bcadbec54b
Merge branch 'PHP-8.1'
...
* PHP-8.1:
Tracing JIT: Fixed possible memory-leak or missed destructor call.
2021-09-28 22:41:57 +03:00
bae21b536b
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
Tracing JIT: Fixed possible memory-leak or missed destructor call.
2021-09-28 22:41:48 +03:00
c30298bf57
Tracing JIT: Fixed possible memory-leak or missed destructor call.
...
Reference-counter of return_value may be indirectly decremented to 1.
2021-09-28 22:40:04 +03:00
4df32817a1
Merge branch 'PHP-8.1'
...
* PHP-8.1:
Fix leak with ASSIGN_OBJ on null
2021-09-28 16:34:45 +02:00
b5242fa19a
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
Fix leak with ASSIGN_OBJ on null
2021-09-28 16:34:32 +02:00
97b5eeeb6c
Fix leak with ASSIGN_OBJ on null
...
We still need to free op1 in this case.
Fixes oss-fuzz 5782176231194624 (part of #38542 ).
2021-09-28 16:33:11 +02:00
b976ad09ab
Merge branch 'PHP-8.1'
...
* PHP-8.1:
Fix leak of invalid stream_read() return value
2021-09-28 15:58:13 +02:00
f79bd08573
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
Fix leak of invalid stream_read() return value
2021-09-28 15:58:05 +02:00
2f798d99b7
Fix leak of invalid stream_read() return value
...
Fixes oss-fuzz 6225190686687232 (part of #38542 ).
2021-09-28 15:57:55 +02:00
9800845d43
Merge branch 'PHP-8.1'
...
* PHP-8.1:
Fix #80663 : Recursive SplFixedArray::setSize() may cause double-free
2021-09-28 15:55:40 +02:00
e73cc7aea9
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
Fix #80663 : Recursive SplFixedArray::setSize() may cause double-free
2021-09-28 15:55:11 +02:00
6154aa652d
Merge branch 'PHP-7.4' into PHP-8.0
...
* PHP-7.4:
Fix #80663 : Recursive SplFixedArray::setSize() may cause double-free
2021-09-28 15:52:58 +02:00
2d6684091f
Fix #80663 : Recursive SplFixedArray::setSize() may cause double-free
...
We address the `::setSize(0)` case by setting `array->element = NULL`
and `array->size = 0` before we destroy the elements.
Co-authored-by: Tyson Andre <tyson.andre@uwaterloo.ca >
Closes GH-7503.
2021-09-28 15:48:53 +02:00
db16a3af86
Merge branch 'PHP-8.1'
...
* PHP-8.1:
JIT: Fixed label mess
2021-09-28 15:23:18 +03:00
d0715aa779
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
JIT: Fixed label mess
2021-09-28 15:22:40 +03:00
3fd1f6cdad
JIT: Fixed label mess
2021-09-28 15:21:11 +03:00
1bb7ee3207
Fix ASSIGN_DIM result inference with typed refs
...
Same issue as with ASSIGN. Also make the handling for ASSIGN more
precise, we can only have conversions between scalar values.
2021-09-28 14:14:01 +02:00
cdc05eba61
Remove outdated code in ASSIGN_DIM type inference
...
All of these cases throw an exception now rather than returning
null.
2021-09-28 14:14:00 +02:00
04dd327493
Merge branch 'PHP-8.1'
...
* PHP-8.1:
JIT: Fixed result when assigning to typed reference
2021-09-28 14:27:29 +03:00
214cd1565b
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
JIT: Fixed result when assigning to typed reference
2021-09-28 14:27:16 +03:00
17b127a84f
JIT: Fixed result when assigning to typed reference
2021-09-28 14:19:23 +03:00
d8c2ff6486
Fix type inference and SCCP with typed references
...
We can't assume that the return value will be the same as the RHS
if typed references are involved.
2021-09-28 12:59:00 +02:00
a836c286f3
Merge branch 'PHP-8.1'
...
* PHP-8.1:
Check exception before using undef_result_after_exception()
2021-09-28 12:22:44 +02:00
b88c678127
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
Check exception before using undef_result_after_exception()
2021-09-28 12:22:34 +02:00
0391c55b0c
Check exception before using undef_result_after_exception()
...
undefined_op_helper_write() can return 0 not just if an exception
is thrown, so check this explicitly. This fixes an issue introduced
in fe1633f010
2021-09-28 12:22:12 +02:00
2a3caef40b
Merge branch 'PHP-8.1'
...
* PHP-8.1:
Undef result if undef dim warning promoted to exception
2021-09-28 11:36:35 +02:00
fdcacc7015
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
Undef result if undef dim warning promoted to exception
2021-09-28 11:36:26 +02:00
fe1633f010
Undef result if undef dim warning promoted to exception
...
