op1 of ZEND_MATCH_ERROR, which refers to the match expression, is not freed by
MATCH_ERROR itself. Instead, it is freed by ZEND_HANDLE_EXCEPTION. For normal
control flow, a FREE is placed at the end of the match expression.
Since FREE may appear after MATCH_ERROR in the opcode sequence, we need to
correctly handle op1 of MATCH_ERROR as alive.
Fixes GH-17106
Closes GH-17108
Instead of fixing up temporaries count in between observer steps, just apply the additional temporary in the two affected observer steps.
Closes GH-14018.
`zend_uchar` suggests that the value is an ASCII character, but here,
it's about very small integers. This is misleading, so let's use a
C99 integer instead.
On all architectures currently supported by PHP, `zend_uchar` and
`uint8_t` are identical. This change is only about code readability.
We can't increase the refcount of internal classes during request time.
To work around this problem we simply don't refcount aliases anymore and
add a check in the destruction to skip aliases entirely.
There were also some checks which checked for an alias implicitly by
comparing the refcount, these have been replaced by checking the type of
the zval instead.
Currently, a function is considered a prototype if the function is not
marked as final. However, a class marked as final also make it
impossible for a function to be overridden. Therefore, we know in this
case too that the function is not a prototype.
This allows the type inference algorithm to determine some types more
precisely, and can allow for more optimizations of the instructions.
Additionally, place some computation of the flags in their respective
blocks as a micro-optimization.
Note: anonymous classes *can* be extended (see test
Zend/tests/anon/011.phpt). Therefore we don't optimize this case.
This avoids a possible significant performance penalty, when some leaf function was observed, deep in the stack.
As a side effect, we are not iterating over prev_execute_data anymore and thus, non-observed fake frames, possibly on stack, cannot have any impact on the observer anymore (especially within zend_observer_fcall_end_all).
Saving the previous observer happens now directly on the VM stack. If there is any observer, function frames are allocated an extra zval (the last temporary), which will, on observed frames, contain the previous observed frame address.
While JMPZNZ can avoid execution of a separate JMP opcode in some
cases, it also prevents smart branch optimization, so creating
JMPZNZ may actually have a negative effect. It also adds additional
complexity for optimizations.
Drop JMPZNZ in favor of JMPZ+JMP or JMPNZ+JMP.
Closes GH-7857.
Pass1 handles a number of special functions that can be evaluated
under some circumstances. Move the core logic into a separate
helper, as I believe that SCCP should reuse this.
This handles references to the current class through its name
rather than self (and for cases where is is not linked yet and
thus not covered by the context lookup). Rather than handling this
only for FETCH_CLASS_CONSTANT optimization, integrate this into
the generic get_class_entry() utility.
These are supported as constants nowadays, so we can drop the
string check.
Also fix a potential leak, though I believe this doesn't matter in
current usage, as it will effectively be suppressed during persist.
The generic code was rejecting this to go into a special code path
in SCCP. We should directly do that in SCCP instead, to still allow
the generic (and valid) replacement.
- for packed arrays we store just an array of zvals without keys.
- the elements of packed array are accessible throuf as ht->arPacked[i]
instead of ht->arData[i]
- in addition to general ZEND_HASH_FOREACH_* macros, we introduced similar
familied for packed (ZEND_HASH_PACKED_FORECH_*) and real hashes
(ZEND_HASH_MAP_FOREACH_*)
- introduced an additional family of macros to access elements of array
(packed or real hashes) ZEND_ARRAY_ELEMET_SIZE, ZEND_ARRAY_ELEMET_EX,
ZEND_ARRAY_ELEMET, ZEND_ARRAY_NEXT_ELEMENT, ZEND_ARRAY_PREV_ELEMENT
- zend_hash_minmax() prototype was changed to compare only values
Because of smaller data set, this patch may show performance improvement
on some apps and benchmarks that use packed arrays. (~1% on PHP-Parser)
TODO:
- sapi/phpdbg needs special support for packed arrays (WATCH_ON_BUCKET).
- zend_hash_sort_ex() may require converting packed arrays to hash.
In this case it's not sufficient to replace the JMP_NULL operand,
as it keeps the temporary alive and there may be more uses later.
Fix this by generalizing existing handling for other similar opcodes
like CASE/SWITCH and LIST_R.
Fixes oss-fuzz 5820123475214336.
This code is repeated a few time. Two occurrences additionally
contained checks for user classes in CG(class_table) with the
same file name, but as far as I know these should always be in
the script class_table, so I'm omitting the check here.
1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |
Even if we don't know the exact method being called, include it
in the call graph with the is_prototype flag. In particular, we
can still make use of return types from prototype methods, as
PHP 8 makes LSP violations a hard error.
Most other places are adjusted to skip calls with !is_prototype.
Maybe some of them would be fine, but ignoring them is conservative.
