archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
123521 commits 526 branches 1434 tags 865 MiB
Commit graph

111 commits

Author SHA1 Message Date
Dmitry Stogov
aa352c2c54 JIT: Fixed memory leak 
Fixes oss-fuzz #45981
 2022-03-25 16:54:50 +03:00
Dmitry Stogov
7051dc3372 JIT: Fix memory leak 
Fixes oss-fuzz #45658
 2022-03-21 12:50:30 +03:00
Dmitry Stogov
70f7e7d83f JIT: Fix memory leak 
Fixes oss-fuzz #44920
 2022-02-28 15:43:03 +03:00
Dmitry Stogov
fd879e6fe4 JIT: Fix array clobbering by user error handler 
Gixes oss-fuzz #43055
 2021-12-28 16:51:03 +03:00
Dmitry Stogov
cbc0b1afeb Fix array clobering by user error handler 
Fixes oss-fuzz #42234
 2021-12-13 14:59:30 +03:00
Dmitry Stogov
c9901aa594 Add missing "return" 2021-12-03 13:52:10 +03:00
Dmitry Stogov
4a5c05a49d ws 2021-12-03 13:40:01 +03:00
Dmitry Stogov
1d054b3fa7 Fix array object clobbering by user error handler 
Fixes oss-fuss #41605 and #41610
 2021-12-03 13:35:28 +03:00
Dmitry Stogov
2fde308fc6 JIT: Fix ASSIGN_DIM_OP with undefined variable and index and user error handler, throwing an exception 
Fixes oss-fuzz #39422
 2021-12-02 22:19:48 +03:00
Dmitry Stogov
94286cd596 Fix yet another indirect string modification by error handler problem 2021-12-02 16:16:54 +03:00
Dmitry Stogov
37ac707cac Add missing zend_string_release_ex(tmp, 0) and cleanup 
- use GC_DELREF() instead of zend_string_release_ex()
- add expectations for exceptional cases
- replace IS_ARRAY_IMMUTABLE by IS_STR_INTERNED
 2021-12-02 11:18:08 +03:00
Dmitry Stogov
df16da3697 Fixed ext/bz2/tests/005.phpt test failure introduesed by 09547c64c2 2021-12-02 10:32:45 +03:00
Dmitry Stogov
4595a57e99 Fix clobering of operand by error handler in assignment to string offset (optimization and JIT support) 2021-12-02 01:20:17 +03:00
Dmitry Stogov
6e1fe96962 JIT: Fix uninitialized result of ASSIGN_DIM[_OP] after clobbering array by user error handler 
Fixes oss-fuzz #41208
 2021-11-30 11:40:18 +03:00
Dmitry Stogov
9dd3e8be8a JIT: Fixed memory leak in Zend/tests/concat_002.phpt introduced by fac78ee760 2021-11-17 18:43:39 +03:00
Dmitry Stogov
fac78ee760 JIT: Fixed memory leak 2021-11-17 13:59:35 +03:00
Dmitry Stogov
5380b415a2 JIT: Partially fix handling of exceptions thrown in interrupt handlers 2021-11-11 21:14:17 +03:00
Dmitry Stogov
e868ded6ef Don't call _zend_hash_index_find() for packed arrays 2021-11-08 13:13:23 +03:00
Dmitry Stogov
f1e6a7d83d JIT: Fixed numeric string index handling 2021-11-01 18:50:32 +03:00
Nikita Popov
08c29a657d Handle undefined dim in assign_dim_helper 
Not only the value can be undefined here, but the offset as well.
 2021-10-07 15:35:16 +02:00
Dmitry Stogov
6ab36fb6f9 JIT: Fixed incorrect reference handling in PRE_INC/DEC_OBJ 2021-10-07 14:34:18 +03:00
Dmitry Stogov
17b127a84f JIT: Fixed result when assigning to typed reference 2021-09-28 14:19:23 +03:00
Nikita Popov
0391c55b0c Check exception before using undef_result_after_exception() 
undefined_op_helper_write() can return 0 not just if an exception
is thrown, so check this explicitly. This fixes an issue introduced
in fe1633f010.
 2021-09-28 12:22:12 +02:00
Nikita Popov
fe1633f010 Undef result if undef dim warning promoted to exception 
Fixes oss-fuzz #39278.
 2021-09-28 11:35:53 +02:00
Dmitry Stogov
325865d750 JIT: Split zend_jit_hash_index_lookup_rw() into zend_jit_hash_index_lookup_rw() and zend_jit_hash_index_lookup_rw_no_packed(). 
The previous version might fail if zend_jit_hash_index_lookup_rw() was called for packed array.
 2021-09-27 22:09:51 +03:00
Dmitry Stogov
09d4037a17 JIT: Fixed possible memory leak 2021-09-22 22:57:57 +03:00
Nikita Popov
770879702a Fix JIT typed property inc/dec 
This was leaking memory for pre-inc/dec of a refcounted typed
property if the result was not used.

