-
Notifications
You must be signed in to change notification settings - Fork 30.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
deps: switch to chromium's zlib implementation #31201
Conversation
Do we know why they aren't included upstream? If it's because of compatibility or something like that we'd need to be careful. |
madler/zlib#346 seems related |
Not sure what is up with the Windows failures. I'm not even able to successfully install the 2017 or 2019 build tools or community edition to duplicate the problem myself and the CI logs show no output. |
/cc @nodejs/build ? |
https://ci.nodejs.org/job/node-compile-windows/31073/nodes=win-vs2019/console worrisome or not? I don't know.
build continued, failed at
possibly related to #30954 ? |
Is it possible chromium only builds with llvm on Windows, so the .gyp file you pulled in doesn't work for node? |
Chromium doesn't use gyp any more -- the gyp file is all ours. Lines 783 to 809 in 20fd123
All current references in our gyp files to |
Do we expose the bindings for zlib? What guarantees do we have for ABI compatibility between V8 versions? What about security releases? Not blocking, just want to ensure that coupling these dependencies won't put us in a weird place. |
Yes, we do. From https://nodejs.org/dist/latest-v13.x/docs/api/addons.html#addons_c_addons:
|
Since we expose the bindings I would love to see some historical data about how much V8 has updated zlib and what ABI assurances we have. It might even make sense to duplicate the zlib and periodically update it ourselves, but that might be overkill |
Everything is passing now. AFAIK there should be no ABI issues. Do we have something in CI to check this sort of thing? |
deps/zlib/zconf.h
Outdated
/* This include does prefixing as below, but with an updated set of names. Also | ||
* sets up export macros in component builds. */ | ||
//#include "chromeconf.h" | ||
//#endif |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any particular reason this is commented out instead of #define
ing CHROMIUM_ZLIB_NO_CHROMECONF
in zlib.gyp
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IIRC there were issues with zlib addon or similar tests.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The define would have to end up in common.gypi
, I think.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can do that if that's more desirable.
Yeah, this looks good API/ABI-wise |
This seems relevant: https://cs.chromium.org/chromium/src/third_party/zlib/patches/README?g=0 If this information is updated, there are only three patches applied on top of upstream zlib, one of them being purely build infrastructure changes. The relevant changes would be in https://cs.chromium.org/chromium/src/third_party/zlib/patches/0001-simd.patch?g=0, which are (probably) the same changes available in the zlib provided by Intel (https://software.intel.com/en-us/articles/how-to-use-zlib-with-intel-ipp-optimization). The last patch is one line change which shouldn't affect API/ABI. Edit: looking at Chromium git history, the patches listed above are outdated. There's also ARM optimizations, among other changes. FWIW, other companies also have their zlib forks with optimizations which are not merged upstream: Intel: https://github.com/jtkukunas/zlib |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The benchmarks are LG to me % var
For @nodejs/releasers this has broken builds from the source tarball and would need to land on, e.g. 12.x, with whatever fixes it. |
I'm surprised it passes cleanly in a build through Chromium bots (we enable quite a few warning flags for clang, also got MSAN/ASAN active and fuzzers). A quick look confirms that the impacted code is not part of the optimizations per-si, as it comes straight from zlib upstream: I think the fall through case is on purpose here, therefore a false positive. Finally, I noticed that the hash imported seems to be missing the fix for an uninitialized jump (landed on 23th Jan): If updating to Chromium's ToT (Top of Tree) is too hard, I would recommend to at least apply the fix on what you guys are shipping. I'm working in some new optimizations and when I land this new work (will take a few months), I can provide a heads up, but then it would be the time to get in-sync with ToT, I'm afraid. |
See: - #31201 PR-URL: #31800 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Beth Griggs <[email protected]>
if you want to search for other optimisations this repo summarize it : |
See: - #31201 PR-URL: #31800 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Beth Griggs <[email protected]>
This implementation provides optimizations not included upstream. PR-URL: #31201 Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Benjamin Gruenbaum <[email protected]>
See: - #31201 PR-URL: #31800 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Beth Griggs <[email protected]>
This implementation provides optimizations not included upstream. PR-URL: #31201 Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Benjamin Gruenbaum <[email protected]>
See: - #31201 PR-URL: #31800 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Beth Griggs <[email protected]>
This implementation provides optimizations not included upstream. PR-URL: nodejs#31201 Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Benjamin Gruenbaum <[email protected]>
See: - nodejs#31201 PR-URL: nodejs#31800 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Beth Griggs <[email protected]>
This implementation provides optimizations not included upstream. PR-URL: #31201 Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Benjamin Gruenbaum <[email protected]>
See: - #31201 PR-URL: #31800 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Beth Griggs <[email protected]>
I'm unsure what is the best way to reach out to node.js developers, but in face of the newly reported CVE impacting zlib (https://nvd.nist.gov/vuln/detail/CVE-2018-25032), I just wanted to share that we have backported the fix to Chromium's zlib all the way back in 2018 (madler/zlib#605 (comment)). From a security point of view, if you are running Chromium's zlib you should be fine. I'm actively inspecting the patches featured in zlib 1.2.12 and porting them to Chromium. |
The work updating Chromium's zlib to zlib 1.2.12 is tracked here: |
This implementation provides optimizations not included upstream.
Benchmark results:
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passes