Gentle ping on this.
If this is not wanted, then say. Otherwise, I will create an issue on
https://github.com/golang/go to reach out to the relevant folk directly.
Regards,
Tom
On Wednesday, April 23, 2025 at 1:11:22 AM UTC+2 twp...@gmail.com wrote:
> tl;dr importing golang.org/x/crypto/x509roots/fallback adds ~8ms to the
> startup time of every program or library that imports it. I would like this
> cost to be zero and would be happy to contribute a fix.
>
> Running the following program:
>
> package main
> import _ "golang.org/x/crypto/x509roots/fallback"
> func main() {}
>
> with the command:
>
> $ go build -o tmp main.go
> $ GODEBUG=inittrace=1 ./tmp |& awk '{print $5, $6, $2}' | sort -n |
> tail -n 3
> 0.043 ms internal/godebug
> 0.052 ms runtime
> 8.8 ms golang.org/x/crypto/x509roots/fallback
>
> shows that golang.org/x/crypto/x509roots/fallback adds an 9ms start-up
> cost on a fast CPU (AMD Ryzen 8700G). This cost is paid whether or not the
> fallback X.509 certificates are used or not.
>
> From looking at the code
> <https://go.googlesource.com/crypto/+/refs/tags/v0.37.0/x509roots/fallback/>,
> it seems that the CPU is cost is due to parsing about 150 certificates in
> .PEM format in the package's unskippable init function.
>
> The obvious, easy, backwards-compatible fix would be to parse the .PEM
> files while executing the template that generates bundle.go, instead of
> parsing them every time at startup.
>
> Would you accept a CL to fix this?
>
> Tom
>
--
You received this message because you are subscribed to the Google Groups
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion visit
https://groups.google.com/d/msgid/golang-nuts/a9694f82-1dcd-4eb3-8c5f-874c990363a4n%40googlegroups.com.
