Apparently, bug 78633 has now really been fixed; the former fix only
catered to the buffer overflow, but yielded a wrong result. Also,
the order of the named captures has been fixed.
Tyson Andre [Wed, 20 Nov 2019 00:12:56 +0000 (19:12 -0500)]
Handle reallocated root buffer during GC destroy phase (v2)
We no longer protect GC during the destroy phase, so we need to
deal with buffer reallocation.
Note that the implementation of spl_SplObjectStorage_free_storage
will call the destructor of SplObjectStorage, and free the instance properties,
which I think is what caused the root buffer to be reallocated.
(`current` is a pointer for an index within the root buffer?)
Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW
Apparently, this has not been tested for a long time, and might be a
refactoring relict. Anyhow, we have to pass the context to
`GIFNextPixel` as well.
Adam Harvey [Wed, 20 Nov 2019 23:33:04 +0000 (15:33 -0800)]
Make the UPGRADING note about ArrayObject more explicit.
We noticed the BC break when testing `curl_setopt()`, and hadn't interpreted
this note as affecting internal functions in general, so this adds a sub-bullet
to note that.
This overlaps a bit with the previous bullet, but since I don't know exactly
which operations were in mind at the time, I've elected to preserve them both.
Bits are cheap.
Maksim Nikulin [Mon, 21 Oct 2019 07:23:29 +0000 (14:23 +0700)]
Do not let PHP-FPM children miss SIGTERM, SIGQUIT
Postpone signal delivery while spawning children.
Prevent the following case:
- Reload (reexec) is in progress.
- New master is forking to start enough children for pools
where `pm` is not `on-demand`.
- Another `SIGUSR2` is received by the master process.
- Master process switches to reloading state.
- Some child has not set its own signal handlers.
- `SIGQUIT` and `SIGTERM` sent by master process are caught
by signal handler set by master process and so they are ignored.
- A child is running, it has no reason to finish
Before pull request #4465 this scenario could cause deadlock,
however with 0ed6c37140 reload finishes after `SIGKILL`.
Use sigprocmask() around fork() to avoid race of delivery signal to children
and setting of own signal handlers.
Opcache stores `opline->handler`s in shared memory. These pointers are
invalid, if the main PHP DLL is loaded at another base address due to
ASLR. We therefore store the address of `execute_ex` in the mmap base
file, and check on startup whether it matches its current address. If
not, we fall back on the file cache if enabled, and bail out otherwise.
This still does not address cases where the opline handler is located
inside of another DLL (e.g. for some profilers, debuggers), but there
seems to be no general solution for now.
We use the portable {TMP} instead of the hard-coded /tmp, and skip
mysqli_debug_append.phpt on Windows, because unlinking the trace file
while the connection is still open won't work there.
Nikita Popov [Tue, 5 Nov 2019 11:13:46 +0000 (12:13 +0100)]
Fixed bug #78775
Clear the OpenSSL error queue before performing SSL stream operations.
As we don't control all code that could possibly be using OpenSSL,
we can't rely on the error queue being empty.
Time flies, so obviously the reported uptime may differ a bit (as
already occasionally noticed on CI); we cater to that by allowing a
delay of up to one second.
This was reported to cause issues for as yet unknown reasons in
bug #78769. As this was intended as code cleanup, revert this from
7.4 at least. May reapply it to master later.
Nikita Popov [Mon, 4 Nov 2019 10:01:56 +0000 (11:01 +0100)]
Fixed bug #78774
The string held by the zend_type may be released if the property
type gets resolved to a CE. I initially wanted to fix this by
storing a zend_type* instead (so the property type resolution
propagates to the ReflectionType), but decided against this in
light of upcoming union types support, where we also need to
represent parts of the union, and will not have a single zend_type*
we can reference.
Nikita Popov [Thu, 31 Oct 2019 10:27:53 +0000 (11:27 +0100)]
Remove configure checks for supported instruction sets
These were checking whether the instruction set is supported by
the host CPU, however they were only used to condition on whether
this instruction set is targeted at all. It would still use dynamic
dispatch (e.g. based on ifunc resolvers) to select the actual
implementation. Whether the target is guaranteed to support the
instruction set without dispatch is determined based on pre-defined
macros like __SSE2__.
This removes the configure-time builtin cpu checks to remove
confusion. Additionally this allows targeting an architecture that
is newer than the host architecture.
Nikita Popov [Wed, 30 Oct 2019 12:15:05 +0000 (13:15 +0100)]
Fix bug #77930: Remove mmap limit
First, the limitation already doesn't trigger if you copy the whole
file (i.e. use copy() or stream_copy_to_stream() and don't specify
a length). This happens because length will be 0 at the time of the
check and only later calculated based on the file size. This means
that we're already completely blowing the length limit for what is
likely the most common case, and it doesn't seem like anyone complained
about that.
Second, the premise of the code comment ("to avoid runaway swapping")
seems incorrect to me. Because this performs a file-backed non-private
mmap, no swap backing is needed for the mapping. Concerns over "memory
usage" are also misplaced, as this is a virtual mapping.
Tyson Andre [Fri, 25 Oct 2019 23:57:39 +0000 (19:57 -0400)]
Optimize creation of empty arrays in json_decode
Use the shared empty array from ZVAL_EMPTY_ARRAY
For code that created an 10 arrays of 100000 empty arrays
(has the same result with `$assoc=true` and `{}`)
- This is the worst-case comparison, but I'd expect 0-length arrays to be fairly
common in regular data for json_decode
- The parser implementation was using function pointers so that third party
extension developers could reuse the json parser for their own
data structures, etc. (I think).
This PR is meant to let those third party extensions continue working
without changes.
Before this patch: In 0.126 seconds: added 97.99 MiB
After this patch: In 0.096 seconds: added 41.99 MiB
```php
<?php
$json = '[' . str_repeat('[],', 100000) . "null]";
$start_memory = memory_get_usage();
$start_time = microtime(true);
$result = [];
for ($i = 0; $i < 10; $i++) {
$result[] = json_decode($json);
}
$end_memory = memory_get_usage();
$end_time = microtime(true);
// Before this patch: In 0.126 seconds: added 97.99 MiB
// After this patch: In 0.096 seconds: added 41.99 MiB
printf("In %.3f seconds: added %.2f MiB\n", $end_time - $start_time, ($end_memory - $start_memory)/1000000);
// For objects
$json = '[' . str_repeat('{},', 100000) . "null]";
$start_memory = memory_get_usage();
$start_time = microtime(true);
for ($i = 0; $i < 10; $i++) {
$result[] = json_decode($json, true);
}
$end_memory = memory_get_usage();
$end_time = microtime(true);
// Before this patch: In 0.126 seconds: added 97.99 MiB
// After this patch: In 0.096 seconds: added 41.99 MiB
printf("In %.3f seconds: added %.2f MiB (objects decoded as arrays) \n", $end_time - $start_time, ($end_memory - $start_memory)/1000000);
```
projects / php / log