1.12.0-rc2 anytls节点crash #3200
Description
操作系统
Linux
系统版本
Debian12
安装类型
sing-box 原始命令行程序
如果您使用图形客户端程序,请提供该程序版本。
No response
版本
sing-box version 1.12.0-rc.2
Environment: go1.24.5 linux/amd64
Tags: with_gvisor,with_quic,with_dhcp,with_wireguard,with_utls,with_acme,with_clash_api,with_tailscale
Revision: 082572433eca9329b205a0ec1e3c47f27f88df30
CGO: disabled描述
更新rc2之后,启动之后测试连接,直接crash,日志如下:
runtime error: invalid memory address or nil pointer dereference
goroutine 81 [running]:
net/http.(*conn).serve.func1()
net/http/server.go:1947 +0xbe
panic({0x1927020?, 0x2e16c80?})
runtime/panic.go:792 +0x132
github.com/sagernet/sing-box/common/tls.NewSTDClient.func1({0x304, 0x0, 0x0, 0x1301, {0x0, 0x0}, 0x1, {0x0, 0x0}, {0xc00039b140, ...}, ...})
github.com/sagernet/sing-box/common/tls/std_client.go:90 +0x2d
crypto/tls.(*Conn).verifyServerCertificate(0xc0003a1508, {0xc0002cabd0, 0x2, 0x2})
crypto/tls/handshake_client.go:1177 +0x955
crypto/tls.(*clientHandshakeStateTLS13).readServerCertificate(0xc0001988d8)
crypto/tls/handshake_client_tls13.go:658 +0x26f
crypto/tls.(*clientHandshakeStateTLS13).handshake(0xc0001988d8)
crypto/tls/handshake_client_tls13.go:136 +0x74c
crypto/tls.(*Conn).clientHandshake(0xc0003a1508, {0x1f8e9d8, 0xc0002a0500})
crypto/tls/handshake_client.go:379 +0x810
crypto/tls.(*Conn).handshakeContext(0xc0003a1508, {0x1f8e9d8, 0xc0002a04b0})
crypto/tls/conn.go:1568 +0x39a
crypto/tls.(*Conn).HandshakeContext(0x2e24580?, {0x1f8e9d8?, 0xc0002a04b0?})
crypto/tls/conn.go:1508 +0x1d
github.com/sagernet/sing/common/tls.ClientHandshake({0x1f8e9d8, 0xc0002a04b0}, {0x1f9bb50?, 0xc0003b4c80?}, {0x1f97d70?, 0xc00037efc0?})
github.com/sagernet/sing@v0.7.0-beta.1.0.20250722151551-64142925accb/common/tls/config.go:61 +0x85
github.com/sagernet/sing-box/common/tls.ClientHandshake({0x1f8e9a0?, 0xc0002ca990?}, {0x1f9bb50, 0xc0003b4c80}, {0x1f97d70, 0xc00037efc0})
github.com/sagernet/sing-box/common/tls/client.go:43 +0x9d
github.com/sagernet/sing-box/protocol/anytls.(*Outbound).dialOut(0xc0002a9440, {0x1f8e9a0, 0xc0002ca990})
github.com/sagernet/sing-box/protocol/anytls/outbound.go:98 +0xe5
github.com/anytls/sing-anytls.(*Client).createOutboundConnection(0xc000341040, {0x1f8e9a0?, 0xc0002ca990?})
github.com/anytls/sing-anytls@v0.0.8/client.go:61 +0x5c
github.com/anytls/sing-anytls/session.(*Client).createSession(0xc00030a380, {0x1f8e9a0?, 0xc0002ca990?})
github.com/anytls/sing-anytls@v0.0.8/session/client.go:138 +0x30
github.com/anytls/sing-anytls/session.(*Client).findSession(0xc00030a380, {0x1f8e9a0, 0xc0002ca990})
github.com/anytls/sing-anytls@v0.0.8/session/client.go:131 +0x157
