archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 21:48:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch 'PHP-8.4'

Browse source 
* PHP-8.4:
  Fix RC inference of op1 of FETCH_OBJ and INIT_METHOD_CALL
  Add tests for GH-17151
This commit is contained in:
Ilija Tovilo 2024-12-18 19:10:00 +01:00
commit 8aac6987c2
No known key found for this signature in database
GPG key ID: 5050C66BFCD1015A
5 changed files with 81 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Zend/Optimizer/zend_inference.c
View file

@ -1968,6 +1968,10 @@ static uint32_t get_ssa_alias_types(zend_ssa_alias_kind alias) {
/* TODO: support for array keys and ($str . "")*/ \ /* TODO: support for array keys and ($str . "")*/ \
__type |= MAY_BE_RCN; \ __type |= MAY_BE_RCN; \
} \ } \
if ((__type & MAY_BE_RC1) && (__type & MAY_BE_OBJECT)) {\
/* TODO: object may be captured by magic handlers */\
__type |= MAY_BE_RCN; \
} \
if (__ssa_var->alias) { \ if (__ssa_var->alias) { \
__type |= get_ssa_alias_types(__ssa_var->alias); \ __type |= get_ssa_alias_types(__ssa_var->alias); \
} \ } \

1
ext/opcache/jit/zend_jit_ir.c
View file

@ -14621,6 +14621,7 @@ result_fetched:
ir_MERGE_list(slow_inputs); ir_MERGE_list(slow_inputs);
jit_SET_EX_OPLINE(jit, opline); jit_SET_EX_OPLINE(jit, opline);
op1_info |= MAY_BE_RC1 | MAY_BE_RCN; /* object may be captured/released in magic handler */
if (opline->opcode == ZEND_FETCH_OBJ_W) { if (opline->opcode == ZEND_FETCH_OBJ_W) {
ir_CALL_1(IR_VOID, ir_CONST_FC_FUNC(zend_jit_fetch_obj_w_slow), obj_ref); ir_CALL_1(IR_VOID, ir_CONST_FC_FUNC(zend_jit_fetch_obj_w_slow), obj_ref);
ir_END_list(end_inputs); ir_END_list(end_inputs);

22
ext/opcache/tests/jit/gh17151_1.phpt Normal file
View file

@ -0,0 +1,22 @@
--TEST--
GH-17151: ZEND_FETCH_OBJ_R may modify RC of op1
--FILE--
<?php
class C {
public function __get($name) {
return $this;
}
}
function test() {
$x = (new C)->bar;
var_dump($x);
}
test();
?>
--EXPECTF--
object(C)#%d (0) {
}

29
ext/opcache/tests/jit/gh17151_2.phpt Normal file
View file

@ -0,0 +1,29 @@
--TEST--
GH-17151: ZEND_FETCH_OBJ_R may modify RC of op1
--FILE--
<?php
class C {
public static $prop;
public function __get($name) {
C::$prop = null;
}
public function __destruct() {
echo __METHOD__, "\n";
}
}
function test() {
C::$prop = new C();
C::$prop->bar;
}
test();
echo "Done\n";
?>
--EXPECT--
C::__destruct
Done

25
ext/opcache/tests/jit/gh17151_3.phpt Normal file
View file

@ -0,0 +1,25 @@
--TEST--
GH-17151: Method calls may modify RC of ZEND_INIT_METHOD_CALL op1
--FILE--
<?php
class C {
public static $prop;
public function storeThis() {
self::$prop = $this;
}
}
function test() {
$c = new C();
$c->storeThis();
$c = null;
}
test();
?>
===DONE===
--EXPECT--
===DONE===