From 93104e5c5980842f5cf9e9e7e267125ddc584f89 Mon Sep 17 00:00:00 2001 From: Arnaud Le Blanc Date: Tue, 7 Oct 2025 11:05:11 +0200 Subject: [PATCH 01/15] Upgrade Alpine in push job Closes GH-20090 --- .github/workflows/push.yml | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 265f78abe0763..ac1ac8be7b06d 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -43,19 +43,14 @@ jobs: ALPINE: if: github.repository == 'php/php-src' || github.event_name == 'pull_request' name: ALPINE_X64_ASAN_UBSAN_DEBUG_ZTS - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 container: - image: 'alpine:3.20.1' + image: 'alpine:3.22' steps: - name: git checkout uses: actions/checkout@v5 - name: apk uses: ./.github/actions/apk - - name: LLVM 17 (ASAN-only) - # libclang_rt.asan-x86_64.a is provided by compiler-rt, and only for clang17: - # https://pkgs.alpinelinux.org/contents?file=libclang_rt.asan-x86_64.a&path=&name=&branch=v3.20 - run: | - apk add clang17 compiler-rt - name: System info run: | echo "::group::Show host CPU info" @@ -70,8 +65,8 @@ jobs: configurationParameters: >- CFLAGS="-fsanitize=undefined,address -fno-sanitize=function -DZEND_TRACK_ARENA_ALLOC" LDFLAGS="-fsanitize=undefined,address -fno-sanitize=function" - CC=clang-17 - CXX=clang++-17 + CC=clang-20 + CXX=clang++-20 --enable-debug --enable-zts skipSlow: true # FIXME: This should likely include slow extensions From 1c8363d2bfe214c142b3e17bf7303b6c338ac41a Mon Sep 17 00:00:00 2001 From: Niels Dossche <7771979+nielsdos@users.noreply.github.com> Date: Sat, 13 Sep 2025 00:15:01 +0200 Subject: [PATCH 02/15] Fix curl build failure on macOS+curl 8.16 --- ext/curl/interface.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/ext/curl/interface.c b/ext/curl/interface.c index 807b27cb78c90..4df24cff1b5bc 100644 --- a/ext/curl/interface.c +++ b/ext/curl/interface.c @@ -1453,11 +1453,11 @@ static int curl_fnmatch(void *ctx, const char *pattern, const char *string) /* }}} */ /* {{{ curl_progress */ -static size_t curl_progress(void *clientp, double dltotal, double dlnow, double ultotal, double ulnow) +static int curl_progress(void *clientp, double dltotal, double dlnow, double ultotal, double ulnow) { php_curl *ch = (php_curl *)clientp; php_curl_callback *t = ch->handlers.progress; - size_t rval = 0; + int rval = 0; #if PHP_CURL_DEBUG fprintf(stderr, "curl_progress() called\n"); @@ -1818,8 +1818,8 @@ static void _php_curl_set_default_options(php_curl *ch) { char *cainfo; - curl_easy_setopt(ch->cp, CURLOPT_NOPROGRESS, 1); - curl_easy_setopt(ch->cp, CURLOPT_VERBOSE, 0); + curl_easy_setopt(ch->cp, CURLOPT_NOPROGRESS, 1L); + curl_easy_setopt(ch->cp, CURLOPT_VERBOSE, 0L); curl_easy_setopt(ch->cp, CURLOPT_ERRORBUFFER, ch->err.str); curl_easy_setopt(ch->cp, CURLOPT_WRITEFUNCTION, curl_write); curl_easy_setopt(ch->cp, CURLOPT_FILE, (void *) ch); @@ -1828,10 +1828,10 @@ static void _php_curl_set_default_options(php_curl *ch) curl_easy_setopt(ch->cp, CURLOPT_HEADERFUNCTION, curl_write_header); curl_easy_setopt(ch->cp, CURLOPT_WRITEHEADER, (void *) ch); #ifndef ZTS - curl_easy_setopt(ch->cp, CURLOPT_DNS_USE_GLOBAL_CACHE, 1); + curl_easy_setopt(ch->cp, CURLOPT_DNS_USE_GLOBAL_CACHE, 1L); #endif - curl_easy_setopt(ch->cp, CURLOPT_DNS_CACHE_TIMEOUT, 120); - curl_easy_setopt(ch->cp, CURLOPT_MAXREDIRS, 20); /* prevent infinite redirects */ + curl_easy_setopt(ch->cp, CURLOPT_DNS_CACHE_TIMEOUT, 120L); + curl_easy_setopt(ch->cp, CURLOPT_MAXREDIRS, 20L); /* prevent infinite redirects */ cainfo = INI_STR("openssl.cafile"); if (!