Adds option of using ASM for BoringSSL in Python.

[emkornfield]

• Adds a new environment variable for turning on the build of ASM
  for boring SSL.
• Only enables for x86_64 for now. I think this is likely the most
  common target and the only machine I have readily accessible.

Relates to #22382

@lidizheng

[linux-foundation-easycla]

The committers are authorized under a signed CLA.

• ✅ emkornfield (f0f88d0)

[lidizheng]

Good work!

[lidizheng]

prod:grpc/core/experimental/grpc_build_artifacts_multiplatform The full suite of test is triggered manually, not part of CI.

[emkornfield]

@lidizheng based on CI it looks like windows will take more work, so I removed references there. Also I had the wrong filter for mac.

[lidizheng]

prod:grpc/core/experimental/grpc_build_artifacts_multiplatform

[lidizheng]

I'm agree with you to drop Windows for now. The compiler setup could be quite different.

[lidizheng]

I didn't know the distribtest was broken #23461. 🤦

From the log diff, it doesn't look like this PR introduced any new failures. But to be certain, I would suggest to wait 1-2 days for #23461 to be fixed and run those tests again. Meanwhile, can you take a look at the complaints from Sanity Checks

[emkornfield]

@lidizheng I think the sanity tests were broken because of the change needed to boringSSL. The BoringSSL team provided another fix which I've now incorporated (and I believe updated the BoringSSL version to their latest commit.

[lidizheng]

According to the test log for last commit, the Sanity Test looks fixable by running:

tools/buildgen/generate_projects.sh
tools/distrib/yapf_code.sh

On the other hand, the upgrade of BoringSSL allows us to remove hacks. That is great! But if we want to upgrade BoringSSL, the third party library upgrade needs to go in as a separate PR. These upgrades could break tests and may require rollbacks (like the upgrade of upb broke distribtest). Can you create a new PR for the upgrade?

[lidizheng]

This is a quality of life improvement, thanks!

[lidizheng]

FYI, the Sanity Checks can be run locally with:

python tools/run_tests/run_tests.py --use_docker -j 16 -l sanity -c dbg

[emkornfield]

FYI, the Sanity Checks can be run locally with:

Thanks @lidizheng this helped :) I think most of the failures are do to the boringssl upgrade, this sanity checks locally are now passing for #23528 so once that is checked in we can rebase and hopefully they will pass here as well.

[emkornfield]

will update this PR once #23568 is merged.

[emkornfield]

@lidizheng i rebased (and unfortunately this required a force push) I think code should be reviewable now

[emkornfield]

@lidizheng had to force push again to resolve a conflict in setup.py

[lidizheng]

Approved. Tests are green. Starting distribution tests at http://sponge/75aff762-464d-47a6-809c-0150d21cea49.

[emkornfield]

@lidizheng if i read the sponge link correctly it seems everything passed? Any more steps?

[lidizheng]

@emkornfield The sponge link links to the parent Kokoro job, which has a child job. And that child job has a child-child job, which is the distribution test. That one is still ongoing. (I'm merely an end user of this infra system)

[emkornfield]

thanks, I missed the additional spawned job. It looks like it failed compiling on some linux systems because the ".S" files are missing. Does

grpc/tools/run_tests/artifacts/build_artifact_python.sh

Line 55 in 76741f7

| grep -v '\.s$' | grep -v '\.py$' | grep -v '\.hpp$' \

need to be updated or is it likely someplace else that has the issue?

[lidizheng]

@emkornfield After searching, it looks like the only place need to update. There isn't another reference to .s or .inc in scripts. Feel free to push again.

[emkornfield]

@emkornfield After searching, it looks like the only place need to update. There isn't another reference to .s or .inc in scripts. Feel free to push again.

@lidizheng updated.

[lidizheng]

http://sponge/2f1e3487-f0c4-4f00-8c04-3b5853d1c959

[emkornfield]

@lidizheng looks like the child passed this time?

[lidizheng]

Known failures: #23747

[lidizheng]

@emkornfield Thanks for the effort! It's hairy to get everything right in across platform compilation. Glad to see Python binary wheels finally utilize BoringSSL ASM optimization 🔥

[emkornfield]

Looking forward to the GCU savings :) I'll leave windows/32-bit platforms for someone else to look at

[jtattermusch]

Note that XYZ = os.environ.get('GRPC_BUILD_WITH_BORING_SSL_ASM', True) followed by if XYZ: test is fundamentally broken. I just ran into this.

even if you assign the string 'False', 'false', '0' or something like that, the non-empty string still evaluates as 'True'. In combination with the 'True' default value, there is now basically now way to disable this option.
(For options with default value False you can at least leave the env variable empty and that will evaluate as false).

[emkornfield]

sorry about that. I think this was an oversight because I originally had this as false. Do you need me to patch this?

[jtattermusch]

np, but yeah a patch would be nice. Btw the way all the options are read from env variables is also kind of broken, but they at least can be used because they have default value False.

Ideally we'd replace the reading of boolean values from env variables everywhere (if you assign 'XYZ=False' or 'XYZ=false' that's still evaluated as True :-( )

grpc/setup.py

Lines 109 to 169 in 711d1d7

	BUILD_WITH_BORING_SSL_ASM = os.environ.get('GRPC_BUILD_WITH_BORING_SSL_ASM',
	True)
	# Environment variable to determine whether or not the Cython extension should
	# *use* Cython or use the generated C files. Note that this requires the C files
	# to have been generated by building first *with* Cython support. Even if this
	# is set to false, if the script detects that the generated `.c` file isn't
	# present, then it will still attempt to use Cython.
	BUILD_WITH_CYTHON = os.environ.get('GRPC_PYTHON_BUILD_WITH_CYTHON', False)
	# Export this variable to use the system installation of openssl. You need to
	# have the header files installed (in /usr/include/openssl) and during
	# runtime, the shared library must be installed
	BUILD_WITH_SYSTEM_OPENSSL = os.environ.get('GRPC_PYTHON_BUILD_SYSTEM_OPENSSL',
	False)
	# Export this variable to use the system installation of zlib. You need to
	# have the header files installed (in /usr/include/) and during
	# runtime, the shared library must be installed
	BUILD_WITH_SYSTEM_ZLIB = os.environ.get('GRPC_PYTHON_BUILD_SYSTEM_ZLIB', False)
	# Export this variable to use the system installation of cares. You need to
	# have the header files installed (in /usr/include/) and during
	# runtime, the shared library must be installed
	BUILD_WITH_SYSTEM_CARES = os.environ.get('GRPC_PYTHON_BUILD_SYSTEM_CARES',
	False)
	# Export this variable to use the system installation of re2. You need to
	# have the header files installed (in /usr/include/re2) and during
	# runtime, the shared library must be installed
	BUILD_WITH_SYSTEM_RE2 = os.environ.get('GRPC_PYTHON_BUILD_SYSTEM_RE2', False)
	# For local development use only: This skips building gRPC Core and its
	# dependencies, including protobuf and boringssl. This allows "incremental"
	# compilation by first building gRPC Core using make, then building only the
	# Python/Cython layers here.
	#
	# Note that this requires libboringssl.a in the libs/{dbg,opt}/ directory, which
	# may require configuring make to not use the system openssl implementation:
	#
	# make HAS_SYSTEM_OPENSSL_ALPN=0
	#
	# TODO(ericgribkoff) Respect the BUILD_WITH_SYSTEM_* flags alongside this option
	USE_PREBUILT_GRPC_CORE = os.environ.get('GRPC_PYTHON_USE_PREBUILT_GRPC_CORE',
	False)
	# If this environmental variable is set, GRPC will not try to be compatible with
	# libc versions old than the one it was compiled against.
	DISABLE_LIBC_COMPATIBILITY = os.environ.get(
	'GRPC_PYTHON_DISABLE_LIBC_COMPATIBILITY', False)
	# Environment variable to determine whether or not to enable coverage analysis
	# in Cython modules.
	ENABLE_CYTHON_TRACING = os.environ.get('GRPC_PYTHON_ENABLE_CYTHON_TRACING',
	False)
	# Environment variable specifying whether or not there's interest in setting up
	# documentation building.
	ENABLE_DOCUMENTATION_BUILD = os.environ.get(
	'GRPC_PYTHON_ENABLE_DOCUMENTATION_BUILD', False)

@lidizheng since you reviewed this.

[jtattermusch]

Looks like there's already an issue for this: #24498