMarkStartWorkers in goroutine 1
	runtime/mgc.go:1695 +0x134

goroutine 35 gp=0xff305e02780 m=nil [GC worker (idle)]:
runtime.gopark(0x87408513a372?, 0x3?, 0xb7?, 0x76?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d3a720 sp=0xff305d3a700 pc=0x100eab8ec
runtime.gcBgMarkWorker(0xff3060a0000)
	runtime/mgc.go:1791 +0xe0 fp=0xff305d3a7b0 sp=0xff305d3a720 pc=0x100e4e530
runtime.gcBgMarkStartWorkers.gowrap1()
	runtime/mgc.go:1695 +0x20 fp=0xff305d3a7d0 sp=0xff305d3a7b0 pc=0x100e4e430
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d3a7d0 sp=0xff305d3a7d0 pc=0x100eb3ab4
created by runtime.gcBgMarkStartWorkers in goroutine 1
	runtime/mgc.go:1695 +0x134

goroutine 4 gp=0xff3060485a0 m=nil [GC worker (idle)]:
runtime.gopark(0x874085143eb8?, 0x1?, 0xc0?, 0x4b?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d3bf20 sp=0xff305d3bf00 pc=0x100eab8ec
runtime.gcBgMarkWorker(0xff3060a0000)
	runtime/mgc.go:1791 +0xe0 fp=0xff305d3bfb0 sp=0xff305d3bf20 pc=0x100e4e530
runtime.gcBgMarkStartWorkers.gowrap1()
	runtime/mgc.go:1695 +0x20 fp=0xff305d3bfd0 sp=0xff305d3bfb0 pc=0x100e4e430
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d3bfd0 sp=0xff305d3bfd0 pc=0x100eb3ab4
created by runtime.gcBgMarkStartWorkers in goroutine 1
	runtime/mgc.go:1695 +0x134

goroutine 21 gp=0xff305d85c20 m=nil [GC worker (idle)]:
runtime.gopark(0x10c0c0200?, 0x3?, 0x6f?, 0x97?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d37f20 sp=0xff305d37f00 pc=0x100eab8ec
runtime.gcBgMarkWorker(0xff3060a0000)
	runtime/mgc.go:1791 +0xe0 fp=0xff305d37fb0 sp=0xff305d37f20 pc=0x100e4e530
runtime.gcBgMarkStartWorkers.gowrap1()
	runtime/mgc.go:1695 +0x20 fp=0xff305d37fd0 sp=0xff305d37fb0 pc=0x100e4e430
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d37fd0 sp=0xff305d37fd0 pc=0x100eb3ab4
created by runtime.gcBgMarkStartWorkers in goroutine 1
	runtime/mgc.go:1695 +0x134

goroutine 22 gp=0xff305fa0000 m=nil [GC worker (idle)]:
runtime.gopark(0x8740851565f7?, 0x1?, 0x2c?, 0xa5?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d38720 sp=0xff305d38700 pc=0x100eab8ec
runtime.gcBgMarkWorker(0xff3060a0000)
	runtime/mgc.go:1791 +0xe0 fp=0xff305d387b0 sp=0xff305d38720 pc=0x100e4e530
runtime.gcBgMarkStartWorkers.gowrap1()
	runtime/mgc.go:1695 +0x20 fp=0xff305d387d0 sp=0xff305d387b0 pc=0x100e4e430
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d387d0 sp=0xff305d387d0 pc=0x100eb3ab4
created by runtime.gcBgMarkStartWorkers in goroutine 1
	runtime/mgc.go:1695 +0x134

goroutine 36 gp=0xff305e02960 m=nil [GC worker (idle)]:
runtime.gopark(0x874085115135?, 0xff3060a2200?, 0x1c?, 0xa?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305e08f20 sp=0xff305e08f00 pc=0x100eab8ec
runtime.gcBgMarkWorker(0xff3060a0000)
	runtime/mgc.go:1791 +0xe0 fp=0xff305e08fb0 sp=0xff305e08f20 pc=0x100e4e530
runtime.gcBgMarkStartWorkers.gowrap1()
	runtime/mgc.go:1695 +0x20 fp=0xff305e08fd0 sp=0xff305e08fb0 pc=0x100e4e430
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305e08fd0 sp=0xff305e08fd0 pc=0x100eb3ab4
created by runtime.gcBgMarkStartWorkers in goroutine 1
	runtime/mgc.go:1695 +0x134

