| #
2e9e706a |
| 02-Sep-2020 |
Nikita Popov |
Fix throwing of yield from related exceptions into generator
Use the general zend_generator_throw_exception() helper for this.
Otherwise we don't handle the off-by-one opline correctly (
Fix throwing of yield from related exceptions into generator
Use the general zend_generator_throw_exception() helper for this.
Otherwise we don't handle the off-by-one opline correctly (should
we maybe just stop doing that?)
This is a followup to ad750c3bb6e7b48384c6265eb9d3bcf5b4000652,
which fixed a different yield from exception handling problem that
happened to show up in the same test case from oss-fuzz #25321.
Now both issues should be fixed.
show more ...
|
| #
ad750c3b |
| 31-Aug-2020 |
Nikita Popov |
Fix handling of exception if valid() during yield from
Fixes oss-fuzz #25296.
|
| #
187a72d5 |
| 30-Jun-2020 |
Nikita Popov |
Remove bogus generator iterator dtor
Fixes a use-after-free encountered in Symfony's SecurityBundle.
I don't have a reproducer for this, and believe the issue can only
occur if we le
Remove bogus generator iterator dtor
Fixes a use-after-free encountered in Symfony's SecurityBundle.
I don't have a reproducer for this, and believe the issue can only
occur if we leak an iterator (the leak is a separate issue).
We should not free the generator iterator here, because we do not
own it. The code that fetched the iterator is responsible for
releasing it. In the rare case where we do hit this code-path,
we cause a use-after-free.
show more ...
|
| #
897d99c7 |
| 18-Dec-2019 |
Nikita Popov |
Rethrow generator exception even without active stack frame
Finally blocks in generators may be invoked during shutdown, in
which case we don't have a stack frame. Similar to what
ze
Rethrow generator exception even without active stack frame
Finally blocks in generators may be invoked during shutdown, in
which case we don't have a stack frame. Similar to what
zend_call_function does, we still need to rethrow these exceptions,
otherwise they will be hidden (and leak).
show more ...
|
|
Revision tags: php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5 |
|
| #
16c49108 |
| 28-Oct-2019 |
Nikita Popov |
Fix bug #78752
NULL out the execute_data before destroying it, otherwise GC may
trigger while the execute_data is partially destroyed, resulting
in double-frees.
The handlin
Fix bug #78752
NULL out the execute_data before destroying it, otherwise GC may
trigger while the execute_data is partially destroyed, resulting
in double-frees.
The handling of call stack unfreezing is a bit awkward because it's
a ZEND_API function, so we can't change the signature.
show more ...
|
|
Revision tags: php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3, php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4 |
|
| #
fcabe7e5 |
| 14-Aug-2019 |
Nikita Popov |
Fixed bug #78412
$this should only be included in the generator GC buffer, if it
will be released on destruction.
|
|
Revision tags: php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8, php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20, php-7.4.0alpha2, php-7.3.7RC3, php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1, php-7.2.19, php-7.3.6, php-7.1.30, php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5, php-7.2.18RC1, php-7.3.5RC1, php-7.2.17, php-7.3.4, php-7.1.28, php-7.3.4RC1, php-7.2.17RC1, php-7.1.27, php-7.3.3, php-7.2.16 |
|
| #
4dc0662e |
| 01-Mar-2019 |
Nikita Popov |
Check for NULL GC type in objects_store_del
This might happen if OBJ_RELEASE is used on an object that was already
released by GC. Specific cases of this issue were previously fixed in
Check for NULL GC type in objects_store_del
This might happen if OBJ_RELEASE is used on an object that was already
released by GC. Specific cases of this issue were previously fixed in
ffaee27478a9cb338e40edeb5acf233f9cb67111 and
72104d2b6ecbbabd18de15f10739be5ce3dc9ce0, however the issue still
affects 3rd-party extensions using OBJ_RELEASE.
