When using the tofu+pgp trust model, GPA is sometimes unable to display anything and appears to be stuck as soon as the keyring editor is started (gpa -k). No key is displayed and the interface does not respond to user actions (menus are displayed but clicking on any menu item, or on any other part of the interface, produces no effect).
Here are some observations (initially done with GnuPG 2.2.4 / GPA 0.9.10, and reproduced with a development version freshly built with Speedo from the master branch of all involved projects):
- While GPA is stuck, two gpg processes are running and one of them is mobilizing 100% of CPU time according to top(1).
- For information, here are the GPG processes started by GPA (the process mobilizing the CPU is the second one, with --list-secret-keys):
13151 pts/3 SL+ 0:00 gpg --batch --no-sk-comments --lc-messages en_US.UTF-8 --lc-ctype en_US.UTF-8 --status-fd 8 --no-tty --charset utf8 --enable-progress-filter --exit-on-status-write-error --display :0 --ttyname /dev/pts/3 --ttytype rxvt-unicode --with-colons --list-keys -- 13155 pts/3 RL+ 0:14 gpg --batch --no-sk-comments --lc-messages en_US.UTF-8 --lc-ctype en_US.UTF-8 --status-fd 13 --no-tty --charset utf8 --enable-progress-filter --exit-on-status-write-error --display :0 --ttyname /dev/pts/3 --ttytype rxvt-unicode --with-colons --list-secret-keys --
- The problem is dependent on the tofu+pgp trust model. Changing the trust model to pgp eliminates the problem. If I switch back to tofu+pgp the problem occurs again.
- The contents of the TOFU database does not seem to matter. If I remove the tofu.db file and let gpg rebuilds a new database from scratch, the problem occurs all the same.
- After killing GPA when it is stuck, there are two supplementary files tofu.db-journal and tofu.db-want-lock in the GnuPG home directory.
- The problem does not seem to be triggered by a specific key, but rather seems to depend on the size of the public keyring. I tried importing (parts of) my public keyring to a fresh new GNUPGHOME, and I observed the following:
- If I import the entirety of my current public keyring (100 keys, including mine), the bug occurs.
- If I import my current public keyring in several chunks, everything works fine until I have imported ~95 keys. After importing a 96th key, the bug occurs. Removing any single key (not necessarily the last one) clears the problem.
- This 95-keys threshold is variable. In some of my tests, GPA was still working with a public keyring of 96 keys, and the problem only occurred after importing a 97th key.
I am at a loss trying to figure out what the cause of the problem could be, so I am hoping someone here will be able to shed some light on this issue. I can perform more tests if needed, and/or I can also provide my public keyring if necessary.
If that's relevant (I doubt it but who knows), all tests were performed on Slackware Linux, linux-4.4.12, glibc-2.23, gtk-2.24.31.