assertion failure / key-locate local / macOS

Phil Pennock gnupg-devel at
Sat Mar 4 07:10:29 CET 2017

On macOS with GnuPG 2.1.19 installed via Homebrew
(homebrew/versions/gnupg21 bottled) the failure was initially seen with:

  % gpg --auto-key-locate dane --locate-keys phil.pennock at
  gpg: Ohhhh jeeee: Assertion "uid->ref > 0" in free_user_id failed (free-packet.c:310)
  zsh: abort      gpg --auto-key-locate dane --locate-keys phil.pennock at

This seems to be tied to the implicit `local` ahead of the dane.  I
can't yet narrow down what other pre-requisites exist in state.

I am unable to reproduce with my Linux build, despite both being GnuPG
2.1.19 with libgcrypt 1.7.6.  The `clear` and `nodefault` parameter
values don't impact upon it.  I've tried on Linux without a secret
keyring, with a secret keyring with that secret key and with a secret
keyring with a different key.

I can't reproduce with an empty GNUPGHOME.

If I use `--auto-key-locate nodefault,dane` then it does not crash.  I
do NOT set `auto-key-locate` in the ~/.gnupg/gpg.conf on this box.

  for M in cert pka dane wkd ldap keyserver keyserver-URL local
    echo $M
    gpg --auto-key-locate nodefault,$M --locate-keys phil.pennock at
=> only one failure:

  gpg: please do a --check-trustdb
  gpg: automatically retrieved 'phil.pennock at' via Local
  gpg: Ohhhh jeeee: Assertion "uid->ref > 0" in free_user_id failed (free-packet.c:310)

I also had a warning about an old gpg-agent (2.1.18), so I used gpgconf
to kill it and tried the loop again; no failures.  So I tried the
original command again (first in this mail) and it died in the same way
again.  Running the loop again thereafter, I see the assertion failure.

Killing the gpg-agent again does not cause gpg to dodge the assertion
failure on the next run.

The secret keyring on this box does have two different keys with that
email address on them, _not_ the key in DNS via PKA / OPENPGPKEY:

------------------------8< macOS secret keys >8-------------------------
sec   nistp256 2016-02-06 [SC] [expires: 2018-09-01]
uid           [ultimate] Phil Pennock (Laptop & exposed) <phil.pennock at>

sec   rsa2048 2016-09-01 [SC]
uid           [ultimate] Phil Pennock (keybase) <phil at>
uid           [ultimate] Phil Pennock (keybase) <phil.pennock at>
ssb   rsa2048 2016-09-01 [E]
------------------------8< macOS secret keys >8-------------------------

The key being retrieved is my main key, reduced to only non-expired
self-sigs (using a git-HEAD build on the Linux machine where that
keyring lives).

Reading the source at that line just tells me that `free_user_id()` was
called for a uid with a ref-count of zero.

I have been unable to trigger this assertion failure in a temporary
GnuPG home, no matter what order I try the options in; the temporary
GnuPG home is setup with just:

  export GNUPGHOME=$(mktemp -d)

The build recipe for the assertion-violating macOS install is at:

% otool -L =gpg
	/usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.8)
	/usr/lib/libbz2.1.0.dylib (compatibility version 1.0.0, current version 1.0.5)
	/usr/local/opt/gettext/lib/libintl.8.dylib (compatibility version 10.0.0, current version 10.5.0)
	/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation (compatibility version 150.0.0, current version 1348.28.0)
	/usr/lib/libsqlite3.dylib (compatibility version 9.0.0, current version 253.0.0)
	/usr/local/opt/libgcrypt/lib/libgcrypt.20.dylib (compatibility version 22.0.0, current version 22.6.0)
	/usr/local/opt/libgpg-error/lib/libgpg-error.0.dylib (compatibility version 22.0.0, current version 22.0.0)
	/usr/local/opt/libassuan/lib/libassuan.0.dylib (compatibility version 8.0.0, current version 8.3.0)
	/usr/lib/libiconv.2.dylib (compatibility version 7.0.0, current version 7.0.0)
	/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.0.0)

% readlink /usr/local/opt/{libgcrypt,libgpg-error,libassuan,gettext}

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 996 bytes
Desc: Digital signature
URL: </pipermail/attachments/20170304/90819794/attachment.sig>

More information about the Gnupg-devel mailing list