The whole GC type NULL + OBJ_IS_VALID + IS_FREE_CALLED system seems
overly complicated and can probably be simplified in 7.4.
show more ...
|
|
Revision tags: php-7.3.3RC1, php-7.2.16RC1, php-7.2.15, php-7.3.2, php-7.2.15RC1, php-7.3.2RC1, php-5.6.40, php-7.1.26, php-7.3.1, php-7.2.14, php-7.2.14RC1, php-7.3.1RC1, php-5.6.39, php-7.1.25, php-7.2.13, php-7.0.33, php-7.3.0, php-7.1.25RC1, php-7.2.13RC1, php-7.3.0RC6, php-7.1.24, php-7.2.12, php-7.3.0RC5, php-7.1.24RC1, php-7.2.12RC1, php-7.3.0RC4, php-7.1.23, php-7.2.11, php-7.3.0RC3 |
|
| #
83e2b9e2 |
| 28-Sep-2018 |
Nikita Popov |
Fixed bug #76946
|
|
Revision tags: php-7.1.23RC1, php-7.2.11RC1, php-7.3.0RC2, php-5.6.38, php-7.1.22, php-7.3.0RC1, php-7.2.10, php-7.0.32, php-7.1.22RC1, php-7.3.0beta3, php-7.2.10RC1, php-7.1.21, php-7.2.9, php-7.3.0beta2, php-7.1.21RC1, php-7.3.0beta1, php-7.2.9RC1, php-5.6.37, php-7.1.20, php-7.3.0alpha4, php-7.0.31, php-7.2.8, php-7.1.20RC1, php-7.2.8RC1, php-7.3.0alpha3 |
|
| #
8d3f8ca1 |
| 03-Jul-2018 |
Peter Kokot |
Remove unused Git attributes ident
The $Id$ keywords were used in Subversion where they can be substituted
with filename, last revision number change, last changed date, and last
use
Remove unused Git attributes ident
The $Id$ keywords were used in Subversion where they can be substituted
with filename, last revision number change, last changed date, and last
user who changed it.
In Git this functionality is different and can be done with Git attribute
ident. These need to be defined manually for each file in the
.gitattributes file and are afterwards replaced with 40-character
hexadecimal blob object name which is based only on the particular file
contents.
This patch simplifies handling of $Id$ keywords by removing them since
they are not used anymore.
show more ...
|
| #
7d4e18b0 |
| 12-Jul-2018 |
Dmitry Stogov |
Improved user iterator implementation to reduce zend_class_entry memory consumption and avoid race condition during resolving/caching of user iterator functions of internal classes in ZTS build.
|
| #
67b4c337 |
| 09-Jul-2018 |
Dmitry Stogov |
Uze ZVAL_COPY_DEREF() instead of ZVAL_DEREF() and ZVAL_COPY()
|
|
Revision tags: php-7.3.0alpha2, php-7.1.19, php-7.2.7 |
|
| #
72104d2b |
| 12-Jun-2018 |
Xinchen Hui |
supplemental fix for bug #76427
there are two parts to make this problem visible , the first is
our new gc new freeing zvals in an opposite direction(compare to 7.2)
the second is ze
supplemental fix for bug #76427
there are two parts to make this problem visible , the first is
our new gc new freeing zvals in an opposite direction(compare to 7.2)
the second is zend_object_store_del doesn't check IS_VALID since 7.3
(using assertion instead)
show more ...
|
| #
ffaee274 |
| 11-Jun-2018 |
Xinchen Hui |
Fixed bug #76427 (Segfault in zend_objects_store_put)
|
|
Revision tags: php-7.1.19RC1, php-7.3.0alpha1, php-7.2.7RC1 |
|
| #
f2b4ec4b |
| 31-May-2018 |
Dmitry Stogov |
Export standard object handlers, to avoid indirect access
|
|
Revision tags: php-7.1.18, php-7.2.6, php-7.2.6RC1, php-7.1.18RC1, php-5.6.36, php-7.2.5, php-7.1.17, php-7.0.30, php-7.1.17RC1, php-7.2.5RC1, php-5.6.35, php-7.0.29, php-7.2.4, php-7.1.16, php-7.1.16RC1, php-7.2.4RC1, php-7.1.15, php-5.6.34, php-7.2.3, php-7.0.28 |