goroutine 5 gp=0xff306048780 m=nil [GC worker (idle)]:
runtime.gopark(0x874085156169?, 0x1?, 0x36?, 0xb0?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d3c720 sp=0xff305d3c700 pc=0x100eab8ec
runtime.gcBgMarkWorker(0xff3060a0000)
	runtime/mgc.go:1791 +0xe0 fp=0xff305d3c7b0 sp=0xff305d3c720 pc=0x100e4e530
runtime.gcBgMarkStartWorkers.gowrap1()
	runtime/mgc.go:1695 +0x20 fp=0xff305d3c7d0 sp=0xff305d3c7b0 pc=0x100e4e430
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d3c7d0 sp=0xff305d3c7d0 pc=0x100eb3ab4
created by runtime.gcBgMarkStartWorkers in goroutine 1
	runtime/mgc.go:1695 +0x134

goroutine 23 gp=0xff305fa01e0 m=nil [GC worker (idle)]:
runtime.gopark(0x874085152530?, 0x3?, 0xb4?, 0x5f?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d38f20 sp=0xff305d38f00 pc=0x100eab8ec
runtime.gcBgMarkWorker(0xff3060a0000)
	runtime/mgc.go:1791 +0xe0 fp=0xff305d38fb0 sp=0xff305d38f20 pc=0x100e4e530
runtime.gcBgMarkStartWorkers.gowrap1()
	runtime/mgc.go:1695 +0x20 fp=0xff305d38fd0 sp=0xff305d38fb0 pc=0x100e4e430
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d38fd0 sp=0xff305d38fd0 pc=0x100eb3ab4
created by runtime.gcBgMarkStartWorkers in goroutine 1
	runtime/mgc.go:1695 +0x134

goroutine 37 gp=0xff305e02b40 m=nil [GC worker (idle)]:
runtime.gopark(0x874085115065?, 0x3?, 0x59?, 0x6?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305e09720 sp=0xff305e09700 pc=0x100eab8ec
runtime.gcBgMarkWorker(0xff3060a0000)
	runtime/mgc.go:1791 +0xe0 fp=0xff305e097b0 sp=0xff305e09720 pc=0x100e4e530
runtime.gcBgMarkStartWorkers.gowrap1()
	runtime/mgc.go:1695 +0x20 fp=0xff305e097d0 sp=0xff305e097b0 pc=0x100e4e430
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305e097d0 sp=0xff305e097d0 pc=0x100eb3ab4
created by runtime.gcBgMarkStartWorkers in goroutine 1
	runtime/mgc.go:1695 +0x134

goroutine 6 gp=0xff306048960 m=nil [GC worker (idle)]:
runtime.gopark(0x874085113fcb?, 0x1?, 0x62?, 0x67?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305d3cf20 sp=0xff305d3cf00 pc=0x100eab8ec
runtime.gcBgMarkWorker(0xff3060a0000)
	runtime/mgc.go:1791 +0xe0 fp=0xff305d3cfb0 sp=0xff305d3cf20 pc=0x100e4e530
runtime.gcBgMarkStartWorkers.gowrap1()
	runtime/mgc.go:1695 +0x20 fp=0xff305d3cfd0 sp=0xff305d3cfb0 pc=0x100e4e430
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305d3cfd0 sp=0xff305d3cfd0 pc=0x100eb3ab4
created by runtime.gcBgMarkStartWorkers in goroutine 1
	runtime/mgc.go:1695 +0x134

