Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:118778 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 20911 invoked from network); 7 Oct 2022 14:14:57 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 7 Oct 2022 14:14:57 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id C6398180505 for ; Fri, 7 Oct 2022 07:14:55 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,HTML_MESSAGE,SPF_HELO_SOFTFAIL, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS4713 180.0.0.0/10 X-Spam-Virus: No X-Envelope-From: Received: from mx3.es-i.jp (gw1.es-i.jp [180.42.98.129]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Fri, 7 Oct 2022 07:14:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ohgaki.net; s=default; h=MIME-Version:References:In-Reply-To: From:Date:Message-ID:Subject:To:Cc:Content-Type; bh=4Rh/p/2q8wZT m0S6gom8859a0VJ0iJapoLzAcH0qrKw=; b=lnFgMir2w04sXz3Oc38VyxwjF2Q3 qADE/QnCjAgSmlYcY17TQxZb1oCNkWdMGGKESeRo5hv5apKC0SZAgfVc9SYrrGu2 iU7fwmHpmkW11MsoPE5Y8crF929baD2U3I06yVkFQ181tYp8WYvxwiOloTu6Qle7 10TreQnrjUSLMLuSC4wWNgsXKzUm4Cp/aMpK1PJFVZC5yTfNvtAoaJQLoKDelf3f fNM9/kBzSu0VfnLRUnNXG9FnWVQZxKAQANJ7+ROhjkY3zTSkZT/hYMgyXXV4hG00 lcIrwtOxfFGwMhDM0ambKmR6854oPglNpzzP9tkTOgEeDybW+dKnI0Wbkw== Received: (qmail 11482 invoked by uid 89); 7 Oct 2022 14:14:51 +0000 Received: from mail-oa1-f43.google.com (yohgaki@ohgaki.net) by mx3.es-i.jp with ESMTPA; 7 Oct 2022 14:14:51 +0000 Received: by mail-oa1-f43.google.com with SMTP id 586e51a60fabf-1322d768ba7so5722148fac.5 for ; Fri, 07 Oct 2022 07:14:51 -0700 (PDT) X-Gm-Message-State: ACrzQf3pVD2viUvkFh3nEzcR87MmgENNUO+hG2WLYTnDZEbXQOzl08kT 01vjJbSDzGW3WI4tsPh9irmuwPgROUXH7cD4EA== X-Google-Smtp-Source: AMsMyM63dburunCVL4nVIMGY5wvgCGYmAoXfMNulhluqon0qFwoISK0Lvt2rDJS0dvqnQt7p5hybcpCwb3ohqtK9JOk= X-Received: by 2002:a05:6870:b388:b0:133:297f:c30 with SMTP id w8-20020a056870b38800b00133297f0c30mr2674548oap.115.1665152086737; Fri, 07 Oct 2022 07:14:46 -0700 (PDT) MIME-Version: 1.0 References: <8392afe2-3f5b-5811-64fc-a38f40f9af7a@gmail.com> In-Reply-To: <8392afe2-3f5b-5811-64fc-a38f40f9af7a@gmail.com> Date: Fri, 7 Oct 2022 23:14:10 +0900 X-Gmail-Original-Message-ID: Message-ID: To: Arnaud Le Blanc Cc: PHP Internals List Content-Type: multipart/alternative; boundary="000000000000a0879e05ea726ebb" Subject: Re: [PHP-DEV] Preventing stack overflows From: yohgaki@ohgaki.net (Yasuo Ohgaki) --000000000000a0879e05ea726ebb Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable 2022=E5=B9=B410=E6=9C=887=E6=97=A5(=E9=87=91) 22:32 Arnaud Le Blanc : > Hi internals, > > I would like to propose a way to detect stack overflows before they > happen, with the goal of improving debugability. > > Stack overflows are caused by excessive stack usage, typically due to > deep recursions. Recursion in PHP doesn't use recursion internally, but > some constructs still do, and it is not always possible to avoid without > dramatically increasing complexity or degrading performances. Some > examples of these constructs can be found at [1][2][3]. > > Programs that overflow the stack are terminated with a SIGSEGV, and the > user is left with no hint as to which code is causing the issue. This > makes debugging difficult. > > Xdebug makes debugging easier by throwing an exception when the function > call nesting level exceeds a certain limit [4], which is very useful. > However, this can be overly limiting because this does not discriminate > between the calls that actually use the stack and those that do not. > > Nikita proposed an other solution a while ago [5] that limits in terms > of VM reentrances, so that only the constructs that actually cause > internal recursion count towards the limit. One issue is that not all VM > frames will consume the same amount of stack, and the maximum stack size > depends on the system, so it's hard to determine a good default value > for the limit that is not overly limiting. > > I would like to propose an alternative [6] that limits in terms of stack > size. One issue is that it increases the internals complexity a bit, but > this would make debugging easier without limiting recursion too much > compared to what the system would allow. > > Any thoughts? > > [1] https://bugs.php.net/bug.php?id=3D64196 > [2] https://bugs.php.net/bug.php?id=3D75509 > [3] https://github.com/php/php-src/issues/8315 > [4] https://xdebug.org/docs/develop#max_nesting_level > [5] https://externals.io/message/108348 > [6] https://github.com/php/php-src/pull/9104 > > The root cause that users cannot understand what happened is this: $ php -n -r 'set_error_handler(function ($severity,$message, $filename, $lineno) { throw new ErrorException($message, 0, $severity, $filename, $lineno); }); function f() { f(); } f();' Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 262144 bytes) in Command line code on line 1 When a fatal error happens, PHP does not allow a stack dump. Very old PHP allowed users to catch E_ERROR by user error handler, but it is disabled to prevent users from shooting their own foot. I suppose allowing users to catch "only one" fatal error would solve many issues as well as infinite recursion. Regards, -- Yasuo Ohgaki yohgaki@ohgaki.net --000000000000a0879e05ea726ebb--