Fix GH-10709: UAF in recursive AST evaluation

Fixes https://oss-fuzz.com/testcase-detail/6445949468934144
Closes GH-10718

Fixed bug #81607 (CE_CACHE allocation with concurrent access)

Restore CE_CACHE clear on persist

We still need to do this in case early binding succeeds and caches
the class. We could guard that by !in_compilation as well, but in
this case the p

Restore CE_CACHE clear on persist

We still need to do this in case early binding succeeds and caches
the class. We could guard that by !in_compilation as well, but in
this case the previous cache clearing should be reliable, so
restore it.

show more ...

Don't populate CE_CACHE during compilation

It's possible for CE_CACHE slots to be populated during compilation
(e.g. due to an early binding attempt). When opcache then persists
the

Don't populate CE_CACHE during compilation

It's possible for CE_CACHE slots to be populated during compilation
(e.g. due to an early binding attempt). When opcache then persists
the class, it clears the CE_CACHE slot for the class name as declared,
but not for different spellings (that only differ in case). As such,
a pointer to the old, non-persistent class entry may be retained.

Fix this by not populating CE_CACHE if in_compilation is set.

Closes GH-7542.

show more ...

Fixed ZEND_MAP_PTR_KIND_PTR (it is not used)

Reorder updates to avoid race conditions

Clear ce cache when persisting for file cache only

We should clear the ce cache before storing the interned string,
while we still have a reference to the original ce cache slot.

Always use CE_CACHE, remove TYPE_HAS_CE (#7336)

Currently, CE_CACHE on strings is only used with opcache interned strings. This
patch extends usage to non-opcache interned strings as wel

Always use CE_CACHE, remove TYPE_HAS_CE (#7336)

Currently, CE_CACHE on strings is only used with opcache interned strings. This
patch extends usage to non-opcache interned strings as well. This means that
most type strings can now make use of CE_CACHE even if opcache is not loaded,
which allows us to remove TYPE_HAS_CE kind, and fix some discrepancies
depending on whether a type stores a resolved or non-resolved name.

There are two cases where CE_CACHE will not be used:

* When opcache is not used and a permanent interned string (that is not an
internal class name) is used as a type name during the request. In this case
we can't allocate a map_ptr index for the permanent string, as it would be
not be in the permanent map_ptr index space.
* When opcache is used but the script is not cached (e.g. eval'd code or
opcache full). If opcache is used, we can't allocate additional map_ptr
indexes at runtime, because they may conflict with indexes allocated by
opcache.

In these two cases we would end up not using CE caching for property types
(argument/return types still have the separate cache slot).

show more ...

Remove special self/parent handling in get_class_name_map_ptr() (#7330)

zend_accel_get_class_name_map_ptr() for "self" and "parent" will
currently try to determine which class these refe

Remove special self/parent handling in get_class_name_map_ptr() (#7330)

zend_accel_get_class_name_map_ptr() for "self" and "parent" will
currently try to determine which class these refer to, and then
initialize the CE_CACHE on those strings.

However, this shouldn't be necessary: We already initialize
CE_CACHE on all class declaration names, so it should be covered
through that already.

show more ...

Fix preloading of trait property attributes

Always use separate static_members_table

When running without opcache, static_members_table is shared with
default_static_members_table. This is visible in reflection output,
because

Always use separate static_members_table

When running without opcache, static_members_table is shared with
default_static_members_table. This is visible in reflection output,
because ReflectionProperty::getDefaultValue() will return the
current value, rather than the default value.

Address this by never sharing the table, which matches the behavior
we already see under opcache.

Fixes bug #80821.

Closes GH-7299.

show more ...

Fixed some spaces used instead of tabs

Reorder conditions and always mark methods in SHM as ZEND_ACC_IMMUTABLE

Fixed possible use after free

Fixed tracing JIT + preloading failures:

ext/opcache/tests/preload_003.phpt
ext/opcache/tests/preload_trait_multiple_fixup.phpt
ext/opcache/tests/preload_trait_static.phpt

JIT class methods only when class entry is completely persistent.

This fixes a number of test failures on low optimization levels.
(e.g. use after free in Zend/tests/bug54268.phpt and te

JIT class methods only when class entry is completely persistent.

This fixes a number of test failures on low optimization levels.
(e.g. use after free in Zend/tests/bug54268.phpt and tests/classes/protected_001.phpt with opcache.jit=1204)

show more ...

Update http->https in license (#6945)

1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as

Update http->https in license (#6945)

1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |

show more ...

Replay warnings during inheritance (#6928)

Since 3e6b447979a2b1f351faf40bee9c6cf7e362d85a it is again possible to have
warnings (deprecations) during inheritance, and more such functiona

Replay warnings during inheritance (#6928)

Since 3e6b447979a2b1f351faf40bee9c6cf7e362d85a it is again possible to have
warnings (deprecations) during inheritance, and more such functionality is
likely in the future. This is a problem, because such warnings will only be
shown on the first request if the opcache inheritance cache is used. This
currently causes test failures in --repeat builds.

Fix this by uplifting the error recording functionality from opcache to Zend,
and then using it to persist a warning trace in the inheritance cache, which
can then be used to replay the warnings on subsequent executions.

show more ...

Use common struct to store error information

This is needed by both fibers and opcache (and GH-6903 also uses it),
so make it a common structure that can be used by any functionality

Use common struct to store error information

This is needed by both fibers and opcache (and GH-6903 also uses it),
so make it a common structure that can be used by any functionality
storing warnings/errors.

show more ...

Don't use separate static variables in inherited methods

RFC: https://wiki.php.net/rfc/static_variable_inheritance

Closes GH-6719.

Fix file cache

We should only access xlat if this is called from persist, not
when it is called from file cache.

Fix class map ptr for parent type if interning disabled

As zend_update_parent_ce() only runs later, the parent reference
may still point to the original class entry rather than the
p

Fix class map ptr for parent type if interning disabled

As zend_update_parent_ce() only runs later, the parent reference
may still point to the original class entry rather than the
persisted one. Memory held by the original class entry may have
already been deallocated. Avoid use-after-free by explicitly
fetching the persisted parent CE.

show more ...

Fast Class Cache

This is generalization of idea, that was previously usesd for caching
resolution of class_entries in zend_type. Now very similar mechanizm is
used for general zend_s

Fast Class Cache

This is generalization of idea, that was previously usesd for caching
resolution of class_entries in zend_type. Now very similar mechanizm is
used for general zend_string into zend_class_entry resolution.

Interned zend_string with IS_STR_CLASS_NAME_MAP_PTR GC_FLAG uses its
refcount to adress corresponding zend_class_entry cache slot.
The refcount keeps an offset to this slot from CG(map_ptr_base).
Flag may be checked by ZSTR_HAS_CE_CACHE(str), cache slot may be read by
ZSTR_GET_CE_CACHE(str) and set by ZSTR_SET_CE_CACHE(str, ce).

show more ...

Implement enums

RFC: https://wiki.php.net/rfc/enumerations

Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>

Closes GH-6489.

Avoid unnecessary static_variables persistence

static_variables should be treated the same way as all other
op_array components nowadays (only static_variables_ptr is
special). There

Avoid unnecessary static_variables persistence

static_variables should be treated the same way as all other
op_array components nowadays (only static_variables_ptr is
special). There's no need to persist/serialize it is separately
per shared op_array.

show more ...