Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:112550 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 22069 invoked from network); 18 Dec 2020 19:14:16 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 18 Dec 2020 19:14:16 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 507681804DC for ; Fri, 18 Dec 2020 10:46:00 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-0.2 required=5.0 tests=BAYES_20,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Virus: No X-Envelope-From: Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Fri, 18 Dec 2020 10:45:59 -0800 (PST) Received: by mail-wr1-f41.google.com with SMTP id y17so3363933wrr.10 for ; Fri, 18 Dec 2020 10:45:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=GpW+UFHCM6vHAKu180Ws4HPcrbuej6pvMGQO9i5cof4=; b=q2a7wJi2dfspY5binBUbpfzlxWUzw27MmRDCoHDnbT8UpGn5FISIlEEtbY4hGyTF0k Iu4evn6YiuCsug0PhLXCLP8QlGOo/JaQbr3TDKq2VtfW6bmKwKXu/3ZSKjvp99beAUSe Yqf2mcFXkxHJFSkEuMBoQOOtGLWk5L+pNSgmnWiZujEw7AjYYWJjbS7k6kqImC/iaVlR 6rHk11ahlINbwKgkB5ILVbtzTFHIICo/HJFZYrwEJVLoAnosRc6NWJ5kBnZokoWcg3h7 mhX/zxW6gO41LSY1+D+Uw3tB2fhZWqrJbRM5WVjYsaDU4bBL97rha7ziQQQCiLpKxdlb yhRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=GpW+UFHCM6vHAKu180Ws4HPcrbuej6pvMGQO9i5cof4=; b=Bzy41T2Kv7eIiMWuRUQsekLd24n9b6A7h+OnlWLTcMFeaJBA0Q9lzOfyJxiVlSB9Hs +p2WEcutj+d+ZShaaqBPtyIOrHEhSOQtBSgO+YNt03pGWpz1/DUF/9qIcqIgOAL/w7s0 cN8KKMDXBDBN7CTLYwyRZJM3QgiA+lDPvKDONLD2OlUwvdlEQlqkHNDLIyObLyBUdeTf 1/lbGV6Jv2p2ePjLeWbD+lXUkSlPHgTNSqIOtevAnzsnkFObLZ6LVOoHhBZvw9n2MlGd Q+pocqMTOCEBKYi1D3hCftxV41Rr1y8oRHRjhj2nAPNIJwlEywUftcGHSfzxziLdYwdc Clpg== X-Gm-Message-State: AOAM533esbM3AMjyXMBU8hbX4aECAsDaKSRMhjoOKUclvwj4Fwh7Qu7y VwqJUKRoJoThA1j6kXNKjceJ2dKU2WfG1w== X-Google-Smtp-Source: ABdhPJxyNqOIuTscoEQKVXWvUjk0ypVYLCZINWKhnSOOkICd6MuT8lQjIbns7PCqIQzL+eCtog+pBA== X-Received: by 2002:a5d:56c3:: with SMTP id m3mr5918450wrw.419.1608317157300; Fri, 18 Dec 2020 10:45:57 -0800 (PST) Received: from [192.168.0.22] (cpc104104-brig22-2-0-cust548.3-3.cable.virginm.net. [82.10.58.37]) by smtp.googlemail.com with ESMTPSA id x18sm17120975wrg.55.2020.12.18.10.45.56 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 18 Dec 2020 10:45:56 -0800 (PST) To: PHP Internals List References: <9b36af8a-270f-2796-194e-b50296522407@gmail.com> Message-ID: <4aaf2881-026a-0c65-b4a5-65c03bb09126@gmail.com> Date: Fri, 18 Dec 2020 18:45:54 +0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-GB Subject: Re: [PHP-DEV] [RFC] [Discussion] Measuring maximum execution time based on wall-time From: rowan.collins@gmail.com (Rowan Tommins) Hi Máté, On 18/12/2020 16:43, Máté Kocsis wrote: > I think this is mostly not about application-level, rather than > infrastructure-level issues, at least > according to our use-cases. I think we may actually just be saying the same thing in different terms: in this message, you refer to a "heavy DOS attack", which I totally agree is the kind of scenario where "just kill some processes and hope that's enough to ride out the storm" would be useful. Some of your earlier messages, though, made it sound like you were relying on it as an every day thing - you talked about seeing "regressions" during your migration, for instance. But maybe I just read too much into that wording? > In my opinion, if the proposed ini setting causes consistency issues > for an application, then they are already > vulnerable to other factors which can make their application halt > execution at random places: fatal errors, power outages, > etc. Certainly, I would *like* my application to be robust to a power outage in the middle of a request; but I would prioritise that robustness based on how likely it is to happen. If one request in a billion is terminated unexpectedly, I will probably take certain risks; if it's going to happen on a regular basis, I'm going to have to spend a lot more time on that set of problems. So, again, it comes down to whether this is a "last resort" setting, or something you'd expect to be invoked regularly. > I think developers of distributed systems should be aware of this - > and I think they usually are Actually, this may be part of the confusion: I'm not sure what you're referring to by "distributed systems", so don't know whether I'm included in the set of developers you're picturing here. > If returning a 50x response with a custom message is a requirement, > then sure, developers can just ignore the new ini setting. > Although, i.e. apache and nginx already allow custom error pages, and > I think that should just be good enough for most use-cases. You missed the key part of the quote you replied to here, which is "return partial results". My point was not about the *formatting* of the error, but that its *content* might need to be application-specific. > Also, please be aware that the timeout is a clean shutdownmechanism, > so shutdown handlers and the already mentioned RSHUTDOWN functions are > triggered. It might be useful to expand on this in the RFC, remembering that "RSHUTDOWN" doesn't mean anything to a userland developer. Will "finally" blocks be run? Destructors? Will the error handler be invoked? I know the answers are probably "the same as the current timeout setting", but spelling it out would help to picture when this feature might or might not be useful. Regards, -- Rowan Tommins [IMSoP]