(cainfo && cainfo[0] != '\0')) { @@ -2807,7 +2807,7 @@ static int _php_curl_setopt(php_curl *ch, zend_long option, zval *zvalue, bool i /* no need to build the mime structure for empty hashtables; also works around https://github.com/curl/curl/issues/6455 */ curl_easy_setopt(ch->cp, CURLOPT_POSTFIELDS, ""); - error = curl_easy_setopt(ch->cp, CURLOPT_POSTFIELDSIZE, 0); + error = curl_easy_setopt(ch->cp, CURLOPT_POSTFIELDSIZE, 0L); } else { return build_mime_structure_from_hash(ch, zvalue); } @@ -2871,7 +2871,7 @@ static int _php_curl_setopt(php_curl *ch, zend_long option, zval *zvalue, bool i case CURLOPT_POSTREDIR: lval = zval_get_long(zvalue); - error = curl_easy_setopt(ch->cp, CURLOPT_POSTREDIR, lval & CURL_REDIR_POST_ALL); + error = curl_easy_setopt(ch->cp, CURLOPT_POSTREDIR, (long) (lval & CURL_REDIR_POST_ALL)); break; /* the following options deal with files, therefore the open_basedir check @@ -2906,11 +2906,11 @@ static int _php_curl_setopt(php_curl *ch, zend_long option, zval *zvalue, bool i if (zend_is_true(zvalue)) { curl_easy_setopt(ch->cp, CURLOPT_DEBUGFUNCTION, curl_debug); curl_easy_setopt(ch->cp, CURLOPT_DEBUGDATA, (void *)ch); - curl_easy_setopt(ch->cp, CURLOPT_VERBOSE, 1); + curl_easy_setopt(ch->cp, CURLOPT_VERBOSE, 1L); } else { curl_easy_setopt(ch->cp, CURLOPT_DEBUGFUNCTION, NULL); curl_easy_setopt(ch->cp, CURLOPT_DEBUGDATA, NULL); - curl_easy_setopt(ch->cp, CURLOPT_VERBOSE, 0); + curl_easy_setopt(ch->cp, CURLOPT_VERBOSE, 0L); } break; From da75e41a6f7e1d64904e45612eaafe4a636fe502 Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Mon, 22 Sep 2025 10:55:59 +0200 Subject: [PATCH 03/15] Fix curl 8.16.0 compilation with zts --- ext/curl/interface.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/curl/interface.c b/ext/curl/interface.c index 4df24cff1b5bc..f8f0d1cec3585 100644 --- a/ext/curl/interface.c +++ b/ext/curl/interface.c @@ -1842,7 +1842,7 @@ static void _php_curl_set_default_options(php_curl *ch) } #ifdef ZTS - curl_easy_setopt(ch->cp, CURLOPT_NOSIGNAL, 1); + curl_easy_setopt(ch->cp, CURLOPT_NOSIGNAL, 1L); #endif } /* }}} */ From b810a235870f7fbb377fa50470970eaf16d796ce Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Tue, 23 Sep 2025 14:14:09 +0200 Subject: [PATCH 04/15] Fix more curl 8.16 issues The CURLOPT_FOLLOWLOCATION seems like a gcc bug, where the integer extension of bool to long is lost, but I was unable to reproduce on godbolt.org. --- ext/curl/interface.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ext/curl/interface.c b/ext/curl/interface.c index f8f0d1cec3585..c56a1b01f2fa1 100644 --- a/ext/curl/interface.c +++ b/ext/curl/interface.c @@ -2289,7 +2289,7 @@ static int _php_curl_setopt(php_curl *ch, zend_long option, zval *zvalue, bool i lval = zval_get_long(zvalue); if (lval == 1) { php_error_docref(NULL, E_NOTICE, "CURLOPT_SSL_VERIFYHOST no longer accepts the value 1, value 2 will be used instead"); - error = curl_easy_setopt(ch->cp, option, 2); + error = curl_easy_setopt(ch->cp, option, 2L); break; } ZEND_FALLTHROUGH; @@ -2789,7 +2789,7 @@ static int _php_curl_setopt(php_curl *ch, zend_long option, zval *zvalue, bool i case CURLOPT_FOLLOWLOCATION: lval = zend_is_true(zvalue); - error = curl_easy_setopt(ch->cp, option, lval); + error = curl_easy_setopt(ch->cp, option, (long) lval); break; case CURLOPT_HEADERFUNCTION: From 36859ad97753f6d2e550d57823111d91f0ad0ce9 Mon Sep 17 00:00:00 2001 From: Jakub Zelenka Date: Tue, 7 Oct 2025 12:33:26 +0200 Subject: [PATCH 05/15] Fix curl_setopt_ssl test for curl 8.16 --- ext/curl/tests/curl_setopt_ssl.phpt | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/ext/curl/tests/curl_setopt_ssl.phpt b/ext/curl/tests/curl_setopt_ssl.phpt index 11d8fff702a88..ff08528321a0f 100644 --- a/ext/curl/tests/curl_setopt_ssl.phpt +++ b/ext/curl/tests/curl_setopt_ssl.phpt @@ -18,9 +18,13 @@ if ($curl_version['version_number'] < 0x074700) { --FILE-- Date: Tue, 7 Oct 2025 14:25:08 +0200 Subject: [PATCH 06/15] Update NEWS with info about curl 8.16 compat fixes --- NEWS | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/NEWS b/NEWS index a05b577d101b7..998b5d97d6351 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,10 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? ????, PHP 8.1.34 +- Curl: + . Fix curl build and test failures with version 8.16. + (nielsdos, ilutov, Jakub Zelenka) + - Opcache: . Reset global pointers to prevent use-after-free in zend_jit_status(). (Florian Engelhardt) From 78a24ffc032804755e31bb308c0e754cbc049051 Mon Sep 17 00:00:00 2001 From: Jakub Zelenka Date: Tue, 7 Oct 2025 14:39:53 +0200 Subject: [PATCH 07/15] Update NEWS entry for curl 8.16 update --- NEWS | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/NEWS b/NEWS index cd793b71c9cba..884ccd0855d71 100644 --- a/NEWS +++ b/NEWS @@ -23,7 +23,8 @@ PHP NEWS - Curl: . Fix cloning of CURLOPT_POSTFIELDS when using the clone operator instead of the curl_copy_handle() function to clone a CurlHandle. (timwolla) - . Fix curl build failure on macOS+curl 8.16. (nielsdos) + . Fix curl build and test failures with version 8.16. + (nielsdos, ilutov, Jakub Zelenka) - Date: . Fixed GH-17159: "P" format for ::createFromFormat swallows string literals. @@ -208,10 +209,6 @@ PHP NEWS . Fixed bug GH-19397 (mb_list_encodings() can cause crashes on shutdown). (nielsdos) -- Curl: - . Fix curl build and test failures with version 8.16. - (nielsdos, ilutov, Jakub Zelenka) - - Opcache: . Reset global pointers to prevent use-after-free in zend_jit_status(). (Florian Engelhardt) From d2569c9727c13b9f1a8ddbc6eab6c9e298286ae9 Mon Sep 17 00:00:00 2001 From: Volker Dusch Date: Tue, 7 Oct 2025 14:26:00 +0200 Subject: [PATCH 08/15] [ci skip] Update NEWS for PHP 8.5.0 RC2 --- NEWS | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 98b0f62f0da8a..0992089ca91fa 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,9 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? ????, PHP 8.5.0RC2 +?? ??? ????, PHP 8.5.0RC3 + + +09 Oct 2025, PHP 8.5.0RC2 - Core: . Fix OSS-Fuzz #447521098 (Fatal error during sccp shift eval). (ilutov) From 91eb2a558db5d70a49ea62cee761eda8d663125e Mon Sep 17 00:00:00 2001 From: Eric Mann Date: Tue, 7 Oct 2025 06:58:36 -0700 Subject: [PATCH 09/15] PHP-8.3 is now for PHP 8.3.28-dev --- NEWS | 5 ++++- Zend/zend.h | 2 +- configure.ac | 2 +- main/php_version.h | 6 +++--- 4 files changed, 9 insertions(+), 6 deletions(-) diff --git a/NEWS b/NEWS index 884ccd0855d71..026aac13e69ff 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,9 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? ????, PHP 8.3.27 +?? ??? ????, PHP 8.3.28 + + +23 Oct 2025, PHP 