github.com/anytls/sing-anytls/session.(*Client).CreateStream(0xc00030a380, {0x1f8e9a0, 0xc0002ca990})
github.com/anytls/sing-anytls@v0.0.8/session/client.go:86 +0xc6
github.com/anytls/sing-anytls.(*Client).CreateProxy(0x1ba8860?, {0x1f8e9a0?, 0xc0002ca990?}, {{{0x0, 0x0}, {0x0}}, 0x1bb, {0xc0003471d8, 0xf}})
github.com/anytls/sing-anytls@v0.0.8/client.go:48 +0x5c
github.com/sagernet/sing-box/protocol/anytls.(*Outbound).DialContext(0xc0002a9440, {0x1f8ea48?, 0xc000116930?}, {0x1c27757, 0x3}, {{{0x0, 0x0}, {0x0}}, 0x1bb, {0xc0003471d8, ...}})
github.com/sagernet/sing-box/protocol/anytls/outbound.go:113 +0x305
github.com/sagernet/sing-box/common/urltest.URLTest({0x1f8ea48, 0xc000116930}, {0xc0003471d0?, 0x10?}, {0x7fc514665898, 0xc0002a9440})
github.com/sagernet/sing-box/common/urltest/urltest.go:96 +0x217
github.com/sagernet/sing-box/experimental/clashapi.proxyRouter.func1.getProxyDelay.3({0x1f8b268, 0xc0002acc40}, 0xc0001e52c0)
github.com/sagernet/sing-box/experimental/clashapi/proxies.go:205 +0x253
net/http.HandlerFunc.ServeHTTP(0xc00011cb40?, {0x1f8b268?, 0xc0002acc40?}, 0xc00020e980?)
net/http/server.go:2294 +0x29
github.com/go-chi/chi/v5.(*Mux).routeHTTP(0xc0002d2de0, {0x1f8b268, 0xc0002acc40}, 0xc0001e52c0)
github.com/go-chi/chi/v5@v5.2.2/mux.go:478 +0x2e2
net/http.HandlerFunc.ServeHTTP(0xc0001e5180?, {0x1f8b268?, 0xc0002acc40?}, 0xc00039b030?)
net/http/server.go:2294 +0x29
github.com/sagernet/sing-box/experimental/clashapi.proxyRouter.func1.findProxyByName.1.1({0x1f8b268, 0xc0002acc40}, 0xc0001e5180)
github.com/sagernet/sing-box/experimental/clashapi/proxies.go:56 +0x159
net/http.HandlerFunc.ServeHTTP(0x1f8e9a0?, {0x1f8b268?, 0xc0002acc40?}, 0xc00039b000?)
net/http/server.go:2294 +0x29
github.com/sagernet/sing-box/experimental/clashapi.parseProxyName.func1({0x1f8b268, 0xc0002acc40}, 0xc0001e5040)
github.com/sagernet/sing-box/experimental/clashapi/proxies.go:41 +0x1ae
net/http.HandlerFunc.ServeHTTP(0xc0002ca810?, {0x1f8b268?, 0xc0002acc40?}, 0xc000191660?)
net/http/server.go:2294 +0x29
github.com/go-chi/chi/v5.(*Mux).ServeHTTP(0xc0002d2de0, {0x1f8b268, 0xc0002acc40}, 0xc0001e5040)
github.com/go-chi/chi/v5@v5.2.2/mux.go:73 +0x32f
github.com/go-chi/chi/v5.(*Mux).Mount.func1({0x1f8b268, 0xc0002acc40}, 0xc0001e5040)
github.com/go-chi/chi/v5@v5.2.2/mux.go:325 +0x1bb
net/http.HandlerFunc.ServeHTTP(0xc00011cb40?, {0x1f8b268?, 0xc0002acc40?}, 0xc0003471a0?)
net/http/server.go:2294 +0x29
github.com/go-chi/chi/v5.(*Mux).routeHTTP(0xc0002d2d80, {0x1f8b268, 0xc0002acc40}, 0xc0001e5040)
github.com/go-chi/chi/v5@v5.2.2/mux.go:478 +0x2e2
net/http.HandlerFunc.ServeHTTP(0xc0002ca810?, {0x1f8b268?, 0xc0002acc40?}, 0xc000191830?)