goroutine 50 gp=0xff306384d20 m=nil [cleanup wait]:
runtime.gopark(0x0?, 0x0?, 0x0?, 0x0?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305e0a750 sp=0xff305e0a730 pc=0x100eab8ec
runtime.goparkunlock(...)
	runtime/proc.go:468
runtime.(*cleanupQueue).dequeue(0x10c084bc0)
	runtime/mcleanup.go:522 +0x160 fp=0xff305e0a790 sp=0xff305e0a750 pc=0x100e47020
runtime.runCleanups()
	runtime/mcleanup.go:718 +0x40 fp=0xff305e0a7d0 sp=0xff305e0a790 pc=0x100e47770
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305e0a7d0 sp=0xff305e0a7d0 pc=0x100eb3ab4
created by runtime.(*cleanupQueue).createGs in goroutine 1
	runtime/mcleanup.go:672 +0x108

goroutine 39 gp=0xff3060f9860 m=nil [select, locked to thread]:
runtime.gopark(0xff305e09fa0?, 0x2?, 0xa8?, 0x9e?, 0xff305e09f90?)
	runtime/proc.go:462 +0xbc fp=0xff305e09e10 sp=0xff305e09df0 pc=0x100eab8ec
runtime.selectgo(0xff305e09fa0, 0xff305e09f8c, 0x0?, 0x0, 0xff3060640d8?, 0x1)
	runtime/select.go:351 +0x83c fp=0xff305e09f50 sp=0xff305e09e10 pc=0x100e8837c
runtime.ensureSigM.func1()
	runtime/signal_unix.go:1091 +0x148 fp=0xff305e09fd0 sp=0xff305e09f50 pc=0x100ea5068
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305e09fd0 sp=0xff305e09fd0 pc=0x100eb3ab4
created by runtime.ensureSigM in goroutine 1
	runtime/signal_unix.go:1074 +0xcc

goroutine 40 gp=0xff3060f90e0 m=7 mp=0xff3061a6008 [syscall]:
runtime.sigNoteSleep(0x0?)
	runtime/os_darwin.go:138 +0x20 fp=0xff305e07f90 sp=0xff305e07f50 pc=0x100e6e1e0
os/signal.signal_recv()
	runtime/sigqueue.go:149 +0x108 fp=0xff305e07fb0 sp=0xff305e07f90 pc=0x100eade88
os/signal.loop()
	os/signal/signal_unix.go:23 +0x1c fp=0xff305e07fd0 sp=0xff305e07fb0 pc=0x101f0efac
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305e07fd0 sp=0xff305e07fd0 pc=0x100eb3ab4
created by os/signal.Notify.func1.1 in goroutine 1
	os/signal/signal.go:152 +0x28

goroutine 25 gp=0xff3062f41e0 m=nil [select]:
runtime.gopark(0xff305c7bf90?, 0x2?, 0x0?, 0x0?, 0xff305c7bf84?)
	runtime/proc.go:462 +0xbc fp=0xff305c7be00 sp=0xff305c7bde0 pc=0x100eab8ec
runtime.selectgo(0xff305c7bf90, 0xff305c7bf80, 0x0?, 0x0, 0x0?, 0x1)
	runtime/select.go:351 +0x83c fp=0xff305c7bf40 sp=0xff305c7be00 pc=0x100e8837c
os/signal.NotifyContext.func1()
	os/signal/signal.go:292 +0x74 fp=0xff305c7bfd0 sp=0xff305c7bf40 pc=0x101f0eaf4
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305c7bfd0 sp=0xff305c7bfd0 pc=0x100eb3ab4
created by os/signal.NotifyContext in goroutine 1
	os/signal/signal.go:291 +0x134

goroutine 26 gp=0xff3062f43c0 m=nil [chan receive]:
runtime.gopark(0xff305e04708?, 0x101f0f1d4?, 0x0?, 0x0?, 0x0?)
	runtime/proc.go:462 +0xbc fp=0xff305e04680 sp=0xff305e04660 pc=0x100eab8ec
runtime.chanrecv(0xff305e0c230, 0x0, 0x1)
	runtime/chan.go:667 +0x470 fp=0xff305e04700 sp=0xff305e04680 pc=0x100e391d0
runtime.chanrecv1(0x0?, 0x0?)
	runtime/chan.go:509 +0x14 fp=0xff305e04730 sp=0xff305e04700 pc=0x100e38d24
github.com/aquasecurity/trivy/pkg/commands.NotifyContext.func1()
	github.com/aquasecurity/trivy/pkg/commands/signal.go:24 +0x38 fp=0xff305e047d0 sp=0xff305e04730 pc=0x10582cb78
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff305e047d0 sp=0xff305e047d0 pc=0x100eb3ab4
created by github.com/aquasecurity/trivy/pkg/commands.NotifyContext in goroutine 1
	github.com/aquasecurity/trivy/pkg/commands/signal.go:23 +0xd8