8.3.27 - Core: . Fixed bug GH-19765 (object_properties_load() bypasses readonly property diff --git a/Zend/zend.h b/Zend/zend.h index f0925298413ff..3eade95aa6ac7 100644 --- a/Zend/zend.h +++ b/Zend/zend.h @@ -20,7 +20,7 @@ #ifndef ZEND_H #define ZEND_H -#define ZEND_VERSION "4.3.27-dev" +#define ZEND_VERSION "4.3.28-dev" #define ZEND_ENGINE_3 diff --git a/configure.ac b/configure.ac index 1e39e16644b1f..2ceb4d8df3389 100644 --- a/configure.ac +++ b/configure.ac @@ -17,7 +17,7 @@ dnl Basic autoconf initialization, generation of config.nice. dnl ---------------------------------------------------------------------------- AC_PREREQ([2.68]) -AC_INIT([PHP],[8.3.27-dev],[https://github.com/php/php-src/issues],[php],[https://www.php.net]) +AC_INIT([PHP],[8.3.28-dev],[https://github.com/php/php-src/issues],[php],[https://www.php.net]) AC_CONFIG_SRCDIR([main/php_version.h]) AC_CONFIG_AUX_DIR([build]) AC_PRESERVE_HELP_ORDER diff --git a/main/php_version.h b/main/php_version.h index bf1b95c631936..00dbab93a7470 100644 --- a/main/php_version.h +++ b/main/php_version.h @@ -2,7 +2,7 @@ /* edit configure.ac to change version number */ #define PHP_MAJOR_VERSION 8 #define PHP_MINOR_VERSION 3 -#define PHP_RELEASE_VERSION 27 +#define PHP_RELEASE_VERSION 28 #define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "8.3.27-dev" -#define PHP_VERSION_ID 80327 +#define PHP_VERSION "8.3.28-dev" +#define PHP_VERSION_ID 80328 From 9f55c1ae1c53b117f88bedc0a536bb9910b26373 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Tue, 7 Oct 2025 15:39:12 +0200 Subject: [PATCH 10/15] ensure test passes with prod config --- sapi/cgi/tests/auto_globals_no_jit.phpt | 1 + 1 file changed, 1 insertion(+) diff --git a/sapi/cgi/tests/auto_globals_no_jit.phpt b/sapi/cgi/tests/auto_globals_no_jit.phpt index e331709db6db8..21af9e038d2a5 100644 --- a/sapi/cgi/tests/auto_globals_no_jit.phpt +++ b/sapi/cgi/tests/auto_globals_no_jit.phpt @@ -2,6 +2,7 @@ CGI with auto_globals_jit=0 --INI-- auto_globals_jit=0 +variables_order="EGPCS" --CGI-- --ENV-- FOO=BAR From 86a3bdfaeea44938c8b301aea2f8dcbb4f3954b5 Mon Sep 17 00:00:00 2001 From: Saki Takamachi Date: Tue, 7 Oct 2025 23:31:32 +0900 Subject: [PATCH 11/15] PHP-8.4 is now for PHP 8.4.15-dev --- NEWS | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index b5349e815d9ad..c5c622f27ca0d 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,9 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? ????, PHP 8.4.14 +?? ??? ????, PHP 8.4.15 + + +09 Oct 2025, PHP 8.4.14 - Core: . Fixed bug GH-19765 (object_properties_load() bypasses readonly property From 1edcce5554b13b631d900950897895e58b1e2182 Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Tue, 7 Oct 2025 18:33:17 +0200 Subject: [PATCH 12/15] Backport more curl 8.16 fixes This hunk was missed in the 8.1 cherry-pick because curl_xferinfo() didn't exist yet. --- ext/curl/interface.