Commit: 5015c4af6c1d2af992e0525f10e93b01043730e1 Author: Dmitry Stogov <dmi...@zend.com> Thu, 29 Aug 2013 11:56:01 +0400 Parents: 0f3977bc0fd31ee188ee50f44b130420812b93a9 Branches: PHP-5.5 master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=5015c4af6c1d2af992e0525f10e93b01043730e1 Log: Fixed bug #65510 (5.5.2 crashes in _get_zval_ptr_ptr_var) Bugs: https://bugs.php.net/65510 Changed paths: M NEWS M ext/opcache/Optimizer/pass1_5.c A ext/opcache/tests/bug65510.phpt Diff: diff --git a/NEWS b/NEWS index 86eb571..518c997 100644 --- a/NEWS +++ b/NEWS @@ -27,6 +27,7 @@ PHP NEWS - OPCache: . Fixed bug #65561 (Zend Opcache on Solaris 11 x86 needs ZEND_MM_ALIGNMENT=4). (Terry Ellison) + . Fixed bug #65510 (5.5.2 crashes in _get_zval_ptr_ptr_var). (Dmitry) - Openssl: . Fixed bug #64802 (openssl_x509_parse fails to parse subject properly in diff --git a/ext/opcache/Optimizer/pass1_5.c b/ext/opcache/Optimizer/pass1_5.c index 46406c3..795b954 100644 --- a/ext/opcache/Optimizer/pass1_5.c +++ b/ext/opcache/Optimizer/pass1_5.c @@ -408,6 +408,7 @@ if (ZEND_OPTIMIZER_PASS_1 & OPTIMIZATION_LEVEL) { int var = opline->result.var; int level = 0; zend_op *op = opline + 1; + zend_op *use = NULL; while (op < end) { if (op->opcode == ZEND_BEGIN_SILENCE) { @@ -420,21 +421,36 @@ if (ZEND_OPTIMIZER_PASS_1 & OPTIMIZATION_LEVEL) { } } if (op->op1_type == IS_VAR && op->op1.var == var) { - op->op1_type = IS_CV; - op->op1.var = zend_optimizer_lookup_cv(op_array, + if (use) { + /* used more than once */ + use = NULL; + break; + } + use = op; + } else if (op->op2_type == IS_VAR && op->op2.var == var) { + if (use) { + /* used more than once */ + use = NULL; + break; + } + use = op; + } + op++; + } + if (use) { + if (use->op1_type == IS_VAR && use->op1.var == var) { + use->op1_type = IS_CV; + use->op1.var = zend_optimizer_lookup_cv(op_array, Z_STRVAL(ZEND_OP1_LITERAL(opline)), Z_STRLEN(ZEND_OP1_LITERAL(opline))); MAKE_NOP(opline); - break; - } else if (op->op2_type == IS_VAR && op->op2.var == var) { - op->op2_type = IS_CV; - op->op2.var = zend_optimizer_lookup_cv(op_array, + } else if (use->op2_type == IS_VAR && use->op2.var == var) { + use->op2_type = IS_CV; + use->op2.var = zend_optimizer_lookup_cv(op_array, Z_STRVAL(ZEND_OP1_LITERAL(opline)), Z_STRLEN(ZEND_OP1_LITERAL(opline))); MAKE_NOP(opline); - break; } - op++; } } break; diff --git a/ext/opcache/tests/bug65510.phpt b/ext/opcache/tests/bug65510.phpt new file mode 100644 index 0000000..ba19d27 --- /dev/null +++ b/ext/opcache/tests/bug65510.phpt @@ -0,0 +1,20 @@ +--TEST-- +Bug #65510 (5.5.2 crashes in _get_zval_ptr_ptr_var) +--INI-- +allow_url_include=1 +opcache.enable=1 +opcache.enable_cli=1 +--SKIPIF-- +<?php require_once('skipif.inc'); ?> +--FILE-- +<?php +function parseQuery() { + $m = array("l", "a", "r", "u", "e", "n", "c", "e"); + foreach($m as $n) { + @list($a, $b) = $n; + } +} +parseQuery(); +echo "ok\n"; +--EXPECT-- +ok -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
