From: Dmitry Stogov Date: Mon, 14 Jan 2019 10:21:03 +0000 (+0300) Subject: Merge branch 'PHP-7.3' X-Git-Tag: php-7.4.0alpha1~1228 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7f053c2c492214e7e5100f087b4b3b716822a434;p=php Merge branch 'PHP-7.3' * PHP-7.3: Fixed bug #77263 (Segfault when using 2 RecursiveFilterIterator) --- 7f053c2c492214e7e5100f087b4b3b716822a434 diff --cc Zend/zend_vm_def.h index 22844ccc62,5071be0fb1..d94fe68435 --- a/Zend/zend_vm_def.h +++ b/Zend/zend_vm_def.h @@@ -3522,7 -3099,11 +3522,11 @@@ ZEND_VM_HOT_OBJ_HANDLER(112, ZEND_INIT_ EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if ((OP1_TYPE & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } diff --cc Zend/zend_vm_execute.h index d24636c0f8,2ed807f1ac..c298f5a068 --- a/Zend/zend_vm_execute.h +++ b/Zend/zend_vm_execute.h @@@ -5465,7 -5148,11 +5465,11 @@@ static ZEND_VM_COLD ZEND_OPCODE_HANDLER EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if ((IS_CONST & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } @@@ -7748,7 -7329,11 +7752,11 @@@ static ZEND_VM_COLD ZEND_OPCODE_HANDLER EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if ((IS_CONST & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } @@@ -11419,7 -10429,11 +11427,11 @@@ static ZEND_VM_COLD ZEND_OPCODE_HANDLER EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if ((IS_CONST & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } @@@ -15419,7 -14161,11 +15431,11 @@@ static ZEND_OPCODE_HANDLER_RET ZEND_FAS EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if (((IS_TMP_VAR|IS_VAR) & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } @@@ -16990,7 -15775,11 +17006,11 @@@ static ZEND_OPCODE_HANDLER_RET ZEND_FAS EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if (((IS_TMP_VAR|IS_VAR) & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } @@@ -19303,7 -17656,11 +19323,11 @@@ static ZEND_OPCODE_HANDLER_RET ZEND_FAS EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if (((IS_TMP_VAR|IS_VAR) & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } @@@ -36467,7 -32105,11 +36491,11 @@@ static ZEND_VM_HOT ZEND_OPCODE_HANDLER_ EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if ((IS_UNUSED & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } @@@ -38513,7 -33840,11 +38541,11 @@@ static ZEND_OPCODE_HANDLER_RET ZEND_FAS EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if ((IS_UNUSED & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } @@@ -41204,7 -36219,11 +41236,11 @@@ static ZEND_OPCODE_HANDLER_RET ZEND_FAS EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if ((IS_UNUSED & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } @@@ -47186,7 -41244,11 +47222,11 @@@ static ZEND_VM_HOT ZEND_OPCODE_HANDLER_ EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if ((IS_CV & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } @@@ -51430,7 -45011,11 +51470,11 @@@ static ZEND_OPCODE_HANDLER_RET ZEND_FAS EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if ((IS_CV & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } } @@@ -58357,7 -50813,11 +58401,11 @@@ static ZEND_OPCODE_HANDLER_RET ZEND_FAS EXPECTED(obj == orig_obj)) { CACHE_POLYMORPHIC_PTR(opline->result.num, called_scope, fbc); } + if ((IS_CV & (IS_VAR|IS_TMP_VAR)) && UNEXPECTED(obj != orig_obj)) { + /* Reset "object" to trigger reference counting */ + object = NULL; + } - if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!fbc->op_array.run_time_cache)) { + if (EXPECTED(fbc->type == ZEND_USER_FUNCTION) && UNEXPECTED(!RUN_TIME_CACHE(&fbc->op_array))) { init_func_run_time_cache(&fbc->op_array); } }