php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix fuzzer runner (#19676)

Browse Source
This commit is contained in:
Niels Dossche
2025-09-11 22:36:26 +02:00
committed by GitHub
parent 04deb4df62
commit bd4e2c78ac
1 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
sapi/fuzzer/fuzzer-execute-common.h
View File

@@ -23,6 +23,7 @@
#include "fuzzer.h" #include "fuzzer.h"
#include "fuzzer-sapi.h" #include "fuzzer-sapi.h"
#include "zend_exceptions.h" #include "zend_exceptions.h"
#include "zend_vm.h"
#define FILE_NAME "/tmp/fuzzer.php" #define FILE_NAME "/tmp/fuzzer.php"
#define MAX_STEPS 1000 #define MAX_STEPS 1000
@@ -32,10 +33,6 @@
static uint32_t steps_left; static uint32_t steps_left;
static bool bailed_out = false; static bool bailed_out = false;
/* Because the fuzzer is always compiled with clang,
* we can assume that we don't use global registers / hybrid VM. */
typedef zend_op *(ZEND_FASTCALL *opcode_handler_t)(zend_execute_data *, const zend_op *);
static zend_always_inline void fuzzer_bailout(void) { static zend_always_inline void fuzzer_bailout(void) {
bailed_out = true; bailed_out = true;
zend_bailout(); zend_bailout();
@@ -67,7 +64,7 @@ static void fuzzer_execute_ex(zend_execute_data *execute_data) {
while (1) { while (1) {
fuzzer_step(); fuzzer_step();
opline = ((opcode_handler_t) opline->handler)(execute_data, opline); opline = ((zend_vm_opcode_handler_func_t) zend_get_opcode_handler_func(opline))(execute_data, opline);
if ((uintptr_t) opline & ZEND_VM_ENTER_BIT) { if ((uintptr_t) opline & ZEND_VM_ENTER_BIT) {
opline = (const zend_op *) ((uintptr_t) opline & ~ZEND_VM_ENTER_BIT); opline = (const zend_op *) ((uintptr_t) opline & ~ZEND_VM_ENTER_BIT);
if (opline) { if (opline) {