Nikita Popov [Thu, 18 Jun 2020 08:32:33 +0000 (10:32 +0200)]
Migrate some tests to certificate generator
This migrates all the tests using ext/openssl/tests/streams_crypto_method.pem
to the certificate generator, so we can easily adjust needed parameters.
In particular, this makes the cert security level 2 compatible.
However, we still need to downgrade security_level to 1 in a number
of tests, because they are testing TLS < 1.2 connections.
Nikita Popov [Thu, 18 Jun 2020 08:07:45 +0000 (10:07 +0200)]
Remove bug48187.phpt
Saw a spurious failure from this one on azure macos, presumably
the process got interrupted in the middle and waited for more than
one second to resume.
After looking a bit more closely, this test doesn't actually test
what bug #48187 reported, because there is no DateTime::diff()
anywhere to be found. This test was also added speculatively,
because the root cause was never diagnosed, and the problems seems
to have resolved itself at some point.
As such, I'm simply dropping this test, rather than figuring out
how to make it more robust.
In 1999, inline optimization was turned off by default. The commit log indicates this was
done because GCC was running out of memory on some hosts when building the Zend executor.
In 2003, inline optimization was re-enabled by default, but a build option was added to
turn it off if one runs out of memory when building.
Computing hardware has come a long way since 2003 and I doubt that anyone is running out
of memory when building PHP now.
Interestingly, this code set an unused variable called `INLINE_CFLAGS`. It actually
disabled inline optimization by adding -O0 to the build command, not using `INLINE_CFLAGS`.
Just to see how much memory GCC/Make are using when building PHP, I tried building with
successively higher values of `ulimit -v` until it succeeded. Interestingly, while most
of the codebase can be built with about 400MB of memory, ext/fileinfo/libmagic/apprentice.c
requires 1.2GB, doubtless because it includes ext/fileinfo/data_file.c, which is more
than 350,000 lines long. That is with GCC 7.5.0.
Most users get PHP as a binary package anyways, so the question is, are *packagers*
of PHP trying to build on machines with just 1GB RAM? And would they want to package
a PHP interpreter built with *no optimizations*? I can't imagine either being true.
Instead of marking unreachable code with `ZEND_ASSERT(0)`, we introduce
`ZEND_UNREACHABLE()`, so that MSVC which does not consider `assert(0)`
to mark unreachable code does no longer trigger C4715[1] warnings in
debug builds. This may be useful for other compilers as well.
FR #79344: xmlwriter_write_attribute_ns: $prefix should be nullable
The `$prefix` parameter of `xmlwriter_write_element_ns()` and
`xmlwriter_start_element_ns()` is nullable, what allows these functions
to be used instead of their non NS variants. Consequently, we make the
`$prefix` parameter of `xmlwriter_write_attribute_ns()` and
`xmlwriter_start_attribute_ns()` nullable as well.
Even if the length of a maker note does not match our expectations
(either because the maker note is corrupted, or because our
expectations do not quite match reality), there is no need to let
parsing fail; we can still go on parsing the other meta information.
Nikita Popov [Fri, 12 Jun 2020 12:57:08 +0000 (14:57 +0200)]
Use GC stack in nested data removal
We should be doing this anyway to prevent stack overflow, but on
master this is important for an additional reason: The temporary
GC buffer provided for get_gc handlers may get reused if the scan
is performed recursively instead of indirected via the GC stack.
Nikita Popov [Fri, 12 Jun 2020 10:52:39 +0000 (12:52 +0200)]
Avoid out of range float to int cast in exif
Use convert_any_int instead of convert_any_format to directly get
an integer.
Also adjust SRATIONAL handling to not go through a double division.
This was introduced to avoid SIGFPE for the INT_MIN / -1 case,
but we can just handle that explicitly.
Nikita Popov [Fri, 12 Jun 2020 08:18:19 +0000 (10:18 +0200)]
Use unused attribute for _dummy
The (void)_dummy is apparently considered a read of an uninitialized
variable. As it is a _Bool now, which has trap representations, this
is no longer considered legal and results in somewhat odd ubsan
warnings of the form:
runtime error: load of value 0, which is not a valid value for type 'zend_bool' (aka 'bool')
Anatol Belski [Thu, 11 Jun 2020 11:09:00 +0000 (13:09 +0200)]
sqlite3: Fix possible use after free
Exception should be thrown before the db handle is destroyed.
