Page MenuHome GnuPG
Create Task
Maniphest T1034

gnupg eats the whole memory and stalls importing large keyrings
Closed, ResolvedPublic
Actions

Description

See: http://bugs.debian.org/345911

Importing a large keyring, in this case the Debian keyring with around 1000
keys, is slow, needs a lot of memory and might stall. In case you want to try
yourself, the keyring can be found in http://packages.debian.org/debian-keyring.

When I recently tried to reproduce the issue in a Debian Sid CHROOT, the system
ran out of memory so the kernel began to kill other processes (1GB RAM + 4GB
Swap; amd64; after 15 minutes top showed VIRT>1GB, RES>500MB).

The strace was similar to the one in the report. If I can provide more
information, please let me know.

Details

External Link
http://bugs.debian.org/345911
Version
1.4. and 2.0

Related Objects

Event Timeline

dleidert added projects: Debian, Bug Report.May 5 2009, 4:12 PM
dleidert added a subscriber: dleidert.
werner set External Link to http://bugs.debian.org/345911.May 5 2009, 4:50 PM
werner added a subscriber: werner.May 6 2009, 10:28 AM

Right, there is a nasty memory leak. It took me at least 6 hours to import an
8.5MB keyring. After the fix I was able to import the same keyring in 18
minutes including the trustdb check. Find attached a patch against 1.4.9 which
should also work against 1.4.7 and with slight adjustments for older versions.
It does work with GnuPG-2 as well.

Note that for testing the option --no-auto-check-trustdb might be useful because
it skips the step to build the trustdb.

werner added a comment.May 6 2009, 10:28 AM

D84: 219_gnupg-bug1034.diff

werner set Version to 1.4. and 2.0.May 6 2009, 10:28 AM
werner added projects: Restricted Project, gpa.
werner added a comment.Jun 17 2009, 4:19 PM

2.0.12 has been released. Patch for 1.4.9 is available.

werner closed this task as Resolved.Dec 21 2009, 7:16 PM
werner claimed this task.
werner removed a project: Restricted Project.