net/http/server.go:2294 +0x29
github.com/go-chi/chi/v5.(*Mux).ServeHTTP(0xc0002d2d80, {0x1f8b268, 0xc0002acc40}, 0xc0001e5040)
github.com/go-chi/chi/v5@v5.2.2/mux.go:73 +0x32f
github.com/go-chi/chi/v5.(*Mux).Mount.func1({0x1f8b268, 0xc0002acc40}, 0xc0001e5040)
github.com/go-chi/chi/v5@v5.2.2/mux.go:325 +0x1bb
net/http.HandlerFunc.ServeHTTP(0x1f61c60?, {0x1f8b268?, 0xc0002acc40?}, 0x41cdd1?)
net/http/server.go:2294 +0x29
github.com/sagernet/sing-box/experimental/clashapi.NewServer.func1.authentication.1.1({0x1f8b268?, 0xc0002acc40?}, 0x0?)
github.com/sagernet/sing-box/experimental/clashapi/server.go:260 +0x262
net/http.HandlerFunc.ServeHTTP(0xc000347119?, {0x1f8b268?, 0xc0002acc40?}, 0xc00039afd0?)
net/http/server.go:2294 +0x29
github.com/go-chi/chi/v5.(*ChainHandler).ServeHTTP(0xc00011cb40?, {0x1f8b268?, 0xc0002acc40?}, 0xc000347110?)
github.com/go-chi/chi/v5@v5.2.2/chain.go:31 +0x26
github.com/go-chi/chi/v5.(*Mux).routeHTTP(0xc0002d2c60, {0x1f8b268, 0xc0002acc40}, 0xc0001e5040)
github.com/go-chi/chi/v5@v5.2.2/mux.go:478 +0x2e2
net/http.HandlerFunc.ServeHTTP(0xc00034fa40?, {0x1f8b268?, 0xc0002acc40?}, 0xc0001e5040?)
net/http/server.go:2294 +0x29
github.com/sagernet/cors.(*Cors).Handler-fm.(*Cors).Handler.func1({0x1f8b268, 0xc0002acc40}, 0xc0001e5040)
github.com/sagernet/cors@v1.2.1/cors.go:233 +0x17e
net/http.HandlerFunc.ServeHTTP(0x1f8e9d8?, {0x1f8b268?, 0xc0002acc40?}, 0x2e170d0?)
net/http/server.go:2294 +0x29
github.com/go-chi/chi/v5.(*Mux).ServeHTTP(0xc0002d2c60, {0x1f8b268, 0xc0002acc40}, 0xc0001e4f00)
github.com/go-chi/chi/v5@v5.2.2/mux.go:90 +0x2ee
net/http.serverHandler.ServeHTTP({0xc0002ca750?}, {0x1f8b268?, 0xc0002acc40?}, 0x6?)