Fixes oss-fuzz #39278 .
2021-09-28 11:35:53 +02:00
39d4978add
Merge branch 'PHP-8.1'
...
* PHP-8.1:
Check exception after QM_ASSIGN of undef var
2021-09-28 10:59:06 +02:00
1cfc69d80d
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
Check exception after QM_ASSIGN of undef var
2021-09-28 10:58:59 +02:00
f381079398
Check exception after QM_ASSIGN of undef var
...
While most other exceptions aren't possible when QM_ASSIGN is used
instead of ASSIGN, we still have to watch out for an undef var
notice being promoted to an exception.
2021-09-28 10:58:20 +02:00
17d6efc729
Fix block marking for two arm math
...
This would end up taking the successors_count=2 case, even though
we need to treat SWITCH and MATCH differently. This incorrectly
marked a block as FOLLOW, resulting in incorrect block pass
optimization.
Fixes oss-fuzz #39380 .
2021-09-28 10:37:54 +02:00
1441271f18
Don't use else after return in php_string_tolower()
2021-09-28 09:43:13 +02:00
7fa4127974
Merge branch 'PHP-8.1'
...
* PHP-8.1:
Fix bug #81474 : Make Reflection(Attribute|Enum|EnumBackedCase) non-final
2021-09-28 09:38:37 +02:00
f2ae8a3357
Fix bug #81474 : Make Reflection(Attribute|Enum|EnumBackedCase) non-final
...
BetterReflection would like to extend these classes to provide
adaptors. As our other Reflector classes are non-final, I think
it makes sense to make these non-final as well.
Closes GH-7520.
2021-09-28 09:38:03 +02:00
3d356cfc68
Merge branch 'PHP-8.1'
...
* PHP-8.1:
JIT ARM64: Move property load into right place
2021-09-28 09:19:36 +03:00
51f806783c
JIT ARM64: Move property load into right place
2021-09-28 09:19:04 +03:00
7718dc0835
Merge branch 'PHP-8.1'
...
* PHP-8.1:
JIT: Call zend_hash_index_find() instead of _zend_hash_index_find() if we didn't check for packed array before
2021-09-27 23:22:13 +03:00
e046ff4374
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
JIT: Call zend_hash_index_find() instead of _zend_hash_index_find() if we didn't check for packed array before
2021-09-27 23:19:48 +03:00
2e02b1f157
JIT: Call zend_hash_index_find() instead of _zend_hash_index_find() if we didn't check for packed array before
2021-09-27 23:16:47 +03:00
ed032040a6
Merge branch 'PHP-8.1'
...
* PHP-8.1:
JIT: Split zend_jit_hash_index_lookup_rw() into zend_jit_hash_index_lookup_rw() and zend_jit_hash_index_lookup_rw_no_packed().
2021-09-27 22:14:36 +03:00
be8dfa7751
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
JIT: Split zend_jit_hash_index_lookup_rw() into zend_jit_hash_index_lookup_rw() and zend_jit_hash_index_lookup_rw_no_packed().
2021-09-27 22:14:27 +03:00
325865d750
JIT: Split zend_jit_hash_index_lookup_rw() into zend_jit_hash_index_lookup_rw() and zend_jit_hash_index_lookup_rw_no_packed().
...
The previous version might fail if zend_jit_hash_index_lookup_rw() was called for packed array.
2021-09-27 22:09:51 +03:00
b6800c77f1
Merge branch 'PHP-8.1'
...
* PHP-8.1:
JIT: Fixed missed zval type initialization
2021-09-27 20:16:02 +03:00
97da90e85e
Merge branch 'PHP-8.0' into PHP-8.1
...
* PHP-8.0:
JIT: Fixed missed zval type initialization
2021-09-27 20:15:51 +03:00
9ce388b41b
JIT: Fixed missed zval type initialization
2021-09-27 20:05:50 +03:00
896d047687
Merge branch 'PHP-8.1'
...
* PHP-8.1:
JIT: Fixed missing type load
2021-09-27 17:45:06 +03:00
7981d48aca
JIT: Fixed missing type load
2021-09-27 17:44:36 +03:00
7d483418e2
Fix relative offsets when copying JMPZNZ
...
This was doing a plain copy of JMPZNZ, even though it encodes
offsets relative to the opline. As such, the offsets would be
relative to target, while they should be relative to opline.
Fix this by recomputing them.
Fixes oss-fuzz #39295 .
2021-09-27 16:18:40 +02:00
06a07efdaf
Merge branch 'PHP-8.1'
...
* PHP-8.1:
JIT: Improve property access (Avoid unnecessary property address loading and exception check).
2021-09-27 16:01:15 +03:00
Dmitry Stogov