php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-26 17:38:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
125,865 Commits 549 Branches 1,485 Tags
f79bd08573a4ba655dc8ffd892c6f8a435b449a3
Commit Graph

125865 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikita Popov f79bd08573 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix leak of invalid stream_read() return value
 2021-09-28 15:58:05 +02:00
Nikita Popov 2f798d99b7 Fix leak of invalid stream_read() return value 
Fixes oss-fuzz 6225190686687232 (part of #38542).
 2021-09-28 15:57:55 +02:00
Christoph M. Becker e73cc7aea9 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix #80663: Recursive SplFixedArray::setSize() may cause double-free
 2021-09-28 15:55:11 +02:00
Christoph M. Becker 6154aa652d Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Fix #80663: Recursive SplFixedArray::setSize() may cause double-free
 2021-09-28 15:52:58 +02:00
Christoph M. Becker 2d6684091f Fix #80663: Recursive SplFixedArray::setSize() may cause double-free 
We address the `::setSize(0)` case by setting `array->element = NULL`
and `array->size = 0` before we destroy the elements.

Co-authored-by: Tyson Andre <tyson.andre@uwaterloo.ca>

Closes GH-7503.
 2021-09-28 15:48:53 +02:00
Dmitry Stogov d0715aa779 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  JIT: Fixed label mess
 2021-09-28 15:22:40 +03:00
Dmitry Stogov 3fd1f6cdad JIT: Fixed label mess 2021-09-28 15:21:11 +03:00
Nikita Popov 69eb6e04a7 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix ASSIGN_DIM result inference with typed refs
  Remove outdated code in ASSIGN_DIM type inference
 2021-09-28 14:14:29 +02:00
Nikita Popov 1bb7ee3207 Fix ASSIGN_DIM result inference with typed refs 
Same issue as with ASSIGN. Also make the handling for ASSIGN more
precise, we can only have conversions between scalar values.
 2021-09-28 14:14:01 +02:00
Nikita Popov cdc05eba61 Remove outdated code in ASSIGN_DIM type inference 
All of these cases throw an exception now rather than returning
null.
 2021-09-28 14:14:00 +02:00
Dmitry Stogov 214cd1565b Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  JIT: Fixed result when assigning to typed reference
 2021-09-28 14:27:16 +03:00
Dmitry Stogov 17b127a84f JIT: Fixed result when assigning to typed reference 2021-09-28 14:19:23 +03:00
Nikita Popov 2b71df71a1 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix type inference and SCCP with typed references
 2021-09-28 12:59:24 +02:00
Nikita Popov d8c2ff6486 Fix type inference and SCCP with typed references 
We can't assume that the return value will be the same as the RHS
if typed references are involved.
 2021-09-28 12:59:00 +02:00
Nikita Popov b88c678127 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Check exception before using undef_result_after_exception()
 2021-09-28 12:22:34 +02:00
Nikita Popov 0391c55b0c Check exception before using undef_result_after_exception() 
undefined_op_helper_write() can return 0 not just if an exception
is thrown, so check this explicitly. This fixes an issue introduced
in fe1633f010.
 2021-09-28 12:22:12 +02:00
Nikita Popov fdcacc7015 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Undef result if undef dim warning promoted to exception
 2021-09-28 11:36:26 +02:00
Nikita Popov fe1633f010 Undef result if undef dim warning promoted to exception 
Fixes oss-fuzz #39278.
 2021-09-28 11:35:53 +02:00
Nikita Popov 1cfc69d80d Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Check exception after QM_ASSIGN of undef var
 2021-09-28 10:58:59 +02:00
Nikita Popov f381079398 Check exception after QM_ASSIGN of undef var 
While most other exceptions aren't possible when QM_ASSIGN is used
instead of ASSIGN, we still have to watch out for an undef var
notice being promoted to an exception.
 2021-09-28 10:58:20 +02:00
Nikita Popov 1e4a9a4999 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix block marking for two arm math
 2021-09-28 10:38:22 +02:00
Nikita Popov 17d6efc729 Fix block marking for two arm math 
This would end up taking the successors_count=2 case, even though
we need to treat SWITCH and MATCH differently. This incorrectly
marked a block as FOLLOW, resulting in incorrect block pass
optimization.

Fixes oss-fuzz #39380.
 2021-09-28 10:37:54 +02:00
Nikita Popov f2ae8a3357 Fix bug #81474: Make Reflection(Attribute|Enum|EnumBackedCase) non-final 
BetterReflection would like to extend these classes to provide
adaptors. As our other Reflector classes are non-final, I think
it makes sense to make these non-final as well.

