Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:92771 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 41482 invoked from network); 26 Apr 2016 08:44:27 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 26 Apr 2016 08:44:27 -0000 Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.220.193 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.220.193 mail-qk0-f193.google.com Received: from [209.85.220.193] ([209.85.220.193:34012] helo=mail-qk0-f193.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id E9/DB-02401-96A2F175 for ; Tue, 26 Apr 2016 04:44:27 -0400 Received: by mail-qk0-f193.google.com with SMTP id i7so514652qkd.1 for ; Tue, 26 Apr 2016 01:44:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=VoAjgK9wpostyuHw91t0/yO+lrjoWAirxx4I/v+uni8=; b=acf+UY+0c6XuhRDy5Iu9IQ2DqYXpfjE8+Ep+7gpgq3WhRnJtPqXBZFG3ANPGfz16lI z0IAz5U8tFzdtbh+Kwe4VTD8FW2ev72Ya4kuqlivrGkMGssOTqMQF2mbtgm/myrMqfx9 6O2zzkwDRDdR6nY/W3obEuDBHL2e967eDDT/vVuIi7rVGrFx7zxZCH9v8yPwfS5Y7mpN b4EmKKdxCySrncMEZx2sXwukcDdIHfH2uHi8B0svdQTGHlur9FNaYewAECyoo/5MDToM hlsfNvnRquuUvSboTt4wY7tG2OKhTWrXoYMvECQeLteF5e1/ejlDYwk+vQsaqFdKGOgU Bcfw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=VoAjgK9wpostyuHw91t0/yO+lrjoWAirxx4I/v+uni8=; b=l0VXIcUNNnCdCnBFMH/iK7rTggfTGuQHeANDYLaQkzTnJ8qRT19diXB3cr6PCCMeFQ dqBqU/RJjFYkaIrBuH+XifxZn8ozbzzZos5Z2Cr5bhh20GaA7yd8sd/1s+4JWmdhVylv 5nl1JEFZ6mcUoZXD24j8nGV6NX74N0XGTOZ++WM5+NQ+U1UAX60J9o46zBb1DHn6Zrff UL3hCcKApSbTCppKsrcSrX44tT5lRftCXxnlwjF8sH7NEAIFVBZtH37ubm8SqNYr0R3e z8y/OWSpiz+K4IR0pQwOHhR2PdvavFqZaVkGp5BsW3Fd8/F3IfmkpE4Krt7Lg1tRSILJ Nx7g== X-Gm-Message-State: AOPr4FXHtMQ2+oAUNXoqxWVBYxTSENl0AZFP4/AuelyNoiqKQ0im63dmAUPu3YKOsY7D+vmLPj9Rhb5KCrJC5g== X-Received: by 10.55.80.136 with SMTP id e130mr1118949qkb.28.1461660263683; Tue, 26 Apr 2016 01:44:23 -0700 (PDT) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.140.27.133 with HTTP; Tue, 26 Apr 2016 01:43:44 -0700 (PDT) In-Reply-To: <57152DAD.6000002@gmail.com> References: <570D2F74.7060702@gmail.com> <57152DAD.6000002@gmail.com> Date: Tue, 26 Apr 2016 17:43:44 +0900 X-Google-Sender-Auth: SWJ3xGX0XS30LtsZZYozNOQlS_I Message-ID: To: Stanislav Malyshev Cc: Andrey Andreev , "internals@lists.php.net" Content-Type: text/plain; charset=UTF-8 Subject: Re: [PHP-DEV] [RFC][Discussion] Add session_gc() From: yohgaki@ohgaki.net (Yasuo Ohgaki) Hi Stas, On Tue, Apr 19, 2016 at 3:55 AM, Stanislav Malyshev wrote: >>> Document calling session_gc() periodically is the best practice. >> >> If you want to document usage of this new API as the best practice, it >> would be unfair to the users if you don't also document the caveats that >> come with it: > > I also think it's wrong to document it so. While having periodical GC is > the best practice, probabilistic GC *is* calling GC periodically. True, > for some exceptional scenarios - like sites with very low traffic - the > period is unpredictable. And *then* it's recommended to explicitly call > session_gc(), and for these cases it is a great addition. But in a > typical medium or high traffic site the period is very predictable as as > such there's no way to document otherwise. Problem of session GC is not only "when GC is performed" but also "GC affects user experience" i.e. Occasional slow response. Therefore, GC is better to be performed by non user process/thread. IMHO. Exceptions are save handlers do not require GC at all. e.g. memcached > >> probability-based behavior (and how to do that; based on my >> observations, the vast majority of users don't know how GC is triggered >> at all) > > And that's great BTW since majority of users don't need to know that - > it just works. We shouldn't ruin that. Since we don't have precise session management (yet), users should aware problems in probability based session GC triggered by user requests. Even if we have precise session management, large number of session data will affect user experience with default session storage. i.e. files save handler. BTW, we already have feature that users must remove obsolete session data files. If user uses multi level dir structure for files save handler, files save handler will not remove obsolete session data at all. PS_GC_FUNC(files) { PS_FILES_DATA; /* we don't perform any cleanup, if dirdepth is larger than 0. we return SUCCESS, since all cleanup should be handled by an external entity (i.e. find -ctime x | xargs rm) */ if (data->dirdepth == 0) { *nrdels = ps_files_cleanup_dir(data->basedir, maxlifetime TSRMLS_CC); } return SUCCESS; } >> - Trigger warnings when session_gc() is called while gc_probability is >> not 0. > > This does not sound like a good idea to me. Why we should make it harder > for people to use it together? session_gc() has nothing to do with > gc_probability. session_gc() will have this signature int session_gc(void) // returns number of removed sessions > >> - To avoid re-activating expired sessions, trigger warnings when >> session_gc() is called after session_start() > > Last time I've looked at the patch, session_gc() was required to be > called after session start. See: > > https://github.com/php/php-src/pull/1852/files#diff-2e4264d70a35458a2241e27f76f4a93cR20 > > I think this is wrong (see my comments there) and in fact we should not > expose this complexity to the user - gc() should just do the GC and hide > the technical details. I haven't update the patch according to discussion. I'll update the patch soon. Regards, -- Yasuo Ohgaki yohgaki@ohgaki.net