| #
4d4fe763 |
| 17-Nov-2021 |
Nikita Popov |
Fixed bug #81631
We need to save the opline before fetching the operand, as it may
throw an undef var warning.
|
| #
fa0b84a0 |
| 11-Nov-2021 |
Dmitry Stogov |
Partially fix handling of exceptions thrown in interrupt handlers
|
| #
90b7bde6 |
| 03-Nov-2021 |
Dmitry Stogov |
Use more compact representation for packed arrays.
- for packed arrays we store just an array of zvals without keys.
- the elements of packed array are accessible throuf as ht->arPacked[
Use more compact representation for packed arrays.
- for packed arrays we store just an array of zvals without keys.
- the elements of packed array are accessible throuf as ht->arPacked[i]
instead of ht->arData[i]
- in addition to general ZEND_HASH_FOREACH_* macros, we introduced similar
familied for packed (ZEND_HASH_PACKED_FORECH_*) and real hashes
(ZEND_HASH_MAP_FOREACH_*)
- introduced an additional family of macros to access elements of array
(packed or real hashes) ZEND_ARRAY_ELEMET_SIZE, ZEND_ARRAY_ELEMET_EX,
ZEND_ARRAY_ELEMET, ZEND_ARRAY_NEXT_ELEMENT, ZEND_ARRAY_PREV_ELEMENT
- zend_hash_minmax() prototype was changed to compare only values
Because of smaller data set, this patch may show performance improvement
on some apps and benchmarks that use packed arrays. (~1% on PHP-Parser)
TODO:
- sapi/phpdbg needs special support for packed arrays (WATCH_ON_BUCKET).
- zend_hash_sort_ex() may require converting packed arrays to hash.
show more ...
|
| #
1a2fb90b |
| 01-Nov-2021 |
Nikita Popov |
Fix finally exception chaining on recursion
In this case zend_exception_set_previous() would destroy the
fast_call exception and further accesses on ex would be invalid.
We should on
Fix finally exception chaining on recursion
In this case zend_exception_set_previous() would destroy the
fast_call exception and further accesses on ex would be invalid.
We should only update ex if we update EG(exception).
Fixes oss-fuzz #40464.
show more ...
|
| #
da0d246e |
| 19-Oct-2021 |
Nikita Popov |
Drop FREE_OP_VAR_PTR() distinction
FREE_OP_VAR_PTR() is like FREE_OP(), but only frees VAR, rather
than VARs and TMPs. I don't think this distinction makes sense
anymore, as opcodes
Drop FREE_OP_VAR_PTR() distinction
FREE_OP_VAR_PTR() is like FREE_OP(), but only frees VAR, rather
than VARs and TMPs. I don't think this distinction makes sense
anymore, as opcodes using FREE_OP_VAR_PTR() generally only accept
VAR or CV. For the cases where other op types are accepted and
only freeing VAR is desired we already have FREE_OP_IF_VAR().
This drops FREE_OP_VAR_PTR(), leaving only FREE_OP() and
FREE_OP_IF_VAR().
show more ...
|
| #
22b6aac6 |
| 19-Oct-2021 |
Nikita Popov |
Fix inc/dec of undef var with error handler
Set the variable to null after emitting the undef var notice
rather than before. This avoids an assertion failure if the var
is unset by t
Fix inc/dec of undef var with error handler
Set the variable to null after emitting the undef var notice
rather than before. This avoids an assertion failure if the var
is unset by the error handler.
The flip side is that this may cause a leak instead, but that's
the more harmless outcome.
Fixes oss-fuzz #36604.
show more ...
|
| #
a2e3ca1f |
| 12-Oct-2021 |
Nikita Popov |
Don't free FETCH_W operand if GLOBAL_LOCK
The error path performed the free unconditionally, while we should
not do it for GLOBAL_LOCK.