net/http/server.go:3301 +0x8e
net/http.(*conn).serve(0xc000332240, {0x1f8e9a0, 0xc0003fc2d0})
net/http/server.go:2102 +0x625
created by net/http.(*Server).Serve in goroutine 20
net/http/server.go:3454 +0x485
重现方式
服务端配置:
{
"log": {
"disabled": false,
"level": "error",
"output": "box.log",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "local",
"type": "local"
}
],
"rules": [],
"strategy": "prefer_ipv4",
"final": "local"
},
"inbounds": [
{
"tag": "anytls-in",
"type": "anytls",
"listen": "::",
"listen_port": 31693,
"tcp_fast_open": true,
"users": [
{
"name": "111",
"password": "xxxxxxxxx"
}
],
"tls": {
"enabled": true,
"server_name": "example.com",
"alpn": [
"h2"
],
"min_version": "1.2",
"certificate_path": "crt_path",
"key_path": "key_path"
}
}
],
"route": {
"rules": [
{
"rule_set": "geoip-cn",
"action": "reject"
}
],
"rule_set": [
{
"tag": "geoip-cn",
"type": "remote",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geoip/rule-set/geoip-cn.srs"
}
],
"auto_detect_interface": true,
"final": "direct"
},
"outbounds": [
{
"type": "direct",
"tag": "direct"
}
],
"experimental": {
"cache_file": {
"enabled": true,
"path": "cache.db",
"cache_id": "profile"
}
}
}服务端错误日志:
+0800 2025-07-23 15:26:01 ERROR [2088684554 15.0s] inbound/anytls[anytls-in]: process connection from IP:25536: TLS handshake: context deadline exceeded
+0800 2025-07-23 15:26:01 ERROR [2476773356 15.0s] inbound/anytls[anytls-in]: process connection from IP:25537: TLS handshake: context deadline exceeded
+0800 2025-07-23 15:26:01 ERROR [2226233099 15.0s] inbound/anytls[anytls-in]: process connection from IP:25538: TLS handshake: context deadline exceeded
+0800 2025-07-23 15:26:15 ERROR [1180955668 15.0s] inbound/anytls[anytls-in]: process connection from IP:25554: TLS handshake: context deadline exceeded
+0800 2025-07-23 15:26:16 ERROR [1690525626 15.0s] inbound/anytls[anytls-in]: process connection from IP:25555: TLS handshake: context deadline exceeded
+0800 2025-07-23 15:26:16 ERROR [597883707 15.0s] inbound/anytls[anytls-in]: process connection from IP:25556: TLS handshake: context deadline exceeded
客户端配置:
{
"log": {
"disabled": false,
"level": "debug",
"output": "box.log",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "local",
"type": "local"
},
{
"tag": "google",
"type": "https",
"server": "8.8.8.8",
"detour": "Proxy"
}
],
"rules": [],
"strategy": "prefer_ipv4",
"final": "google"
},
"inbounds": [
{
"type": "mixed",
"tag": "mixed-in",
"listen": "::",
"listen_port": 10800
}
],
"route": {
"rules": [
{
"sniffer": [
"http",
"tls",
"dns",
"quic"
],
"action": "sniff"
},
{
"protocol": "dns",
"action": "hijack-dns"
}
],
"rule_set": [
],
"default_domain_resolver": "local",
"auto_detect_interface": true,
"final": "Proxy"
},
"outbounds": [
{
"tag": "direct",
"type": "direct"
},
{
"tag": "Proxy",
"type": "anytls",
"server": "IP",
"server_port": 31693,
"password": "xxxxxx",
"min_idle_session": 5,
"tcp_fast_open": true,
"tls": {
"enabled": true,
"server_name": "example.com",
"disable_sni": true,
"min_version": "1.3"
}
}
],
"experimental": {
"cache_file": {
"enabled": true,
"path": "cache.db",
"cache_id": "profile"
},
"clash_api": {
"external_controller": "0.0.0.0:9090",
"external_ui": "dashboard",
"external_ui_download_url": "https://github.com/Zephyruso/zashboard/releases/latest/download/dist-cdn-fonts.zip",
"external_ui_download_detour": "Proxy"
}
}
}客户端日志:
+0000 2025-07-23 07:24:52 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:24:52 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:24:53 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:24:53 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:24:53 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:24:54 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:24:54 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:25:18 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:25:19 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:25:19 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:25:45 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:25:46 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:25:46 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:26:00 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:26:01 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
+0000 2025-07-23 07:26:01 INFO outbound/anytls[Proxy]: outbound connection to www.gstatic.com:443
日志
支持我们
- 我已经 赞助
完整性要求
- 我保证阅读了文档,了解所有我编写的配置文件项的含义,而不是大量堆砌看似有用的选项或默认值。
- 我保证提供了可以在本地重现该问题的服务器、客户端配置文件与流程,而不是一个脱敏的复杂客户端配置文件。
- 我保证提供了可用于重现我报告的错误的最简配置,而不是依赖远程服务器、TUN、图形界面客户端或者其他闭源软件。
- 我保证提供了完整的配置文件与日志,而不是出于对自身智力的自信而仅提供了部分认为有用的部分。