Commit graph

193 commits

Author SHA1 Message Date
Dmitry Stogov
89fa77516c Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix type inference
2022-05-11 12:40:16 +03:00
Dmitry Stogov
84c1e99ecf Fix type inference
This fizes oss-fuzz #47044
2022-05-11 12:39:26 +03:00
Dmitry Stogov
2495459e50 Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix type inference
2022-05-11 12:10:00 +03:00
Dmitry Stogov
f1fc58ed8d Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix type inference
2022-05-11 12:09:53 +03:00
Dmitry Stogov
992c8061b4 Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix type inference
2022-04-25 12:17:17 +03:00
Dmitry Stogov
e14dc15e13 Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix type inference
2022-04-25 12:17:07 +03:00
Dmitry Stogov
9e6eb9d5a5 Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix type narrowing warning during type inference of ZEND_FETCH_DIM_W
2022-04-25 11:18:37 +03:00
Dmitry Stogov
2cff0e674d Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix type narrowing warning during type inference of ZEND_FETCH_DIM_W
2022-04-25 11:17:04 +03:00
Nikita Popov
1254aa4f3e Avoid setting ce for ref return_info
This is unlikely to matter in practice (due to short lifetime),
but necessary to satisfy the SSA integrity check.

Fixes oss-fuzz #46980.
2022-04-24 17:35:51 +02:00
Nikita Popov
462dc9da6a Don't specify ce for MAY_BE_REF STATIC_PROP_FETCH
This is unlikely to matter in practice (due to the short lifetime),
but we should not specify a CE for a potential ref result.

Fixes oss-fuzz #46810.
2022-04-18 10:45:57 +02:00
Nikita Popov
df4c27642e Check opcode rather than result_type for R/IS type inference
We may sometimes create FETCH_*_R opcodes with VAR type (e.g. if a
FUNC_ARG opcode is converted to BP_VAR_R fetch kind). Make sure we
don't infer overly conservative types in that case.
2022-04-16 22:42:20 +02:00
Nikita Popov
4bd7f4e0ad Check that MAY_BE_REF variables cannot have a ce 2022-04-15 23:57:21 +02:00
Nikita Popov
7408da7ac0 Merge branch 'PHP-8.1'
* PHP-8.1:
  Move MAY_BE_REF check into COPY_SSA_OBJ_TYPE
2022-04-15 23:15:06 +02:00
Nikita Popov
4026daee2b Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Move MAY_BE_REF check into COPY_SSA_OBJ_TYPE
2022-04-15 23:14:59 +02:00
Nikita Popov
01996d1534 Merge branch 'PHP-8.1'
* PHP-8.1:
  Don't use CE for by-ref arguments
2022-04-15 23:01:05 +02:00
Nikita Popov
38547b996a Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Don't use CE for by-ref arguments
2022-04-15 23:00:59 +02:00
Nikita Popov
bc24c62030 Merge branch 'PHP-8.1'
* PHP-8.1:
  Don't use CE info from pi node for MAY_BE_REF var
2022-04-15 22:39:13 +02:00
Nikita Popov
f1814e6a1f Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Don't use CE info from pi node for MAY_BE_REF var
2022-04-15 22:37:29 +02:00
Nikita Popov
838746bb4b Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix inference for assignment of known object to reference
2022-04-15 22:15:57 +02:00
Nikita Popov
3fdb1aa14e Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix inference for assignment of known object to reference
2022-04-15 22:15:32 +02:00
Nikita Popov
414f7fc2bb Merge branch 'PHP-8.1'
* PHP-8.1:
  Improve type narrowing fix
2022-04-10 11:22:52 +02:00
Nikita Popov
c72e9621ce Improve type narrowing fix
We need to explicitly model the null return type for property
accesses on non-objects.
2022-04-10 11:22:36 +02:00
Nikita Popov
8e58828e89 Add debug assertion on type narrowing
This ensures that this will show up as a fuzzing failure.
2022-04-10 10:45:52 +02:00
Nikita Popov
d5c854d89a Merge branch 'PHP-8.1'
* PHP-8.1:
  Improve file/line information for narrowing warning
2022-04-10 10:42:11 +02:00
Nikita Popov
323f3c6914 Improve file/line information for narrowing warning
Report the file/line of the opline rather than the include location.