Fixes oss-fuzz #39868.
|
|
Revision tags: php-8.0.12RC1, php-7.4.25RC1 |
|
| #
11a9b036 |
| 05-Oct-2021 |
Nikita Popov |
Fix duplicate undef warning in assign_dim_op
In case of auto-vivification we were fetching dim twice and as
such also emitting the undef var warning twice.
|
| #
e11faad2 |
| 30-Sep-2021 |
Nikita Popov |
Create reference wrappers in SEND_UNPACK if necessary
Even if we can't actually pass by reference, we still need to
create the REFERENCE wrapper to satisfy the calling convention.
Th
Create reference wrappers in SEND_UNPACK if necessary
Even if we can't actually pass by reference, we still need to
create the REFERENCE wrapper to satisfy the calling convention.
The particular test case would crash with JIT, because the existence
of the reference was assumed.
Fixes oss-fuzz #39440.
show more ...
|
| #
ec54ffad |
| 29-Sep-2021 |
Nikita Popov |
Handle throwing destructor in BIND_STATIC
Fixes oss-fuzz #39406.
|
|
Revision tags: php-8.1.0RC3, php-8.0.11, php-7.4.24, php-7.3.31 |
|
| #
01453a0a |
| 17-Sep-2021 |
Nikita Popov |
Fix SEND_USER with ref arg
Even though the input is not a reference (or not treated as such),
we still need to create a reference to satisfy the function
signature. Various code reli
Fix SEND_USER with ref arg
Even though the input is not a reference (or not treated as such),
we still need to create a reference to satisfy the function
signature. Various code relies on reference arguments actually
being references. In this particular case, it would result in
a JIT crash.
The zend_call_function() implementation already handled this
correctly.
show more ...
|
|
Revision tags: php-8.1.0RC2 |
|
| #
260d2acd |
| 14-Sep-2021 |
Nikita Popov |
Fix memory leak in array unpack with refcounted numeric string key
|
| #
6381a16f |
| 09-Sep-2021 |
Nikita Popov |
Avoid use after free in internal prop type verification
This issue only applies to debug builds: read_property can free
the object, but we'd try to check the object handlers afterwards.
Avoid use after free in internal prop type verification
This issue only applies to debug builds: read_property can free
the object, but we'd try to check the object handlers afterwards.
Rewrite the check in a way that only accessed the object before
the read_property call.
Fixes oss-fuzz #38297.
show more ...
|
|
Revision tags: php-7.4.24RC1, php-8.0.11RC1, php-8.1.0RC1, php-7.4.23, php-8.0.10 |
|
| #
a40ccd75 |
| 24-Aug-2021 |
Nikita Popov |
Fixed bug #81377
BP_VAR_UNSET should not result in undefined warnings.
|
|
Revision tags: php-7.3.30 |
|
| #
0b7dffb4 |
| 17-Aug-2021 |
Christoph M. Becker |
Fix #73122: Integer Overflow when concatenating strings
We must avoid integer overflows in memory allocations, so we introduce
an additional check in the VM, and bail out in the rare cas
Fix #73122: Integer Overflow when concatenating strings
We must avoid integer overflows in memory allocations, so we introduce
an additional check in the VM, and bail out in the rare case of an
overflow.
Closes GH-7381.
show more ...
|
|
Revision tags: php-8.1.0beta3 |
|
| #
f3c45c17 |
| 17-Aug-2021 |
Christoph M. Becker |
Revert "Fix #73122: Integer Overflow when concatenating strings"
This reverts commit f1ce8d5f5839cb2069ea37ff424fb96b8cd6932d, which has
been accidentially pushed.
|
| #
f1ce8d5f |
| 17-Aug-2021 |
Christoph M. Becker |
Fix #73122: Integer Overflow when concatenating strings
We must avoid integer overflows in memory allocations, so we introduce
an additional check in the VM, and bail out in the rare cas
Fix #73122: Integer Overflow when concatenating strings
We must avoid integer overflows in memory allocations, so we introduce
an additional check in the VM, and bail out in the rare case of an
overflow. Since the recent fix for bug #74960 still doesn't catch all
possible overflows, we fix that right away.
