Unfortunately, these jobs routinely fail to boot correctly. In this case,
they'll stall and block CI for 6 hours until they finally fail. Add a limit to
make them fail earlier.
On some systems, like Alpine, the thread stack size is small by default.
The last step of SSA construction involves variable renaming that is
recursive, and also makes copies of their version of the renamed
variables on the stack. This combination causes a stack overflow during
compilation on Alpine. Triggerable for example with very long match
statements.
A stop-gap solution would be to use heap allocated arrays for the
renamed variable list, but that would only delay the error as increasing
the number of match arms increases the depth of the dominator tree, and
will eventually run into the same issue.
This patch transforms the algorithm into an iterative one.
There are two states stored in a worklist stack: positive numbers
indicate that the block still needs to undergo variable renaming.
Negative numbers indicate that the block and its dominated children are
already renamed. Because 0 is also a valid block number, we bias the
block numbers by adding 1.
To restore to the right variant when backtracking the "recursive" step,
we index into an array pointing to the different variable renaming
variants.
Closes GH-19083.
8MB sounded a prudent size for older 10.9 macOs release, however
with newer mac with arm64, it triggers a stack overflow.
Cherry picks b320aabc5e (GH-13319) from PHP-8.4.
Closes GH-19390.
Unconditionally execute assignment of EXIT_CODE. Otherwise, the variable bleeds
into the next iteration. Also add newline before ::endgroup::. ASAN does not add
a trailing newline.
There are 2 issues:
1. When a MULTISORT_ABORT happens, it frees func, but func may point to
ARRAYG(multisort_func), which would be a problem with nested
invocations as it can destroy that of the "parent" invocation.
To solve this, delay assigning to the globals.
2. The old globals were not restored which means that nested invocations
with different flags will cause a wrong sorting function to be used.
Closes GH-19319.
Generator::throw() on a running generator is not allowed. It throws "Cannot
resume an already running generator" when trying to resume the generator to
handle the provided exception.
However, when calling Generator::throw() on a generator with a non-Generator
delegate, we release the delegate regardless. If a Fiber was suspended in
the delegate, this causes use after frees when the Fiber is resumed.
Fix this by throwing "Cannot resume an already running generator" earlier.
Fixes GH-19326
Closes GH-19327
Normally we prevent generators from being resumed while they are already
running, but we failed to do so for generators delegating to non-Generators. As
a result such generator can be resumed, terminated, which causes unexpected
results (crashes) later.
In gh19306.phpt in particular, the generator delegate It::getIterator() suspends
while being called by generator g(). We then resume g(), which throws while
trying to resume It::getIterator(). This causes g() and It::getIterator()
to be released. We then UAF when resuming the Fiber in It::getIterator().
Fix this by ensuring that generators are marked as running while they fetch
the next value from the delegate.
Fixes GH-19306
Closes GH-19315
Having an empty result array is not a problem, because zend_hash_extend()
will initialize it. Except it does not when the number of elements to add
equals 0, which leaves the array uninitialized and therefore does not
set the packed flag, causing the assertion failure.
Technically, removing the assert would also work and save a check.
On the other hand, this check could also prevent some real work to be
done and should be relatively cheap as we already have to compute the
sum anyway.
Closes GH-19318.
The 'rl_pending_input' is a variable in Readline library and checking it
with PHP_CHECK_LIBRARY wouldn't find it on some systems.
Library check works on most systems but not on the mentioned AIX in the
bug as it exports variables and functions differently whereas the linker
couldn't resolve the variable as a function.
This should fix the build on systems where this caused issues, such as
AIX.
The <readline/readline.h> is not self-contained header and needs to also
have <stdio.h> included before to have FILE type available. This fixes
the issue on unpatched default readline installations, such as macOS.
Checking this variable ensures that the found library is the correct
library and also that it is of minimum version needed by current PHP
code (https://bugs.php.net/48608).
The library check:
```c
| char rl_pending_input ();
| int main (void) {
| return rl_pending_input ();
| }
```
The declaration check:
```c
| #include <stdio.h>
| #include <readline/readline.h>
| int main (void) {
| #ifndef rl_pending_input
| #ifdef __cplusplus
| (void) rl_pending_input;
| #else
| (void) rl_pending_input;
| #endif
| #endif
| ;
| return 0;
| }
```
Closes https://bugs.php.net/51558
Closes GH-19259.
