[Bug 1396787] Re: checking trust of archives eats a lot of cpu

Launchpad Bug Tracker 1396787 at bugs.launchpad.net
Thu Jul 19 09:45:34 UTC 2018 

This bug was fixed in the package unattended-upgrades -
1.1ubuntu1.18.04.4

---------------
unattended-upgrades (1.1ubuntu1.18.04.4) bionic; urgency=medium

  * Redirect stderr output in upgrade-between-snapshots, too, otherwise it
    breaks the test sometimes (LP: #1781446)

unattended-upgrades (1.1ubuntu1.18.04.3) bionic; urgency=medium

  * Redirect stderr output in upgrade-all-security, otherwise it breaks the
    test (LP: #1781446)

unattended-upgrades (1.1ubuntu1.18.04.2) bionic; urgency=medium

  [ Balint Reczey ]
  * Clear cache when autoremoval is invalid for a package set marked for
    removal and clear cache after failed commits to return from a possibly
    invalid state (LP: #1779157)
  * Don't start or gracefully stop upgrade on battery (LP: #1773033)
  * Skip updates on metered connections (Closes: #855570) (LP: #1781183)
  * Add debian/tests/upgrade-all-security to install all current security updates.
    On development releases this tests latest stable, on stable releases it tests
    the release itself.
  * Speed up unattended-upgrade (Closes: #892028, #899366) (LP: #1396787)
    - Adjust candidates only for packages to be possibly installed
    - Filter out packages cheaper when they are not from allowed origins
    - Collect autoremovable packages, too, when looking for upgradable ones
    - Measure time of running with --dry-run in autopkgtests
  * Skip starting init.d script in debhelper-generated postinst part
    (LP: #1778800)

  [ Ivan Kurnosov ]
  * Fixed is_pkgname_in_blacklist to be side-effect free. (LP: #1781176)
    Otherwise 'is_pkgname_in_blacklist' mutates the 'pkgs_kept_back' and
    'unattended-upgrades' treats the package as a blacklisted candidate

 -- Balint Reczey <rbalint at ubuntu.com>  Fri, 13 Jul 2018 10:36:23 +0200

** Changed in: unattended-upgrades (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/1396787

Title:
  checking trust of archives eats a lot of cpu

Status in unattended-upgrades package in Ubuntu:
  Fix Released
Status in unattended-upgrades source package in Bionic:
  Fix Released

Bug description:
  [Impact]

   * Unattended-upgrades consumes tens of seconds or even minutes of CPU
  time to verify the origin of the packages

   * Using excessive amount of CPU is unpleasant for desktop/laptop
  users and also wastes computation time on servers/cloud instances.

   * Unattended-upgrades' algorithm for checking and adjusting package
  origins is redesigned to visit and adjust less packages.

  [Test Case]

   * The added upgrade-all-security autopkgtest measure the time u-u needs for upgrading security updates on the tested release starting with no security updates applied to the point where all security updates are applied but all packages are left upgradable from <release>-updates. The test also measures the time needed for --dry-run to find no updates to be installed unattended.
  * Please run autopkgtests and look for the to time results:
  ...
  All upgrades installed
  44.41user 3.06system 0:48.35elapsed 98%CPU (0avgtext+0avgdata 164872maxresident)k
  208inputs+192376outputs (0major+642657minor)pagefaults 0swaps
  ...
  No packages found that can be upgraded unattended and no pending auto-removals
  2.83user 0.11system 0:02.98elapsed 98%CPU (0avgtext+0avgdata 79308maxresident)k

  
  [Regression Potential] 

   * Due to algorithm redesign there is a risk that packages from
  allowed origins are not upgraded. There were unit tests for testing
  the selection of the right packages to upgrade already, but a new
  autopkgtest is also introduce to verify u-u's behavior on current
  real-life security-updates.

  
  [Original bug text]

  (System: Ubuntu 14.04, up to date packages)

  I noticed that unattended-upgrades spends a significant amount of time
  in phases where it runs at 100% cpu. On a slower machine (core 2 t7200
  2GHz) this goes on for minutes rather than seconds. This interferes
  with using the machine for other tasks.

  Using the --debug option to unattended-upgrades shows that the program
  outputs a lot of lines like the following during these 100% cpu
  phases:

  matching 'a'='trusty-updates' against '<Origin component:'universe'
  archive:'trusty-updates' origin:'Ubuntu' label:'Ubuntu'
  site:'de.archive.ubuntu.com' isTrusted:True>

  From this output I guess the operation executed is not so complicated
  that it should require so much cpu power. ??

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: unattended-upgrades 0.82.1ubuntu2
  ProcVersionSignature: Ubuntu 3.13.0-40.69-generic 3.13.11.10
  Uname: Linux 3.13.0-40-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.5
  Architecture: amd64
  Date: Wed Nov 26 21:53:57 2014
  InstallationDate: Installed on 2014-08-28 (90 days ago)
  InstallationMedia: Kubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140416.1)
  PackageArchitecture: all
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=de_DE.UTF-8
   SHELL=/bin/bash
  SourcePackage: unattended-upgrades
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1396787/+subscriptions

More information about the foundations-bugs mailing list