The code to do this was unnecessarily complicated, we can base
this on the zend_jit_inc/dec_typed_prop() helper and copy to the
result afterwards.
 2021-09-22 15:32:19 +02:00
Nikita Popov
f4bcf8c393 Check for undef var in typed property assignment 
Without this check the assignment would actually silently succeed,
not just skip the warning.
 2021-09-21 14:09:26 +02:00
Nikita Popov
3ee85ccd4a Handle undef assignment to typed ref 2021-09-15 10:58:01 +02:00
Nikita Popov
e7663785a7 Handle undef value in assign_dim jit 
We should report the undefined variable here and convert it to
null. Passing on undef is particularly insidious here, because
a write_dimension handler may insert it into a hash table
(observed with WeakMap).
 2021-09-13 11:09:00 +02:00
Nikita Popov
6fd880890c Add exception check to zend_jit_fetch_obj_w_slow() 
This ports 247105ae1a to the JIT
implementation. The issue doesn't trigger on the original test
case with JIT, but I ran into a case that does trigger with JIT
once we have typed properties.
 2021-07-14 16:56:12 +02:00
Dmitry Stogov
ac65f6af6e Fixed bug #81051 (Broken property type handling after incrementing reference) 2021-05-27 15:22:34 +03:00
Dmitry Stogov
bf21261c63 Add missing undefined variable warning an result initialization. 
(This fixes Zend/tests/bug78531.phpt without PROFITABILITY_CHECKS).
 2021-05-21 10:03:00 +03:00
Dmitry Stogov
db309b2e4b Don't assign to string offset after exception (This fixes 
Zend/tests/bug31098.phpt failure without PROFITABILITY_CHECKS)
 2021-05-21 00:48:24 +03:00
Dmitry Stogov
c8df28d276 Fixed 32-bit JIT 2020-11-20 15:12:30 +03:00
Dmitry Stogov
069f9cbaa5 Added missing deoptimization code for trampoline handling 2020-11-19 12:32:36 +03:00
Alex Dowad
d44235acae Convert numeric string array keys to integers correctly in JITted code 
While fixing bugs in mbstring, one of my new test cases failed with a strange
error message stating: 'Warning: Undefined array key 1...', when clearly the
array key had been set properly.

GDB'd that sucker and found that JIT'd PHP code was calling directly into
`zend_hash_add_new` (which was not converting the numeric string key to an
integer properly). But where was that code coming from? I examined the disasm,
looked up symbols to figure out where call instructions were going, then grepped
the codebase for those function names. It soon became clear that the disasm I
was looking at was compiled from `zend_jit_fetch_dim_w_helper`.
 2020-10-30 22:07:08 +02:00
Dmitry Stogov
0ac810bbc5 Improve JIT for fetching character form string 2020-10-20 20:29:33 +03:00
Dmitry Stogov
fc14dbb713 Keep the same JIT code for PHP-8.0 and master (workaround against PHP-8.0 ABI freeze) 2020-10-09 16:54:26 +03:00
Dmitry Stogov
e9820bf470 Fixed memory leak in ext/spl/tests/bug77263.phpt 2020-09-17 11:55:50 +03:00
Dmitry Stogov
f786c0e097 Optimize code for FETCH_THIS + INIT_METHOD_CALL/ASSIGN_OBJ_OP/etc 2020-09-16 14:22:36 +03:00
Dmitry Stogov
5f1fb1a5a4 JIT for INIT_METHOD_CALL 2020-09-16 10:25:36 +03:00
Dmitry Stogov
a351da55bf Simplify zend_jit_pre/post_inc/dec_typed_ref() helpers 2020-09-14 22:26:34 +03:00
Dmitry Stogov
8f342ad4d2 JIT for PRE/POST_INC/DEC_OBJ 2020-09-14 19:36:15 +03:00
Dmitry Stogov
bf515649ff JIT for ASSIGN_OBJ_OP 2020-09-14 13:31:41 +03:00
Dmitry Stogov
7b0a053169 JIT for ASSIGN_OBJ 2020-09-10 23:41:50 +03:00
Dmitry Stogov
73c7fa272d JIT for FETCH_DIM_W/RW insructions 2020-09-09 02:41:22 +03:00
Nikita Popov
a1a4c03b9b Fix call to type error functions from jit 
Missed to adjust those calls.
 2020-08-28 17:37:00 +02:00
Dmitry Stogov
9d409f2c1e Eliminate ZSTR_IS_INTERNED() check 2020-08-27 11:38:15 +03:00
Nikita Popov
c48b745f00 Promote "undefined array key" notice to warning 
This implements the last remaining part of the
https://wiki.php.net/rfc/engine_warnings RFC.

Closes GH-5927.
 2020-08-03 14:40:50 +02:00