perf: move sandboxed environment to the C side#2058
Open
AlliBalliBaba wants to merge 42 commits intomainfrom
Open
perf: move sandboxed environment to the C side#2058AlliBalliBaba wants to merge 42 commits intomainfrom
AlliBalliBaba wants to merge 42 commits intomainfrom
Conversation
* removes backoff. * Adjusts comment. * Suggestions by @dunglas * Removes 'max_consecutive_failures' * Removes 'max_consecutive_failures' * Adjusts warning. * Disables the logger in tests. * Revert "Adjusts warning." This reverts commit e93a6a9. * Revert "Removes 'max_consecutive_failures'" This reverts commit ba28ea0. * Revert "Removes 'max_consecutive_failures'" This reverts commit 32e649c. * Only fails on max failures again. * Restores failure timings.
# Conflicts: # phpmainthread_test.go
# Conflicts: # phpthread.go # threadworker.go
# Conflicts: # phpthread.go # threadinactive.go # threadregular.go # threadworker.go # worker.go
# Conflicts: # phpmainthread_test.go # threadregular.go
# Conflicts: # env.go # frankenphp.c # phpmainthread.go # phpthread.go # threadregular.go
# Conflicts: # env.go # frankenphp.c # phpmainthread.go # phpthread.go # threadregular.go
AlliBalliBaba
commented
Dec 13, 2025
Comment on lines
+317
to
+330
| // cut the string at the first '=' | ||
| char *eq_pos = memchr(setting, '=', setting_len); | ||
| bool put_env_success = true; | ||
| if (eq_pos != NULL) { | ||
| size_t name_len = eq_pos - setting; | ||
| size_t value_len = | ||
| (setting_len > name_len + 1) ? (setting_len - name_len - 1) : 0; | ||
| put_env_success = | ||
| go_putenv(setting, (int)name_len, eq_pos + 1, (int)value_len); | ||
| if (put_env_success) { | ||
| zval val = {0}; | ||
| ZVAL_STRINGL(&val, eq_pos + 1, value_len); | ||
| zend_hash_str_update(sandboxed_env, setting, name_len, &val); | ||
| } |
Contributor
Author
There was a problem hiding this comment.
Important to note that doing string cutting like this is binary safe, in contrast to the php-src implementation (null bytes will be forwarded and rejected by go's putenv)
henderkes
reviewed
Feb 16, 2026
| // verify putenv does not affect $_SERVER | ||
| $result = $_SERVER[$var] ?? null; | ||
| if ($result !== null) { | ||
| echo "MY_VAR is in \$_SERVER (not expected)\n"; |
Contributor
There was a problem hiding this comment.
why do we specifically need a check for $_SERVER?
Contributor
There was a problem hiding this comment.
aka shouldn't we also check for $_ENV?
|
|
||
| // Inserting an invalid variable should fail (null byte in key) | ||
| putenv("INVALID\x0_VAR=value"); | ||
| if (getenv("INVALID\x0_VAR")) { |
Contributor
There was a problem hiding this comment.
we should also check the return value of putenv here to make sure it returns false
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR uses
zend_array_dupto simplify the environment sandboxing logic. It removes the CGO overhead from$_ENVand$_SERVERregistration in regular threads and saves some memory on many threads. (wip)