[wp-trac] [WordPress Trac] #47186: At least one function in /wp-includes/sodium_compat/src/Core32 times out on 32 bit servers

WordPress Trac noreply at wordpress.org
Mon May 13 07:40:48 UTC 2019 

#47186: At least one function in /wp-includes/sodium_compat/src/Core32 times out on
32 bit servers
-------------------------------------+-------------------------------------
 Reporter:  lovingboth               |       Owner:
                                     |  paragoninitiativeenterprises
     Type:  defect (bug)             |      Status:  reopened
 Priority:  normal                   |   Milestone:  5.2.1
Component:  Upgrade/Install          |     Version:  5.2
 Severity:  normal                   |  Resolution:
 Keywords:  needs-testing has-patch  |     Focuses:
  commit                             |
-------------------------------------+-------------------------------------

Comment (by dd32):

 I've tested on a few platforms to get some rough comparative numbers. In
 all cases below the VM/device was only running PHP-CLI and nothing more.
 ||Platform||ext/sodium||Sodium_Compat as included with WP
 5.2||Sodium_Compat at git HEAD||
 ||32bit Raspberry Pi Zero W||0.006s||~310s||~50s||
 ||32bit DigitalOcean VM||0.0005s||~30s||~2.5s||
 ||64bit VPS||0.0003s||0.7s||0.7s||

 Although the DigitalOcean instance is much faster, it was also at 100% CPU
 utilisation during the operations above.
 Enabling XDebug also slows it down significantly, For example taking the
 `2.5s` to `~15s`.

 Ignoring the Raspberry Pi result (one of the lowest power CPU cores
 possible), it seems that updating just the library is probably enough for
 the majority of sites.
 Realistically though we don't want things to timeout on low-end systems
 either, but simply looking at `max_execution_time` doesn't give us a
 reasonable idea on if it's likely to timeout..

 Would it perhaps be possible to "guess" the performance of the system when
 running in 32bit mode? I'm thinking something like "Run 100 Int64
 multiplications, if it takes longer than 10ms it's a super-slow system".
 Looks like the 32bit DigitalOcean VM above can run ~55k/s
 `ParagonIE_Sodium_Core32_Int64::mulInt64Fast()`'s, whereas the pi can only
 do 4.6k/s.

 I think there's a high chance that recent PHP's would optimise it out if
 done wrong, but without some kind of check I suspect we're either going to
 result in timeouts on low-spec home-servers (Pi's, NAS boxes, etc) or to
 have to disable it for all 32bit's.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/47186#comment:32>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list