We must not free the read line, if the `READ_AHEAD` flag is set. This
also restores the expectations of SplFileObject_next_variation002.phpt.
Closes GH-7518.
Change error message of sprintf/printf for missing/invalid position
specifier to make it clear that this is talking about the specifier,
not the number of arguments passed to the function. Also mention
the upper limit of INT_MAX.
Closes GH-7515.
Test case "ext/standard/tests/array/range.phpt" failed on ARM64 machine
only under RELEASE mode.
How to reproduce it:
```
./buildconf -f; ./configure; make -j 128
make test TESTS="-d opcache.enable=1 -d opcache.enable_cli=1 ext/standard/tests/array/range.phpt"
```
Root cause:
I suspect the root cause is that on ARM64 machine, PHP RELEASE mode
produces different values for internal function range() compared to
DEBUG mode.
Take the downsized test case downsize-range.php [1] as an example. We
applied the check-element.diff patch to check the original values. Note
that we print out the floating point numbers with precision 16.
From the outputs in file output.md, we can see the 7-th and 9-th
elements are different between RELEASE and DEBUG.
To be honest, I didn't get where such difference comes from and probably
this is due to different compilation options used by RELEASED and DEBUG.
Fix:
After commit [2], serialize_precision is used for var_dump(). As a
result, the pre-set "precision=14" didn't work actually.
In this patch, we turn to set serialize_precision as 14 and therefore
the difference between RELEASE and DEBUG can be eliminated.
Note-1: this failue didn't occur on x86 machine.
Note-2: in my local test, this is the only test case which behaves
differently on ARM64 machine under RELEASE and DEBUG mode.
[1] https://gist.github.com/shqking/0d55abf8dbaafde4a00ea9304e71f06b
[2] https://github.com/php/php-src/commit/a939805
Change-Id: I9293e990925590f8d7cfb2462d8d760abf76069f
We address the `::setSize(0)` case by setting `array->element = NULL`
and `array->size = 0` before we destroy the elements.
Co-authored-by: Tyson Andre <tyson.andre@uwaterloo.ca>
Closes GH-7503.
While most other exceptions aren't possible when QM_ASSIGN is used
instead of ASSIGN, we still have to watch out for an undef var
notice being promoted to an exception.
This would end up taking the successors_count=2 case, even though
we need to treat SWITCH and MATCH differently. This incorrectly
marked a block as FOLLOW, resulting in incorrect block pass
optimization.
Fixes oss-fuzz #39380.
This was doing a plain copy of JMPZNZ, even though it encodes
offsets relative to the opline. As such, the offsets would be
relative to target, while they should be relative to opline.
Fix this by recomputing them.
Fixes oss-fuzz #39295.
This ensures that code directly before the loop var free is
separated out (and will generally be eliminated as unreachable).
This fixes some assumptions we have that unreachable loop var free
blocks start with the loop var free.
Fixes oss-fuzz #39395.
We can't remove a trivial phi of the form x = phi(x), because we
don't have a replacement value. We could drop the whole block
though. SCCP would normally do this, but in this particular case
we only determine non-reachability based on type information.
Fixes oss-fuzz #39316.
If we're removing a predecessor because it already exists during
replacement, we should also drop pi nodes for that predecessor.
Fixes oss-fuzz #39276.
Latest linux kernel use large number (12 bits for major device, 20
bits for minor device). Current code only supports previous standard
(5 chars), which means 8 bits for major and 8 bits for minor device.
It will fail if device number is out of that range. So this patch
increases device number read from /proc/self/maps file.
Closes GH-7512.
We shouldn't try to load further classes if one autoload throws.
This fixes oss-fuzz #38881, though I believe there are still two
deeper issues here: 1) Why do we allow autoloading with an active
exception? 2) Exception save & restore should probably also save
and restore the exception opline.
We were not inferring anything for the ASSIGN_STATIC_PROP_REF
result type at all, leaving it as an empty type. In the test
case this results in a live range being incorrectly eliminated,
but this could break in all kinds of other ways as well..
This was leaking memory for pre-inc/dec of a refcounted typed
property if the result was not used.
The code to do this was unnecessarily complicated, we can base
this on the zend_jit_inc/dec_typed_prop() helper and copy to the
result afterwards.
We have an invariant that an array value type is set if and only
if an array key type is set, which is violated for the case of
undef values for always invalid keys.
