Hi!
https://github.com/php/php-src/pull/290
How should I name the ini parameter?
max_magic_calls (magic ?=? everything which is not a direct function call)
max_implicit_calls
max_implicit_function_calls
Or what do you think is the most self documenting name?
Bob
p.s.: There is no reason why not to fix this in this way, I think, as you can test at how may iterations the stack will overflow and set the limit near to this maximum. Which is exactly what we have already today, only without possible crashes.
p.s.: There is no reason why not to fix this in this way, I think, as
you can test at how may iterations the stack will overflow and set the
limit near to this maximum. Which is exactly what we have already
today, only without possible crashes.
For one the stack frames aren't always the same size on all nesting
levels, depending on what's exactly happening.
There have neen different discussions about this in the past. One I
could finde first was
Vote for Zend Deep Stack Prevention (ZDSP)
http://news.php.net/php.internals/22011
In general reasons for not doing that were that we'd have a hard time
setting a good default for an counter-based approach, whereas an
approach checking the actual stack size would be too expensive.
I however agree that with recent engine improvements, where infinite
recursion is harder to get one might rethink that. A name using "magic"
sounds inappropriate, though in any case. :-)
johannes
Am 25.2.2013 um 17:45 schrieb Johannes Schlüter johannes@schlueters.de:
p.s.: There is no reason why not to fix this in this way, I think, as
you can test at how may iterations the stack will overflow and set the
limit near to this maximum. Which is exactly what we have already
today, only without possible crashes.For one the stack frames aren't always the same size on all nesting
levels, depending on what's exactly happening.There have neen different discussions about this in the past. One I
could finde first was
Vote for Zend Deep Stack Prevention (ZDSP)
http://news.php.net/php.internals/22011In general reasons for not doing that were that we'd have a hard time
setting a good default for an counter-based approach, whereas an
approach checking the actual stack size would be too expensive.I however agree that with recent engine improvements, where infinite
recursion is harder to get one might rethink that. A name using "magic"
sounds inappropriate, though in any case. :-)
Yes, but you can do an approximation. And in 99.999% of the cases 100
will be enough. I can hardly imagine a case where you need to do over
100 implicit function calls. They should fit in every normal stack size of
servers today.
This "ZDSP" is also checking very often (at every single opcode execution)
while my patch checks only in a more rare - in little scripts nearly never -
called function: a negligible cost.
Right. As far I see the implicit function calls are also the only possibility left
today out to let php crash due to a stack overflow beside pcre-functions...
Then max_implicit_function_calls would be a good name?
Bob
Hi!
Yes, but you can do an approximation. And in 99.999% of the cases 100
will be enough. I can hardly imagine a case where you need to do over
100 implicit function calls. They should fit in every normal stack size of
servers today.
Depth-first search in a modest-size data structure would easily go over
- But if you need it, xdebug already has this option.
--
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227
Am 25.2.2013 um 19:10 schrieb Stas Malyshev smalyshev@sugarcrm.com:
Hi!
Yes, but you can do an approximation. And in 99.999% of the cases 100
will be enough. I can hardly imagine a case where you need to do over
100 implicit function calls. They should fit in every normal stack size of
servers today.Depth-first search in a modest-size data structure would easily go over
- But if you need it, xdebug already has this option.
--
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227--
No, no, ...
You may use recursive functions (which are limited by the memory_limit),
but if you use recursive magics, it's a design error. This is not the purpose
of magics (, call_user_func(_array)?) and simply an abuse of the language.
Bob
Hi!
You may use recursive functions (which are limited by the memory_limit),
but if you use recursive magics, it's a design error. This is not the purpose
of magics (, call_user_func(_array)?) and simply an abuse of the language.
I think you are confusing magic functions with internal functions and
functions being called from internal functions. These are different
things. Looking at your patch, you are changing zend_call_function,
which can be called in many situations, every time engine code calls any
function which is not from a userspace context (i.e. PHP code). Limiting
it to any arbitrary number can (and does) break code, that's why it
wasn't done (it's not like it wasn't knows for years) and there are
extensions - like xdebug - which do introduce such limits. In any case,
100 is way, way too low.
--
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227
Hi!
p.s.: There is no reason why not to fix this in this way, I think,
There actually is. First, any option modifying engine behavior creates a
compatibility problem, since now the code that needs to work with it has
to check and be tested for yet another variable. Second, why does it
concentrate on magics? You can get stack overflow with any functions.
--
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227
Am 25.2.2013 um 19:08 schrieb Stas Malyshev smalyshev@sugarcrm.com:
Hi!
p.s.: There is no reason why not to fix this in this way, I think,
There actually is. First, any option modifying engine behavior creates a
compatibility problem, since now the code that needs to work with it has
to check and be tested for yet another variable. Second, why does it
concentrate on magics? You can get stack overflow with any functions.--
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227
It doesn't break if the limit is not set too low. It is like I now is, only without the
segmentation faults.
No, normal functions don't crash as - not 100% sure if I'm right - the Zend Engine
erealloc's (under control of the MM (and the memory limit)) the previous function
context and then returns; after the execution of the function the stack is restored:
a stack is only emulated and cannot cause crashes (the real c stack doesn't grow).
I concentrate only on implicit function calls as they are the only problem.
Bob