Closes GH-7520.
 2021-09-28 09:38:03 +02:00
Dmitry Stogov f81f874408 zend_std_get_static_method() should return NULL in case of exception thrown from user error handler 2021-09-28 10:32:54 +03:00
Dmitry Stogov 51f806783c JIT ARM64: Move property load into right place 2021-09-28 09:19:04 +03:00
Dmitry Stogov e046ff4374 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  JIT: Call zend_hash_index_find() instead of _zend_hash_index_find() if we didn't check for packed array before
 2021-09-27 23:19:48 +03:00
Dmitry Stogov 2e02b1f157 JIT: Call zend_hash_index_find() instead of _zend_hash_index_find() if we didn't check for packed array before 2021-09-27 23:16:47 +03:00
Dmitry Stogov be8dfa7751 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  JIT: Split zend_jit_hash_index_lookup_rw() into zend_jit_hash_index_lookup_rw() and zend_jit_hash_index_lookup_rw_no_packed().
 2021-09-27 22:14:27 +03:00
Dmitry Stogov 325865d750 JIT: Split zend_jit_hash_index_lookup_rw() into zend_jit_hash_index_lookup_rw() and zend_jit_hash_index_lookup_rw_no_packed(). 
The previous version might fail if zend_jit_hash_index_lookup_rw() was called for packed array.
 2021-09-27 22:09:51 +03:00
Dmitry Stogov 97da90e85e Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  JIT: Fixed missed zval type initialization
 2021-09-27 20:15:51 +03:00
Dmitry Stogov 9ce388b41b JIT: Fixed missed zval type initialization 2021-09-27 20:05:50 +03:00
Dmitry Stogov 7981d48aca JIT: Fixed missing type load 2021-09-27 17:44:36 +03:00
Nikita Popov 0015fc9a8e Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix relative offsets when copying JMPZNZ
 2021-09-27 16:20:04 +02:00
Nikita Popov 7d483418e2 Fix relative offsets when copying JMPZNZ 
This was doing a plain copy of JMPZNZ, even though it encodes
offsets relative to the opline. As such, the offsets would be
relative to target, while they should be relative to opline.
Fix this by recomputing them.

Fixes oss-fuzz #39295.
 2021-09-27 16:18:40 +02:00
Dmitry Stogov 35ff71f048 JIT: Improve property access (Avoid unnecessary property address loading and exception check). 2021-09-27 15:59:52 +03:00
Dmitry Stogov dbdef5980f JIT: Wrong register 2021-09-27 13:00:40 +03:00
Nikita Popov b86fdf84f0 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Start block at loop var free
 2021-09-27 11:58:53 +02:00
Nikita Popov 823888c472 Start block at loop var free 
This ensures that code directly before the loop var free is
separated out (and will generally be eliminated as unreachable).
This fixes some assumptions we have that unreachable loop var free
blocks start with the loop var free.

Fixes oss-fuzz #39395.
 2021-09-27 11:56:37 +02:00
Dmitry Stogov 3e706536d9 JIT: Remove FETCH_THIS+FETCH_OBJ_* optimizations for closures for 
functon JIT introduced in d1a0b93c64.

They caused failure of Zend/tests/closure_038.phpt with -d opcache.jit=1215
 2021-09-27 12:52:34 +03:00
Nikita Popov b7ec15f7fe Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix DCE of unreachable phi in cycle
 2021-09-27 11:26:56 +02:00
Nikita Popov ddf8910237 Fix DCE of unreachable phi in cycle 
We can't remove a trivial phi of the form x = phi(x), because we
don't have a replacement value. We could drop the whole block
though. SCCP would normally do this, but in this particular case
we only determine non-reachability based on type information.

Fixes oss-fuzz #39316.
 2021-09-27 11:26:31 +02:00
Nikita Popov d5e80c1c0c Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Handle pi nodes in replace_predecessor
 2021-09-27 10:48:23 +02:00
Nikita Popov 038bc27787 Handle pi nodes in replace_predecessor 
If we're removing a predecessor because it already exists during
replacement, we should also drop pi nodes for that predecessor.

Fixes oss-fuzz #39276.
 2021-09-27 10:47:47 +02:00
Dmitry Stogov bec1d2f290 JIT: Avoid property type reloading 2021-09-24 19:57:20 +03:00
Dmitry Stogov ec0f2c6ea1 JIT: Eliminate useless exception check 2021-09-24 16:52:06 +03:00
Dmitry Stogov d1a0b93c64 JIT: Improve $this->property access in closures 2021-09-24 15:55:29 +03:00
Nikita Popov eac65680ab Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix leak when iterating uninitialized RecursiveIteratorIterator
 2021-09-24 13:18:00 +02:00
Nikita Popov 3adbafeef7 Fix leak when iterating uninitialized RecursiveIteratorIterator 2021-09-24 13:17:34 +02:00
Nikita Popov 2b0288b220 Merge branch 'PHP-8.0' into PHP-8.1 
* PHP-8.0:
  Fix bug #81472: Support large device major/minor number
 2021-09-24 09:58:22 +02:00
Lin Yang 9ad8fadcbb Fix bug #81472: Support large device major/minor number 
Latest linux kernel use large number (12 bits for major device, 20
bits for minor device). Current code only supports previous standard
(5 chars), which means 8 bits for major and 8 bits for minor device.
It will fail if device number is out of that range. So this patch
increases device number read from /proc/self/maps file.

Closes GH-7512.
 2021-09-24 09:57:32 +02:00