snappy-java icon indicating copy to clipboard operation
snappy-java copied to clipboard
verified publisher icon xerial

Performance regression with 1.1.10.4?

Open whenamanlies opened this issue 2 years ago • 5 comments

We are moving from 1.1.10.3 to 1.1.10.4 (for CVE-2023-43642) and observing performance regressions (reading parquet, if that's important). Anyone else observing similar?

Wonder if there's a tie to snappy's upgrade from 1.1.8 to 1.1.10. Snappy project has been quiet lately however there's at least one similar report in snappy-compression Google Group.

whenamanlies avatar Dec 07 '23 20:12 whenamanlies

Since https://github.com/xerial/snappy-java/releases/tag/v1.1.10.4, the internal snappy version has upgraded to snappy 1.1.10. Until snappy-java 1.1.10.3, snappy 1.1.8 was unexpectedly used.

If the original Snapy 1.1.10 has performance regression, it should be the cause. The CVE fix looks unrelated as Parquet-mr is not using SnappyInput/OutputStream as far as I know.

xerial avatar Dec 07 '23 21:12 xerial

Agree it is not a CVE fix.

@xerial have a communication channel with @pwnall?

whenamanlies avatar Dec 08 '23 15:12 whenamanlies

@whenamanlies No. The best way is to report the regression at snappy https://github.com/google/snappy and fix it there.

xerial avatar Dec 11 '23 00:12 xerial