The cache slot for FETCH_OBJ_W in function `test` is primed with the
class for C. The next call uses a simplexml instance and reuses the same
cache slot. simplexml's get_property_ptr handler does not use the cache
slot, so the old values remain in the cache slot. When
`zend_handle_fetch_obj_flags` is called this is not guarded by a check
for the class entry. So we end up using the prop_info from the property
C::$a instead of the simplexml property.
This patch adds a reset to the cache slots in the property address fetch
code and also in the extensions with a non-standard reference handler.
This keeps the run time cache consistent and avoids the issue without
complicating the fast paths.
Closes GH-17739.
The following code poses a problem in the JIT:
```php
class A {
public $prop = 1;
}
class B extends A {
public $prop = 1 {
get => parent::$prop::get() * 2;
}
}
function test(A $a) {
var_dump($a->prop);
}
test(new B);
```
The JIT would assume A::$prop in test() could be accessed directly
through OBJ_PROP_NUM(). However, since child classes can add new hooks
to existing properties, this assumption no longer holds.
To avoid introducing more JIT checks, a hooked property that overrides a
unhooked property now results in a separate zval slot that is used
instead of the parent slot. This causes the JIT to pick the slow path
due to an IS_UNDEF value in the parent slot.
zend_class_entry.properties_info_table poses a problem in that
zend_get_property_info_for_slot() and friends will be called using the
child slot, which does not store its property info, since the parent
slot already does. In this case, zend_get_property_info_for_slot() now
provides a fallback that will iterate all property infos to find the
correct one.
This also uncovered a bug (see Zend/tests/property_hooks/dump.phpt)
where the default value of a parent property would accidentally be
inherited by the child property.
Fixes GH-17376
Closes GH-17870
Add "final" and "abstract" to the result of `_property_string()` when
outputting the string representation of a `ReflectionClass` or
`ReflectionProperty` instance
Closes GH-17827
This adds more aggressive clearing of stat cache. It is added to the
filestat as well as plain wrapper operations which covers stream file
accessing as well as exec functions (using pipes). It should hopefully
fix the most visible issues with the stat cache.
Closes GH-17681
This regressed in GH-17592.
The function is with its attributes HashTable* is copied in
zend_get_closure_invoke_method() but its refcount is not increased.
This caused a crash in the Symfony demo page.
Closes GH-17880.
The generated code tries to initialize the run time cache for even
internal closures, but it should only initialize the run time cache for
user closures. We fix this by adding a check for the function type.
If `func` is known, then we can check the type at code generation time.
Closes GH-17869.
This solely affects the builtin enum functions currently.
Given that these are stored in SHM, we cannot simply hardwire a pointer into the internal function runtime cache on NTS too, but have to use a MAP_PTR (like on ZTS).
Now, by design, the runtime cache of internal functions no longer is reset between requests, hence we need to store them explicitly as static runtime cache.
On NTS builds we cannot trivially move the pointers into CG(internal_run_time_cache) as they're directly stored on the individual functions (on ZTS we could simply iterate the static map_ptrs).
Hence, we have the choice between having opcache managing the internal run_time_cache for its preloaded functions itself or realloc CG(internal_run_time_cache) and iterate through all functions to assign the new address. We choose the latter for simplicity and initial speed.
skip if imagefttext() is not available
This test calls imagefttext(), which may not be available if libgd
was built without freetype support.
Closes GH-17910
- Three of our gd tests could be skipped with a message about requiring
bundled GD, but those tests don't actually require bundled GD. We
update the messages to mention the specific functions that are
required.
- add SKIPIF stanzas for missing PNG support
The bundled libgd always has PNG support, but an external one may not.
- imagerotate() is always available
Following 59ec80c5, the imagerotate() function is always available. We
may therefore remove its function_exists() checks without harm.
close GH-17894
* We need to clean the trampoline if the construction check fails
* Checking for an exception and then returning causes a leak on
`collation`. Returning early is pointless anyway.
Closes GH-17904.
This code was introduced when the Dom\Node and DOMNode classes were
still aliases, so the type check was never updated.
We fix this by checking if the doc pointer follows the spec and pick the
right node CE based on that.
Closes GH-17888.