goroutine 83 gp=0xff3077023c0 m=nil [IO wait]:
runtime.gopark(0xff307309768?, 0x100ed2c68?, 0xf0?, 0x4d?, 0xff307309750?)
	runtime/proc.go:462 +0xbc fp=0xff307309710 sp=0xff3073096f0 pc=0x100eab8ec
runtime.netpollblock(0xff306471300?, 0x1300?, 0x0?)
	runtime/netpoll.go:575 +0x150 fp=0xff307309750 sp=0xff307309710 pc=0x100e6d160
internal/poll.runtime_pollWait(0x10ef72c00, 0x72)
	runtime/netpoll.go:351 +0xa0 fp=0xff307309780 sp=0xff307309750 pc=0x100eaa3a0
internal/poll.(*pollDesc).wait(0xff3071d6100?, 0xff306471300?, 0x0)
	internal/poll/fd_poll_runtime.go:84 +0x28 fp=0xff3073097b0 sp=0xff307309780 pc=0x100efb4e8
internal/poll.(*pollDesc).waitRead(...)
	internal/poll/fd_poll_runtime.go:89
internal/poll.(*FD).Read(0xff3071d6100, {0xff306471300, 0x1300, 0x1300})
	internal/poll/fd_unix.go:165 +0x234 fp=0xff307309850 sp=0xff3073097b0 pc=0x100efc7a4
net.(*netFD).Read(0xff3071d6100, {0xff306471300?, 0xff3073098d8?, 0x100e41668?})
	net/fd_posix.go:68 +0x28 fp=0xff3073098a0 sp=0xff307309850 pc=0x100ff8e98
net.(*conn).Read(0xff307e08240, {0xff306471300?, 0x300471538?, 0x13a8867c0?})
	net/net.go:196 +0x34 fp=0xff3073098f0 sp=0xff3073098a0 pc=0x101008664
crypto/tls.(*atLeastReader).Read(0xff309398018, {0xff306471300?, 0xff307309998?, 0x1011bbd54?})
	crypto/tls/conn.go:815 +0x38 fp=0xff307309940 sp=0xff3073098f0 pc=0x1011bbbf8
bytes.(*Buffer).ReadFrom(0xff307c5b428, {0x10b9aa520, 0xff309398018})
	bytes/buffer.go:229 +0x90 fp=0xff3073099a0 sp=0xff307309940 pc=0x100f157e0
crypto/tls.(*Conn).readFromUntil(0xff307c5b188, {0x10b9af000, 0xff307e08240}, 0x10c8?)
	crypto/tls/conn.go:837 +0xcc fp=0xff3073099e0 sp=0xff3073099a0 pc=0x1011bbdbc
crypto/tls.(*Conn).readRecordOrCCS(0xff307c5b188, 0x0)
	crypto/tls/conn.go:626 +0x338 fp=0xff307309bd0 sp=0xff3073099e0 pc=0x1011b96e8
crypto/tls.(*Conn).readRecord(...)
	crypto/tls/conn.go:588
crypto/tls.(*Conn).Read(0xff307c5b188, {0xff308c1e000, 0x1000, 0xff300000000?})
	crypto/tls/conn.go:1393 +0x14c fp=0xff307309c40 sp=0xff307309bd0 pc=0x1011bf0ec
bufio.(*Reader).Read(0xff308c1a6c0, {0xff308486124, 0x9, 0x101266bc4?})
	bufio/bufio.go:245 +0x188 fp=0xff307309c80 sp=0xff307309c40 pc=0x101020958
io.ReadAtLeast({0x10b9a9a60, 0xff308c1a6c0}, {0xff308486124, 0x9, 0x9}, 0x9)
	io/io.go:335 +0x98 fp=0xff307309cd0 sp=0xff307309c80 pc=0x100ef0178
io.ReadFull(...)
	io/io.go:354
net/http.http2readFrameHeader({0xff308486124, 0x9, 0xff300000001?}, {0x10b9a9a60?, 0xff308c1a6c0?})
	net/http/h2_bundle.go:1805 +0x58 fp=0xff307309d20 sp=0xff307309cd0 pc=0x101243798
net/http.(*http2Framer).ReadFrameHeader(0xff3084860e0)
	net/http/h2_bundle.go:2071 +0x60 fp=0xff307309db0 sp=0xff307309d20 pc=0x1012442a0
net/http.(*http2Framer).ReadFrame(0xff3084860e0)
	net/http/h2_bundle.go:2130 +0x20 fp=0xff307309df0 sp=0xff307309db0 pc=0x101244960
net/http.(*http2clientConnReadLoop).run(0xff307309f98)
	net/http/h2_bundle.go:9550 +0xb8 fp=0xff307309f40 sp=0xff307309df0 pc=0x101264608
net/http.(*http2ClientConn).readLoop(0xff306a2afc0)
	net/http/h2_bundle.go:9419 +0x4c fp=0xff307309fb0 sp=0xff307309f40 pc=0x1012639ec
net/http.(*http2Transport).newClientConn.gowrap1()
	net/http/h2_bundle.go:8171 +0x20 fp=0xff307309fd0 sp=0xff307309fb0 pc=0x10125d9e0
runtime.goexit({})
	runtime/asm_arm64.s:1447 +0x4 fp=0xff307309fd0 sp=0xff307309fd0 pc=0x100eb3ab4
created by net/http.(*http2Transport).newClientConn in goroutine 82
	net/http/h2_bundle.go:8171 +0xa6c

