Merge branch 'PHP-8.1'

TysonAndre · TysonAndre · commit b50315e73c3b · 2022-02-23T19:52:59.000-05:00
Conflicts:
	ext/spl/tests/fixedarray_023.phpt
	ext/spl/spl_fixedarray.c (fix compile error)
diff --git a/ext/spl/spl_fixedarray.c b/ext/spl/spl_fixedarray.c
@@ -48,6 +48,8 @@ typedef struct _spl_fixedarray {
 	zend_long size;
 	/* It is possible to resize this, so this can't be combined with the object */
 	zval *elements;
+	/* True if this was modified after the last call to get_properties or the hash table wasn't rebuilt. */
+	bool                 should_rebuild_properties;
 } spl_fixedarray;
 
 typedef struct _spl_fixedarray_object {
@@ -106,6 +108,7 @@ static void spl_fixedarray_init(spl_fixedarray *array, zend_long size)
 		array->size = 0; /* reset size in case ecalloc() fails */
 		array->elements = safe_emalloc(size, sizeof(zval), 0);
 		array->size = size;
+		array->should_rebuild_properties = true;
 		spl_fixedarray_init_elems(array, 0, size);
 	} else {
 		spl_fixedarray_default_ctor(array);
@@ -169,6 +172,7 @@ static void spl_fixedarray_resize(spl_fixedarray *array, zend_long size)
 		/* nothing to do */
 		return;
 	}
+	array->should_rebuild_properties = true;
 
 	/* first initialization */
 	if (array->size == 0) {
@@ -208,6 +212,22 @@ static HashTable* spl_fixedarray_object_get_properties(zend_object *obj)
 	HashTable *ht = zend_std_get_properties(obj);
 
 	if (!spl_fixedarray_empty(&intern->array)) {
+		/*
+		 * Usually, the reference count of the hash table is 1,
+		 * except during cyclic reference cycles.
+		 *
+		 * Maintain the DEBUG invariant that a hash table isn't modified during iteration,
+		 * and avoid unnecessary work rebuilding a hash table for unmodified properties.
+		 *
+		 * See https://github.com/php/php-src/issues/8079 and ext/spl/tests/fixedarray_022.phpt
+		 * Also see https://github.com/php/php-src/issues/8044 for alternate considered approaches.
+		 */
+		if (!intern->array.should_rebuild_properties) {
+			/* Return the same hash table so that recursion cycle detection works in internal functions. */
+			return ht;
+		}
+		intern->array.should_rebuild_properties = false;
+
 		zend_long j = zend_hash_num_elements(ht);
 
 		if (GC_REFCOUNT(ht) > 1) {
@@ -370,6 +390,9 @@ static zval *spl_fixedarray_object_read_dimension(zend_object *object, zval *off
 	}
 
 	spl_fixedarray_object *intern = spl_fixed_array_from_obj(object);
+	if (type != BP_VAR_IS && type != BP_VAR_R) {
+		intern->array.should_rebuild_properties = true;
+	}
 	return spl_fixedarray_object_read_dimension_helper(intern, offset);
 }
 
@@ -393,6 +416,7 @@ static void spl_fixedarray_object_write_dimension_helper(spl_fixedarray_object *
 		zend_throw_exception(spl_ce_RuntimeException, "Index invalid or out of range", 0);
 		return;
 	} else {
+		intern->array.should_rebuild_properties = true;
 		/* Fix #81429 */
 		zval *ptr = &(intern->array.elements[index]);
 		zval tmp;
@@ -433,6 +457,7 @@ static void spl_fixedarray_object_unset_dimension_helper(spl_fixedarray_object *
 		zend_throw_exception(spl_ce_RuntimeException, "Index invalid or out of range", 0);
 		return;
 	} else {
+		intern->array.should_rebuild_properties = true;
 		zval_ptr_dtor(&(intern->array.elements[index]));
 		ZVAL_NULL(&intern->array.elements[index]);
 	}
diff --git a/ext/spl/tests/fixedarray_023.phpt b/ext/spl/tests/fixedarray_023.phpt
@@ -1,11 +1,36 @@
 --TEST--
-SPL: FixedArray: Bug GH-8041 (php 8.2.0-dev crashes with assertion for cloning/get_object_vars on non-empty SplFixedArray)
+SPL: FixedArray: Infinite loop in var_export bugfix
 --FILE--
 <?php
-$x = new SplFixedArray(1);
-$z = (array)$x;
-$y = clone $x;
+call_user_func(function () {
+    $x = new SplFixedArray(4);
+    $x[0] = NAN; // Test NAN just in case this check is incorrectly refactored to use zend_is_identical
+    $x[1] = 0.0;
+    $x[2] = $x;
+    $x[3] = $x;
+    var_export($x);
+    echo "\n";
+    $x[1] = -0.0;
+    debug_zval_dump($x);
+});
 ?>
-DONE
---EXPECT--
-DONE
+--EXPECTF--
+Warning: var_export does not handle circular references in %s on line 8
+
+Warning: var_export does not handle circular references in %s on line 8
+SplFixedArray::__set_state(array(
+   0 => NAN,
+   1 => 0.0,
+   2 => NULL,
+   3 => NULL,
+))
+object(SplFixedArray)#2 (4) refcount(6){
+  [0]=>
+  float(NAN)
+  [1]=>
+  float(-0)
+  [2]=>
+  *RECURSION*
+  [3]=>
+  *RECURSION*
+}
diff --git a/ext/spl/tests/fixedarray_024.phpt b/ext/spl/tests/fixedarray_024.phpt
@@ -0,0 +1,11 @@
+--TEST--
+SPL: FixedArray: Bug GH-8041 (php 8.2.0-dev crashes with assertion for cloning/get_object_vars on non-empty SplFixedArray)
+--FILE--
+<?php
+$x = new SplFixedArray(1);
+$z = (array)$x;
+$y = clone $x;
+?>
+DONE
+--EXPECT--
+DONE
