-
Notifications
You must be signed in to change notification settings - Fork 519
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cataloging large images is taking too long #696
Comments
This seems to happen while generating output in the |
@wagoodman, just a random thought here, but is it possible it's getting into some sort of loop with relationships or something? |
That's a good find! When I run with the default output format, it takes a bit of time (this is a large image, and Syft is thorough), but it definitely doesn't get stuck. I believe this started in v0.31.0. |
It is indeed related to the JSON output format. Doing the same scan but this time with output in cyclonedx format goes well. When reverting to version v0.30.1 the JSON output works fine for this image. |
Thanks for confirming! We're looking at this now. A current theory is a performance cost by our new hash-based method of IDing packages... 🤔 |
No, thank you for the quick analysis.
I’m quite sure you’ll find a solution. Right now JSON is the only supported format for ‘grype’ and working with a SBOM speeds up analysis quite a bit.
So I’ll keep my eye on the future versions.
… On 15 Dec 2021, at 15:56, Dan Luhring ***@***.***> wrote:
Thanks for confirming!
We're looking at this now. A current theory is a performance cost by our new hash-based method of IDing packages... 🤔
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <#696 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ACVYZA6J3KSR67XYMTJGD23URCUB3ANCNFSM5KDQO7PA>.
Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
@westonsteimel we've ruled out any infinite loops of relationships for this particular case, and I think the way that we use relationship objects internally would prevent an infinite loops here.
Indeed! Something that the (I included only the section from the pprof graph that "stood out" since it was pretty large) We recently stabilized the package ID based on the contents of what is in a package (#363), which leverages the hashstructure lib for dynamically computing the hash of the package object (and we use that hash as the ID of the object). I added in more features around relationship support, which utilizes After chatting it through with the team I think the best path forward is to implement memoization around the package ID after a certain point in processing. We already have the convention that packages after a certain point in processing do not change, so this change would leverage that assumption. I'll get this change in ASAP --Thanks for reporting @mverleun and for investigating @westonsteimel @luhring @spiffcs . |
We also are seeing an issue with this. A commit yesterday hung for over 2 hours before I stopped it. Unfortunately the logs aren't great quality, but that step essentially runs |
What happened:
When cataloging docker images using a script
syft
got stuck at one image and continued to consume quite a lot of CPU.The image that caused trouble is
gitlab/gitlab-ce:latest
What you expected to happen:
I would expect that
syft
would catalog this image as good as any other image.How to reproduce it (as minimally and precisely as possible):
Download the image and catalog it:
Anything else we need to know?:
Scanning the same image with
grype
goes well.Environment:
Output of
syft version
:Application: syft
Version: 0.32.2
BuildDate: 2021-12-14T17:38:52Z
GitCommit: 727b84c
GitTreeState: clean
Platform: linux/amd64
GoVersion: go1.16.11
Compiler: gc
OS (e.g:
cat /etc/os-release
or similar):NAME="Ubuntu"
VERSION="20.04.3 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.3 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal
The text was updated successfully, but these errors were encountered: