Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:110337 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 32486 invoked from network); 2 Jun 2020 22:15:12 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 2 Jun 2020 22:15:12 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id D0EFC180509 for ; Tue, 2 Jun 2020 13:57:13 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=0.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE, MALFORMED_FREEMAIL,MISSING_HEADERS,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS15169 209.85.128.0/17 X-Spam-Virus: No X-Envelope-From: Received: from mail-il1-f171.google.com (mail-il1-f171.google.com [209.85.166.171]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Tue, 2 Jun 2020 13:57:13 -0700 (PDT) Received: by mail-il1-f171.google.com with SMTP id j3so235822ilk.11 for ; Tue, 02 Jun 2020 13:57:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:cc; bh=H2tFdlZzur1vBb28aChZcj3+D/gQ9orgY6p3gvZ0r6I=; b=smIMeEQMEvGa4w75ajFLvfPNQJtIseFiHnUjzc/D0Xah0ct837S4/TxBrWHJyrj5ZW q1zDU55QCMQTvCbypCQNhJuCe79jdn5j0q2M1Id1Acmd5VffHtyvLb8EGDqFBi6HH2xb Mk3TOKpIOOb89z8oPEE706SR4mLTWuDu6CpzCESod2ZMCYK2mftXzgrtzrrUZNhQG5vD fdo4tBPjdjDIj276NJTAb4Tut1yip25Xm89x1eFimxuLp/M8KY+Py58wk0zUGSA1W6+v f6tw9SjJs1FLaMprTuASjcH+zSDsWSsxOxvPPPENI697WgWhwx0zlXdP1yT+dHkTITll 5OKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:cc; bh=H2tFdlZzur1vBb28aChZcj3+D/gQ9orgY6p3gvZ0r6I=; b=HFnyUfj1KlbMSrs3vDf3SOiV/iQfxEDWX5KoxAFB4FqBBRNcS5fOFu9DPmPGyupcev igjbQ68H3HE2xXsgkYPNzphu61kg1uP42qGmDI3I/6W+1q8HgkbhuUycwXwJMSJqoSYs 1i+o5kRSmPkrGL9RW3XF0UINrXK2oFrxYAqCiqdJ2EiBcSwCB2723mo2+vypeDWMqqM2 z27dZ1n/h4HIqggEC/bqJwtAOtYficeQL20Qv0G+m0yF8Lg3O//C7T8JYqtTREYBW4CL ZTPbAgKPU5bmiLpp9C9c+XopowEH+s07n/A1CnQuk0coOrAxALUaWEvOBNSNJKOOpbJk BWPg== X-Gm-Message-State: AOAM530CzcaTYHkUb4E7UPNolqac3kkEnmfpQ6vdICpybEUCyGKZGUut 6ZGl4EwHvTB7CQxvssYZGovVhEOk9v6hNgjC/BLt69e9 X-Google-Smtp-Source: ABdhPJzolECaCzk5oyFAe7yGca0ZwJZViWQTEp6qyGSi+H8jmaxhDOUSDPYIVy0/2p4wtL/t6prKTxuBfpa706Kdw4s= X-Received: by 2002:a92:400f:: with SMTP id n15mr1048891ila.135.1591131429589; Tue, 02 Jun 2020 13:57:09 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: Date: Tue, 2 Jun 2020 23:56:57 +0300 Message-ID: Cc: Internals Content-Type: multipart/alternative; boundary="000000000000a6d75605a7202727" Subject: Re: [PHP-DEV] RFC: Error backtraces From: maxsem.wiki@gmail.com (Max Semenik) --000000000000a6d75605a7202727 Content-Type: text/plain; charset="UTF-8" Thanks for your input! On Sat, May 30, 2020 at 8:36 PM Dan Ackroyd wrote: > For my own code, I convert all non-silenced errors and warnings into > an exception through the error handler*. That works pretty well, but > has one big downside - it only throws one type of exception. > > I wrote some words about what we could do: > https://gist.github.com/Danack/6b5a86414ab9e9d9ac7e0a906216f1c5 > > The TL:DR of that is, we could add specific exceptions that should be > thrown if the error handler setup by the user decided to throw an > exception. I would be interested in hearing if that idea achieves the > benefits you're trying to get, in a less controversial way. > Your solution requires programmers to write code supporting this kind of workflow, while I'm interested in providing useful information in all cases, even for legacy apps. > This has security implications as it would be possible for app secrets > to be included in the error message. That is less of a problem for > exceptions as you can write your own code for logging exceptions that > doesn't expose the variables if you don't want them exposed. > That's why I propose an INI setting controlling this behavior. > "..., traces are always generated for exceptions" > That depends on what callback function has been set for > 'set_exception_handler'. From my reading of the code, backtraces are generated on object creation, in zend_default_exception_new_ex(). > Also....maybe use more formal language for > RFCs. Even minor swear words should be avoided imo. > Sorry, didn't realize the word is, uh, "informal". > "error_get_last() output will have another element added to it if a > trace is available:" > > I strongly suspect that is a very bad idea. As the variables in the > stack trace are kept alive while that stack trace is kept alive, that > means the lifetime of those variables would depend on how long until > another error occurs. > As shown in the example output, traces are saved as string, so no implications to lifetime. > "In the current proposed implementation, a new error flag > E_UNHANDLED_EXCEPTION is introduced," > > The RFC doesn't say what this is meant to do precisely.....but my gut > instinct doesn't like it. Clarified this with a link to the code: I needed it to avoid outputting the trace twice in some cases. > * an error handler that converts all unsilenced errors that we care > about into an exception > > function standardErrorHandler($errorNumber, $errorMessage, $errorFile, > $errorLine): bool > [snip] The problem with this is that it doesn't get called on fatal errors, i.e. you can't get traces for the most serious problems. On Sun, May 31, 2020 at 4:47 PM Nikita Popov wrote: > I'm concerned about the performance implications of this change. Backtrace > gathering is quite expensive and doing this for every diagnostic will have > a large performance impact if there are many of them. This is okay if your > code is intended to be diagnostics clean, but unfortunately this is not a > given. If you generate 10k deprecation warnings during a request, you're > definitely going to feel those backtraces. > INI setting should take care of this. If your code is crap, don't flip it on. > It is already possible to get a backtrace for all non-fatal diagnostics > through a custom error handler, which allows you to control whether you > want to collect a backtrace for a particular error. As such, I would > recommend to limit this functionality to fatal errors only, where such a > possibility does not currently exist. Additionally fatal errors also > naturally limit the performance impact, because there can (approximately) > be only one fatal error per request. > I guess having this only for fatals is better than nothing, however since this functionality is optional, I don't see leaks via traces as a serious problem. Backtraces are disabled by default in code and php.ini-production, so it's safe by default. On Tue, Jun 2, 2020 at 1:29 PM Peter Stalman wrote: > Isn't this something that is handled fairly well by xdebug already? Yes, but most people don't run xdebug in production. Also, it's not part of PHP core and thus some people might not have it in their hosting environment. Having basic diagnostics seems to me like a good thing to have in PHP proper. ------- I've updated the RFC: clarified some parts and removed the voting question whether the configuration setting is needed, discussion clearly shows so. -- Best regards, Max Semenik --000000000000a6d75605a7202727--