This should make issues like #8251 easier to debug.
2022-04-10 10:41:20 +02:00
Dmitry Stogov
d260e063a8 Merge branch 'PHP-8.1'
* PHP-8.1:
  Fixed reference counting inference
2022-04-04 15:34:57 +03:00
Dmitry Stogov
e721a42211 Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fixed reference counting inference
2022-04-04 15:34:46 +03:00
Dmitry Stogov
d06422670c Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix memory leak
2022-03-14 12:59:13 +03:00
Dmitry Stogov
156d3aedc1 Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix memory leak
2022-03-14 12:58:11 +03:00
Dmitry Stogov
486d654b7d Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix typr inference
2022-02-28 18:26:37 +03:00
Dmitry Stogov
aced867a95 Fix typr inference
Fixes oss-fuzz #45020
2022-02-28 18:25:49 +03:00
Dmitry Stogov
3a069da0fd Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix type inference
2022-02-11 13:16:01 +03:00
Dmitry Stogov
0eb96b6e13 Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix type inference
2022-02-11 13:04:12 +03:00
Nikita Popov
4543cd32ae Remove JMPZNZ opcode
While JMPZNZ can avoid execution of a separate JMP opcode in some
cases, it also prevents smart branch optimization, so creating
JMPZNZ may actually have a negative effect. It also adds additional
complexity for optimizations.

Drop JMPZNZ in favor of JMPZ+JMP or JMPNZ+JMP.

Closes GH-7857.
2022-01-10 22:07:10 +01:00
Dmitry Stogov
387c78a41f Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix type inference
2022-01-10 21:55:25 +03:00
Dmitry Stogov
9824735aa4 Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix type inference
2022-01-10 21:54:14 +03:00
Dmitry Stogov
bd44c565b1 Merge branch 'PHP-8.1'
* PHP-8.1:
  Added test
  Fix type inference for assign to string offset with invalid index.
2022-01-10 16:06:08 +03:00
Dmitry Stogov
8e5f54ed0c Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix type inference for assign to string offset with invalid index.
2022-01-10 16:05:01 +03:00
Dmitry Stogov
3319f17650 Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix reference contig inference
2021-12-28 10:02:48 +03:00
Dmitry Stogov
8862e23098 Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix reference contig inference
2021-12-28 10:00:14 +03:00
Dmitry Stogov
2759e6bc69 Fixed assertion when check "instanceof" on unlinked class 2021-12-27 12:02:13 +03:00
Nikita Popov
206d80e11a Reuse get_class_entry_from_op1() helper
Export and reuse this helper in places that fetch a class entry
from op1.
2021-12-25 22:18:50 +01:00
Nikita Popov
2cf93032ee Sink op_array scope case into get_class_entry()
This handles references to the current class through its name
rather than self (and for cases where is is not linked yet and
thus not covered by the context lookup). Rather than handling this
only for FETCH_CLASS_CONSTANT optimization, integrate this into
the generic get_class_entry() utility.
2021-12-25 21:51:29 +01:00
Dmitry Stogov
6b60dc29de Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix type inference for INIT_ARRAY with invalid index
2021-12-20 11:46:45 +03:00
Dmitry Stogov
c8d10a8243 Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix type inference for INIT_ARRAY with invalid index
2021-12-20 11:46:36 +03:00
Dmitry Stogov
bdcef24f4b Merge branch 'PHP-8.1'
* PHP-8.1:
  Remove range inference for booleans.
2021-12-10 14:44:21 +03:00
Dmitry Stogov
cfcee97ad6 Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Remove range inference for booleans.
2021-12-10 14:33:36 +03:00
Dmitry Stogov
ebb7b173b0 Merge branch 'PHP-8.1'
* PHP-8.1:
  Fix refcount inferemce ($a += $a returns old array with RCN)
2021-12-06 11:32:02 +03:00
Dmitry Stogov
4ed10f3d47 Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix refcount inferemce ($a += $a returns old array with RCN)
2021-12-06 11:31:51 +03:00
Dmitry Stogov
c2aea6e805 Merge branch 'PHP-8.1'
* PHP-8.1:
  JIT: Fix incorrect reference counting inference
2021-11-30 13:00:13 +03:00