show more ...
|
|
Revision tags: php-8.0.10RC1, php-7.4.23RC1, php-8.1.0beta2 |
|
| #
6d5ae649 |
| 03-Aug-2021 |
Nikita Popov |
Fix ASSIGN_DIM to NEXT with rc=1 reference value
The reference wrapper was destroyed while value still pointed into
it and was later used to assign the ASSIGN_DIM return value. This
Fix ASSIGN_DIM to NEXT with rc=1 reference value
The reference wrapper was destroyed while value still pointed into
it and was later used to assign the ASSIGN_DIM return value. This
could be fixed either by moving the return value assignment earlier,
or by working with the value that has been stored in the array.
I'm going with the latter here, because that matches what the
non-NEXT codepath does via assign_to_variable more closely.
Fixes oss-fuzz #36807.
show more ...
|
| #
05ef6334 |
| 29-Jul-2021 |
Joe Watkins |
Fix bug #81303 improve match errors
|
|
Revision tags: php-8.0.9 |
|
| #
6c7b322d |
| 29-Jul-2021 |
Nikita Popov |
Fix parameter name in count() error message
This parameter has been renamed to $value.
|
| #
840e441d |
| 29-Jul-2021 |
Nikita Popov |
Fix parameter name in call_user_func() error message
This parameter name has been changed to $callback.
|
| #
e0119525 |
| 28-Jul-2021 |
Nikita Popov |
Preload unlinked classes, remove preload autoload (#7311)
Currently, classes that can't be linked get moved back into the original script
and are not preloaded. As such classes may be re
Preload unlinked classes, remove preload autoload (#7311)
Currently, classes that can't be linked get moved back into the original script
and are not preloaded. As such classes may be referenced from functions that
did get preloaded, there is a preload autoload mechanism to load them at
runtime.
Since PHP 8.1, we can safely preload unlinked classes, which will then go
through usual lazy loading. This means that we no longer need the preload
autoload mechanism. However, we need to be careful not to modify any hash
table buckets in-place, and should create new buckets for lazy loaded classes.
show more ...
|
|
Revision tags: php-7.4.22 |
|
| #
dcf5e5bb |
| 27-Jul-2021 |
Nikita Popov |
Reuse part of the class binding logic
This part of DECLARE_CLASS and DECLARE_CLASS_DELAYED is the
same.
|
|
Revision tags: php-8.1.0beta1, php-7.4.22RC1, php-8.0.9RC1, php-8.1.0alpha3, php-7.4.21, php-7.3.29, php-8.0.8, php-8.1.0alpha2, php-7.4.21RC1, php-8.0.8RC1, php-8.1.0alpha1, php-8.0.7, php-7.4.20, php-8.0.7RC1, php-7.4.20RC1, php-8.0.6, php-7.4.19 |
|
| #
7b85d3bb |
| 28-Apr-2021 |
Nikita Popov |
Add support for verifying optimizer func info
This is guarded by -DZEND_VERIFY_FUNC_INFO=1. Enable this on the
variation job.
Closes GH-6924.
|
| #
ae8647d9 |
| 20-Jul-2021 |
Levi Morrison |
Remove leading underscore for _zend_hash_find_known_hash (#7260)
Convert zend_hash_find_ex(..., 1) to zend_hash_find_known_hash(...)
Convert zend_hash_find_ex(..., 0) to zend_hash_find(.
Remove leading underscore for _zend_hash_find_known_hash (#7260)
Convert zend_hash_find_ex(..., 1) to zend_hash_find_known_hash(...)
Convert zend_hash_find_ex(..., 0) to zend_hash_find(...)
Also add serializable changes to UPGRADING.INTERNALS summary
show more ...
|