The backtrace excerpt
==26628== Invalid read of size 4
==26628== at 0x53C49E3: sqlite3_errmsg (in /usr/lib64/libsqlite3.so.0.8.6)
==26628== by 0x38C4E9: zim_sqlite3_open (sqlite3.c:142)
==26628== by 0x8977BF: ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER (zend_vm_execute.h:1618)
==26628== by 0x8F801E: execute_ex (zend_vm_execute.h:53824)
==26628== by 0x8FC0BB: zend_execute (zend_vm_execute.h:57920)
==26628== by 0x828F54: zend_execute_scripts (zend.c:1672)
==26628== by 0x793C2C: php_execute_script (main.c:2621)
==26628== by 0x8FEA44: do_cli (php_cli.c:964)
==26628== by 0x8FF9DC: main (php_cli.c:1359)
The output normalization of bless_tests.php only detected absolute Unix
filenames; we extend this for absolute Windows filenames, regardless of
the platform we're running on (tests may have been run on Windows, but
bless_tests.php may be run from WSL or a Linux VM, for instance).
Nikita Popov [Wed, 10 Jun 2020 08:25:50 +0000 (10:25 +0200)]
Fix bug #65006
The "callable name" may be the same for multiple distinct callables.
The code already worked around this for the case of instance methods,
but there are other cases in which callable names clash, such as
the use of self:: reported in the referenced bug.
Rather than trying to generate a unique name for callables, compare
the content of the alfi structures. This is less efficient if there
are many autoload functions, but autoload *registration* does not
need to be particularly efficient.
As a side-effect, this no longer permits unregistering non-callables.
Nikita Popov [Wed, 10 Jun 2020 08:03:43 +0000 (10:03 +0200)]
Remove called_scope inheritance in zend_call_method()
Similar to 097043db2a0d113f89bd26c6f1d7a976d83951a8, but for the
zend_call_method() API. I don't think we ever use this for
static methods, but this logic shouldn't be there. If you want
to inherit the active LSB scope for some reason, do so explicitly.
Nikita Popov [Wed, 10 Jun 2020 07:55:50 +0000 (09:55 +0200)]
Fix called scope assignment in autoloader
We should use the scope specified in the spl_autoload_register()
call, not whatever LSB scope just so happens to be active at the
time of the autoloader call.
Nikita Popov [Wed, 10 Jun 2020 07:41:58 +0000 (09:41 +0200)]
Remove autoload_running flag
This was only used to decide between a hash clean and a hash
destroyed in spl_autoload_remove(). But now that
spl_autoload_functions() no longer distinguishes between NULL and
an empty array here, there's really no need to try and destroy
the hashtable here.
Nikita Popov [Tue, 9 Jun 2020 15:36:36 +0000 (17:36 +0200)]
Cleanup SPL autoload implementation
Replace EG(autoload_func) with a C level zend_autoload hook.
This avoids having to do one indirection through PHP function
calls. The need for EG(autoload_func) was a leftover from the
__autoload() implementation.
Additionally, drop special-casing of spl_autoload(), and instead
register it just like any other autoloading function. This fixes
bug #71236 as a side-effect.
Finally, change spl_autoload_functions() to always return an array.
The distinction between false and an empty array no longer makes
sense here.
Control VCRT leak reporting via environment variable in debug builds
Formerly, this had to be enabled by passing the configuration flag
`--enable-crt-debug`; now it can be enabled by setting the environment
variable `PHP_WIN32_DEBUG_HEAP`. The advantage is that it is no longer
necessary to do separate builds, at the cost of a very minor
performance penalty during process startup.
In module startup stage, we should not initiliaze
EG(modified_ini_directives) as it use zend MM, the zend MM will be
restart at the end of modules startup stage,
by say "partial", because this issue still exists if altering ZEND_USER
inis, we should add a zend_ini_deactive at the end of modules startup
stage, but it brings some new cost, and I think no one would do things
like that
projects / php / log