* main: Ignore `register_argc_argv` when `SG(request_info).argc` is available
* sapi: Remove hardcoded `register_argc_argv` for CLI SAPIs
This INI is ignored since the previous commit, which makes the hardcoded
setting obsolete.
* main: Deprecate deriving $_SERVER['argc'] and $_SERVER['argv'] from the query string
RFC: https://wiki.php.net/rfc/deprecations_php_8_5#deprecate_the_register_argc_argv_ini_directive
* main: Adjust deprecation message for `register_argc_argv`
* NEWS/UPGRADING
* fpm: Improve the error message when FPM is running as root
Co-authored-by: Jakub Zelenka <bukka@php.net>
* fpm: Disable `TEST_FPM_RUN_AS_ROOT` for proc-user-not-set-when-root.phpt
---------
Co-authored-by: Jakub Zelenka <bukka@php.net>
The value is temporarily duplicated. While the value is allocated persistently,
it will be freed if the ini value can't be set. This is safe, given the value
has not actually been stored.
Exposed by GH-19619
Closes GH-19671
* opcache: Do not emit “temporary enabling” message when OPcache is already active
An easy way to accidentally enable OPcache “temporarily” is by using
`php_admin_value[opcache.enable]=1` within a FPM pool’s configuration, since
the `php_admin_value` settings mostly behave like settings in php.ini, with
many OPcache INI settings being a notable exception.
As long as OPcache is already enabled within php.ini (or simply by default),
emitting a warning for `php_admin_value[opcache.enable]=1` or similar is going
to be confusing, since is not actually temporarily enabling anything.
A follow-up commit will also try to detect this kind of incorrect configuration
and try to provide better advice for cases where OPcache is actually not yet
enabled.
* opcache: Improve error message when OPcache is enabled dynamically
The error message will now advice on the `php_admin_value[opcache.enable]=1`
mistake. It will also send the message to OPcache’s logging facility instead of
the regular error handling logic during startup so that it will not be made
available to `error_get_last()`, since it is related to a specific request and
thus not actionable by a script either.
php/php-src#19146 made a related change to `opcache.memory_consumption`.
* opcache: Fix typo in warning message
* opcache: Use more formal language in warning message
RFC: https://wiki.php.net/rfc/deprecations_php_8_5#remove_disable_classes_ini_setting
This took longer to merge than expected but the initial motivation from 2 years ago still applied:
As described in the email to the PHP internals list [1] this feature is fundamentally broken and pointless.
Only internal classes can be disable which brings the following observation. On a minimal build of PHP, with only the mandatory extensions enabled, there are 148 classes/interfaces/traits defined. [2]
Other than the SPL ones (and even then), disabling any of these classes will cause issues within the engine.
Moreover, the SPL ones are not a security concern.
Therefore, any other class that can be disabled must come from an extension that can be disabled altogether. And "disabling" a class from an extension without disabling said extension will render it useless anyway.
If a hosting provided is concerned about an extension, then it should not enable it in the first place. Not break it ad hoc.
Considering the above, I cannot see how this functionality was ever useful.
This is in stark contrast to the disable_functions INI setting, which can be used to selectively remove functionality of an extension without breaking it overall.
What makes this setting particularly broken is that it does not unregister the class, it only overwrites the create CE handler to emit a warning and purge the properties and function hashtables. This leads to various use after free, segfaults, and broken expectations for the engine and extensions which define said classes. On top of that, it is possible to actually instantiate such a class (and even classes which actually disallow this like ext/imap) in userland, and pass it to function that are typed against said class without raising a TypeError. However, when trying to do anything with said object stuff is going to explode in countless ways.
[1] https://news-web.php.net/php.internals/120896
[2] https://gist.github.com/Girgias/63d55ba1e50b580412b004046daed02b
Introduce the TAILCALL VM, a more efficient variant of the CALL VM:
* Each opcode handler tailcalls the next opcode handler directly instead of
returning to the interpreter loop. This eliminates call and interpreter loop
overhead.
* Opcode handlers use the preserve_none calling convention to eliminate
register saving overhead.
* preserve_none uses non-volatile registers for its first arguments, so
execute_data and opline are usually kept in these registers and no code is
required to forward them to the next handlers.
Generated machine code is similar to a direct-threaded VM with register pinning,
like the HYBRID VM.
JIT+TAILCALL VM also benefits from this compared to JIT+CALL VM:
* JIT uses the registers of the execute_data and opline args as fixed regs,
eliminating the need to move them in prologue.
* Traces exit by tailcalling the next handler. No code is needed to forward
execute_data and opline.
* No register saving/restoring in epilogue/prologue.
The TAILCALL VM is used when the HYBRID VM is not supported, and the compiler
supports the musttail and preserve_none attributes: The HYBRID VM is used when
compiling with GCC, the TAILCALL VM when compiling with Clang>=19 on x86_64 or
aarch64, and the CALL VM otherwise.
This makes binaries built with Clang>=19 as fast as binaries built with GCC.
Before, these were considerably slower (by 2.8% to 44% depending on benchmark,
and by 5% to 77% before 76d7c616bb).
Closes GH-17849
Closes GH-18720
The stack limit is checked when entering execute_ex(), but the fuzzer has
its own execute function and does not call execute_ex().
Add a stack limit check in the fuzzer's execute function.
Closes GH-19391
The shadow key is refreshed when resetting the memory manager between two
requests. But in forking SAPIs the first request of a child process inherits the
shadow key of the parent. As a result, a leak of the shadow key during the first
request of one process gives away the shadow key used during the first request
of other processes. This makes the key refresh mechanism less useful.
Here I ensure that we refresh the shadow key after a fork. We can not reset the
manager as there may be active allocations. Instead, we have to recompute shadow
pointers with the new key.
Closes GH-16765
It sets the access log limit as configurable log_limit to allow larger
log limit than the currently fixed limit of 1024 characters.
Fixes GH-12302
Closes GH-18725
This removes the --enable-opcache/--disable-opcache configure switch. OPcache
is now always builtin. The default value of opcache.enable and
opcache.enable_cli is unchanged.
RFC: https://wiki.php.net/rfc/make_opcache_required
Closes GH-18961.
Co-authored-by: Tim Düsterhus <tim@tideways-gmbh.com>
re2c version 4 enabled some warnings by default. This fixes re2c code
for the `-Wuseless-escape` warnings.
There are two same issues reported.
Issue: GH-17523
Closes: GH-17204
DL_LOAD now doesn't use RTLD_DEEPBIND deepbind anymore on platforms
where dlmopen with LM_ID_NEWLM is available:
this means shared library symbol isolation (if needed) must be enabled on
the user side when requiring libphp.so, by using dlmopen with LM_ID_NEWLM
instead of dlopen.
RTLD_DEEPBIND is still enabled when the Apache SAPI is in use.
Closes GH-10670.
This hack not only breaks the handling of custom allocators, but also
breaks if zend_alloc is compiled with USE_CUSTOM_MM.
This hack is just no good, if you want leak information then use ASAN.
Closes GH-18813.
It's possible to return a reference from __toString(), but this is not
handled and results in a (confusing) error telling that the return value
must be a string.
Properly handle this by unwrapping the reference.
Closes GH-18810.
This fixes null dereference error when calling fpm_get_status() and one
of the children is just being created.
Closes GH-18662
Co-authored-by: Jakub Zelenka <bukka@php.net>
This allows us to avoid a call to `zend_ini_str` which took 6% of the
profile on my i7-4790 for a call to `http_build_query`. Now we can just
grab the value from the globals.
In other files this can avoid some length recomputations.
