forked from https://github.com/symfony/symfony
5c67a67a61
This PR was merged into the 3.4 branch.
Discussion
----------
Don't add object-value of static properties in the signature of container metadata-cache
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | No ticket created, see below
| License | MIT
Running bin/console cache:clear can take a very long time and/or uses explosive amounts of memory if large protected/public static objects are available in classes for which metadata will be generated during the 'container dump'.
I.e. in \Symfony\Component\HttpKernel\Kernel::dumpContainer eventually a call to \Symfony\Component\Config\ResourceCheckerConfigCache::write is done. That writes a serialized version of the $metadata.
In that serialize a call to \Symfony\Component\Config\Resource\ReflectionClassResource::generateSignature for each service will eventually do a print_r on the class's (default) properties.
Class properties can also be (public/protected) static. PHP Reflection doesn't differentiate between those in that context. And _those_ static objects can also have non-scalar values, including objects.
If such an object is very large, for instance a service that references the Container (with many services, some also referencing the container, etc), the print_r will run into very deep recursions. I.e. it will either take "forever" or use so much memory the OOM killer is activated (it got to 25GB...).
This scenario only triggers when a cache existed prior to running cache:clear, i.e. when 'isFresh' is called. When first removing the cache dir (or running cache:clear with --no-warmup) and than running cache:clear does not trigger the behavior, apparently the hash is created in a saver time in that scenario.
This sample project offers code that will prime a static property into a service (the trick is having a command with such a class-reference/service):
https://github.com/arjenm/symfony-service-recursion
Add a var_dump to the `$defaults = $class->getDefaultProperties();` in \Symfony\Component\Config\Resource\ReflectionClassResource::generateSignature to see it in effect.
The first cache:clear will show a few null's; the second run - without removing the cache - will show a container instead of null.
Its still a tiny container, so it'll not trigger serious issues.
This PR prevents an object "default value" for a property from being fed to 'print_r'. Since normally an object-property should be null on a "fresh" look at a non-instantiated class it should be save to use (i.e. no BC).
Commits
-------
|
||
---|---|---|
.composer | ||
.github | ||
src/Symfony | ||
.appveyor.yml | ||
.editorconfig | ||
.gitignore | ||
.php_cs.dist | ||
.travis.yml | ||
CHANGELOG-3.0.md | ||
CHANGELOG-3.1.md | ||
CHANGELOG-3.2.md | ||
CHANGELOG-3.3.md | ||
CHANGELOG-3.4.md | ||
CODE_OF_CONDUCT.md | ||
composer.json | ||
CONTRIBUTING.md | ||
CONTRIBUTORS.md | ||
LICENSE | ||
link | ||
phpunit | ||
phpunit.xml.dist | ||
README.md | ||
UPGRADE-3.0.md | ||
UPGRADE-3.1.md | ||
UPGRADE-3.2.md | ||
UPGRADE-3.3.md | ||
UPGRADE-3.4.md | ||
UPGRADE-4.0.md |
Symfony is a PHP framework for web applications and a set of reusable PHP components. Symfony is used by thousands of web applications (including BlaBlaCar.com and Spotify.com) and most of the popular PHP projects (including Drupal and Magento).
Installation
- Install Symfony with Composer (see requirements details).
- Symfony follows the semantic versioning strictly, publishes "Long Term Support" (LTS) versions and has a release process that is predictable and business-friendly.
Documentation
- Read the Getting Started guide if you are new to Symfony.
- Try the Symfony Demo application to learn Symfony in practice.
- Master Symfony with the Guides and Tutorials, the Components docs and the Best Practices reference.
Community
- Join the Symfony Community and meet other members at the Symfony events.
- Get Symfony support on Stack Overflow, Slack, IRC, etc.
- Follow us on GitHub, Twitter and Facebook.
- Read our Code of Conduct and meet the CARE Team
Contributing
Symfony is an Open Source, community-driven project with thousands of contributors. Join them contributing code or contributing documentation.
Security Issues
If you discover a security vulnerability within Symfony, please follow our disclosure procedure.
About Us
Symfony development is sponsored by SensioLabs, led by the Symfony Core Team and supported by Symfony contributors.