Requiring all internal classes (including those from 3rd-party
extensions) to implement Stringable if they provide __toString()
is too error prone. Case in point, our _ZendTestClass test class
was not doing so, resulting in preloading test failures after
recent changes.
Instead we automatically implement Stringable, the same as we do
for userland classes. We still allow explicit implementations,
but ignore them (normally they would result in an error due to
duplicate interface implementation). Finally, we need to be
careful about not trying to implement Stringable on Stringable
itself.
In some cases this changes the interface order, in particular the
automatic Stringable implementation will now come first.
Traits do not support interfaces, so we should not implement
Stringable on them.
Also check the __toString() return type in the same way other
magic methods do, otherwise we would now miss the check in the
trait case.
zend_class_implements_interface works fine if the "class" is an
interface, so simply drop this assertion. This avoids the need to
special case this situation.
While we avoid emitting labels for handlers that are not referenced
from anywhere else, we do not perform a fine-grained analysis on
used specializations, so some of the specialization labels may not
be used. Use ATTRIBUTE_UNUSED_LABEL to suppress the warning. Drop
"cold" from the definition of this attribute, as it is completely
unrelated.
This can happen if a call is optimized, but FETCH_DIM_FUNC_ARG
cannot be converted to FETCH_DIM_R because it uses an UNUSED op2,
which is not supported by FETCH_DIM_R.
Fixes oss-fuzz 6144185837682688.
In this case zend_exception_set_previous() would destroy the
fast_call exception and further accesses on ex would be invalid.
We should only update ex if we update EG(exception).
Fixes oss-fuzz #40464.
Even if we can't actually pass by reference, we still need to
create the REFERENCE wrapper to satisfy the calling convention.
The particular test case would crash with JIT, because the existence
of the reference was assumed.
Fixes oss-fuzz #39440.
This would end up taking the successors_count=2 case, even though
we need to treat SWITCH and MATCH differently. This incorrectly
marked a block as FOLLOW, resulting in incorrect block pass
optimization.
Fixes oss-fuzz #39380.
This was doing a plain copy of JMPZNZ, even though it encodes
offsets relative to the opline. As such, the offsets would be
relative to target, while they should be relative to opline.
Fix this by recomputing them.
Fixes oss-fuzz #39295.
This ensures that code directly before the loop var free is
separated out (and will generally be eliminated as unreachable).
This fixes some assumptions we have that unreachable loop var free
blocks start with the loop var free.
Fixes oss-fuzz #39395.
We can't remove a trivial phi of the form x = phi(x), because we
don't have a replacement value. We could drop the whole block
though. SCCP would normally do this, but in this particular case
we only determine non-reachability based on type information.
Fixes oss-fuzz #39316.
If we're removing a predecessor because it already exists during
replacement, we should also drop pi nodes for that predecessor.
Fixes oss-fuzz #39276.
We shouldn't try to load further classes if one autoload throws.
This fixes oss-fuzz #38881, though I believe there are still two
deeper issues here: 1) Why do we allow autoloading with an active
exception? 2) Exception save & restore should probably also save
and restore the exception opline.
Even though the input is not a reference (or not treated as such),
we still need to create a reference to satisfy the function
signature. Various code relies on reference arguments actually
being references. In this particular case, it would result in
a JIT crash.
The zend_call_function() implementation already handled this
correctly.
This can happen in degenerate cases where we know that the
SWITCH_STRING argument is not refcounted. We should be treating it
in the same way as SWITCH_LONG here.
Ensure current_observed_frame always points to an actually observed frame.
This solution has a caveat of being O(stack size), with the worst case occurring if there are a lot of frames between the current and previous observed frames.
An O(1) solution would require keeping track of the previous observed frame, which would require some additional frame attached metadata, which is best not attempted in an already released version.
We'd have usually converted it into a PRE_INC if there is no use,
but that's not guaranteed. If there is no use at this point, make
sure we don't try to use the sentinel value.
When killing a coroutine by throwing an unwind exit into it during
an I/O operation, the I/O failure may result in an exception being
thrown, which will replace the unwind exit exception and the
coroutine will ultimately not exit. This patch avoids this by
ignoring the newly thrown exception and keeping the unwind exit
exception.
Closes GH-7459.
When more than INT_MAX resource are created, throw a fatal error,
rather than reusing already allocated IDs, which will result in
assertion failures or crashes down the line.
This doesn't fix the fundamental problem, but makes the failure
more graceful with an obvious cause.
Inspired by https://bugs.php.net/bug.php?id=81399.
Closes GH-7428.
In this case we should use the original internal handler. Otherwise
the trampoline will attempt to free the closure, but the function
being used is not actually part of a closure anymore.
We must avoid integer overflows in memory allocations, so we introduce
an additional check in the VM, and bail out in the rare case of an
overflow.
Closes GH-7381.
We must avoid integer overflows in memory allocations, so we introduce
an additional check in the VM, and bail out in the rare case of an
overflow. Since the recent fix for bug #74960 still doesn't catch all
possible overflows, we fix that right away.
While parent:: should inherit the called scope, it should only do
so if it is compatible. If there is no called scope, or it is not
a subtype of the scope, we should fall back to the scope.
Nikita Popov