|
| #
701437a9 |
| 25-Feb-2018 |
Gabriel Caruso |
Remove return types from some magic method in protos
__construct, __destruct, __wakeup does not have return types defined.
|
|
Revision tags: php-7.2.3RC1, php-7.1.15RC1, php-7.1.14, php-7.2.2 |
|
| #
5e8aa036 |
| 23-Jan-2018 |
Dmitry Stogov |
Access extra data stored in zval through macros
|
|
Revision tags: php-7.1.14RC1, php-7.2.2RC1 |
|
| #
d6881293 |
| 16-Jan-2018 |
Dmitry Stogov |
Removed recursive call
|
| #
8c07170d |
| 13-Jan-2018 |
Nikita Popov |
Fix generator GC if yield from parent chain does not reach root
Parents may be unlinked while another generator sharing part of the
chain is running. As such, we cannot assume that the p
Fix generator GC if yield from parent chain does not reach root
Parents may be unlinked while another generator sharing part of the
chain is running. As such, we cannot assume that the parent chain
goes all the way to the root. Instead walk backwards from root to
leaf, like we also do during destruction.
show more ...
|
| #
cab0a814 |
| 12-Jan-2018 |
Nikita Popov |
Try to fix yield from GC issues
Make sure we always update root and parent references before
releasing the old root object.
This fixes some crashes under aggressive cycle collec
Try to fix yield from GC issues
Make sure we always update root and parent references before
releasing the old root object.
This fixes some crashes under aggressive cycle collection, so
hopefully this will also fix bug #75351.
show more ...
|
| #
420d11e8 |
| 12-Jan-2018 |
Nikita Popov |
Fixed bug #75396
Do not run finally blocks in generators on unclean shutdown (e.g.
caused by exit). This is consistent with how finally blocks outside
of generators behave.
|
| #
5fef837c |
| 09-Jan-2018 |
Nikita Popov |
Simplify non-linear generator yield from tree
Remove special handling for 2-4 children. Now the three possible
cases are no children, one child, or many children (HT).
The non-l
Simplify non-linear generator yield from tree
Remove special handling for 2-4 children. Now the three possible
cases are no children, one child, or many children (HT).
The non-linear (many children) case is extremely rare, so there is
no point in trying to optimize it.
show more ...
|
| #
27f09efa |
| 12-Jan-2018 |
Nikita Popov |
Avoid duplicate addition of generators in yield from tree
|
| #
12c386f5 |
| 11-Jan-2018 |
Dmitry Stogov |
Use ZEND_CLOSURE_OBJECT() macro to resolve closure op_array to closure object through address calculation, instead of op_array->prototype reuse. (reapply 781e1573afdc7c336b3577ceabc9c65cafea17e8, now
Use ZEND_CLOSURE_OBJECT() macro to resolve closure op_array to closure object through address calculation, instead of op_array->prototype reuse. (reapply 781e1573afdc7c336b3577ceabc9c65cafea17e8, now it should be OK).
show more ...
|
| #
6ba10a03 |
| 11-Jan-2018 |
Dmitry Stogov |
Revert "Use ZEND_CLOSURE_OBJECT() macro to resolve closure op_array to closure object through address calculation, instead of op_array->prototype reuse." (this patch is incomplete or wrong)
Revert "Use ZEND_CLOSURE_OBJECT() macro to resolve closure op_array to closure object through address calculation, instead of op_array->prototype reuse." (this patch is incomplete or wrong)
This reverts commit 781e1573afdc7c336b3577ceabc9c65cafea17e8.
show more ...
|
| #
781e1573 |
| 11-Jan-2018 |
Dmitry Stogov |
Use ZEND_CLOSURE_OBJECT() macro to resolve closure op_array to closure object through address calculation, instead of op_array->prototype reuse.
|