This can be observed locally on MacOS and in a GitHub self-hosted runner after a (Terraform) directory scan.
Potentially an issue with this

trivy/pkg/iac/scanners/terraform/parser/sort.go

Lines 32 to 58 in 6fb20c8

    
           func (c *counter) countBlockRecursion(block *terraform.Block, blocks terraform.Blocks, count int) int { 
        
           	metadata := block.GetMetadata() 
        
           	if cached, ok := c.cache[metadata.Reference()]; ok { 
        
           		return cached 
        
           	} 
        
           	var maxCount int 
        
           	var hasRecursion bool 
        
           	for _, attrName := range []string{"for_each", "count"} { 
        
           		if attr := block.GetAttribute(attrName); attr.IsNotNil() { 
        
           			hasRecursion = true 
        
           			for _, other := range blocks { 
        
           				if attr.ReferencesBlock(other) { 
        
           					depth := c.countBlockRecursion(other, blocks, count) 
        
           					if depth > maxCount { 
        
           						maxCount = depth 
        
           					} 
        
           				} 
        
           			} 
        
           		} 
        
           	} 
        
           	if hasRecursion { 
        
           		maxCount++ 
        
           	} 
        
           	result := maxCount + count 
        
           	c.cache[metadata.Reference()] = result 
        
           	return result 
        
           }

?

Desired Behavior

No error, no crash

Actual Behavior

See above

Reproduction Steps

1. Run trivy with `trivy fs . --scanners vuln,misconfig --exit-code 1 --severity CRITICAL,HIGH --format table --debug`
2. Observe the stack overflow error

Target

Git Repository

Scanner

Vulnerability

Output Format

Table

Mode

Standalone

Debug Output

Same as above

Operating System

Linux and MacOS

Version

v0.69.3

Checklist

Run trivy clean --all
Read the troubleshooting

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Terraform scan stack overflow in countBlockRecursion (sort.go) - v0.69.3 #10466

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 0 comments

Select a reply

Uh oh!

Terraform scan stack overflow in countBlockRecursion (sort.go) - v0.69.3 #10466

Uh oh!

Uh oh!

dabcoder Mar 31, 2026

Description

Desired Behavior

Actual Behavior

Reproduction Steps

Target

Scanner

Output Format

Mode

Debug Output

Operating System

Version

Checklist

Replies: 0 comments

dabcoder
Mar 31, 2026