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ext/curl/interface.c b/ext/curl/interface.c index 2bc20070a9555..1f2fade37dbf5 100644 --- a/ext/curl/interface.c +++ b/ext/curl/interface.c @@ -716,11 +716,11 @@ static int curl_progress(void *clientp, double dltotal, double dlnow, double ult #if LIBCURL_VERSION_NUM >= 0x072000 /* {{{ curl_xferinfo */ -static size_t curl_xferinfo(void *clientp, curl_off_t dltotal, curl_off_t dlnow, curl_off_t ultotal, curl_off_t ulnow) +static int curl_xferinfo(void *clientp, curl_off_t dltotal, curl_off_t dlnow, curl_off_t ultotal, curl_off_t ulnow) { php_curl *ch = (php_curl *)clientp; php_curl_callback *t = ch->handlers.xferinfo; - size_t rval = 0; + int rval = 0; #if PHP_CURL_DEBUG fprintf(stderr, "curl_xferinfo() called\n"); From 9bc35f19822026a7835f1baf71418745b180bf50 Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Thu, 18 Sep 2025 11:57:38 +0200 Subject: [PATCH 13/15] Fix CGI with auto_globals_jit=0 In CGI, php_auto_globals_create_server() (i.e. auto_global_callback() here) initializes $_ENV to reuse for $_SERVER. However, because $_SERVER is constructed first, we have not yet initialized auto_global->armed of the $_ENV global. Split the loop into initialization and constructor phases. Fixes GH-19934 Closes GH-19870 --- NEWS | 1 + Zend/zend_compile.c | 10 +++++----- sapi/cgi/tests/auto_globals_no_jit.phpt | 17 +++++++++++++++++ 3 files changed, 23 insertions(+), 5 deletions(-) create mode 100644 sapi/cgi/tests/auto_globals_no_jit.phpt diff --git a/NEWS b/NEWS index 026aac13e69ff..f56f04dd84fa2 100644 --- a/NEWS +++ b/NEWS @@ -18,6 +18,7 @@ PHP NEWS . Fixed bug GH-19480 (error_log php.ini cannot be unset when open_basedir is configured). (nielsdos) . Fixed bug GH-20002 (Broken build on *BSD with MSAN). (outtersg) + . Fixed bug GH-19934 (CGI with auto_globals_jit=0 causes uouv). (ilutov) - CLI: . Fix useless "Failed to poll event" error logs due to EAGAIN in CLI server diff --git a/Zend/zend_compile.c b/Zend/zend_compile.c index 5d25b39638343..3679643fc8472 100644 --- a/Zend/zend_compile.c +++ b/Zend/zend_compile.c @@ -1938,12 +1938,12 @@ ZEND_API void zend_activate_auto_globals(void) /* {{{ */ zend_auto_global *auto_global; ZEND_HASH_MAP_FOREACH_PTR(CG(auto_globals), auto_global) { - if (auto_global->jit) { - auto_global->armed = 1; - } else if (auto_global->auto_global_callback) { + auto_global->armed = auto_global->jit || auto_global->auto_global_callback; + } ZEND_HASH_FOREACH_END(); + + ZEND_HASH_MAP_FOREACH_PTR(CG(auto_globals), auto_global) { + if (auto_global->armed && !auto_global->jit) { auto_global->armed = auto_global->auto_global_callback(auto_global->name); - } else { - auto_global->armed = 0; } } ZEND_HASH_FOREACH_END(); } diff --git a/sapi/cgi/tests/auto_globals_no_jit.phpt b/sapi/cgi/tests/auto_globals_no_jit.phpt new file mode 100644 index 0000000000000..e331709db6db8 --- /dev/null +++ b/sapi/cgi/tests/auto_globals_no_jit.phpt @@ -0,0 +1,17 @@ +--TEST-- +CGI with auto_globals_jit=0 +--INI-- +auto_globals_jit=0 +--CGI-- +--ENV-- +FOO=BAR +--FILE-- + +--EXPECT-- +string(3) "BAR" +string(3) "BAR" +string(3) "BAR" From 2f4b8e691ad1b31c9ba0263e4e59218e728e9e65 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Tue, 7 Oct 2025 15:39:12 +0200 Subject: [PATCH 14/15] ensure test passes with prod config --- sapi/cgi/tests/auto_globals_no_jit.phpt | 1 + 1 file changed, 1 insertion(+) diff --git a/sapi/cgi/tests/auto_globals_no_jit.phpt b/sapi/cgi/tests/auto_globals_no_jit.phpt index e331709db6db8..21af9e038d2a5 100644 --- a/sapi/cgi/tests/auto_globals_no_jit.phpt +++ b/sapi/cgi/tests/auto_globals_no_jit.phpt @@ -2,6 +2,7 @@ CGI with auto_globals_jit=0 --INI-- auto_globals_jit=0 +variables_order="EGPCS" --CGI-- --ENV-- FOO=BAR From 9b20618e1b18a8783deda21ec8d7020a52ab8302 Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Tue, 7 Oct 2025 18:49:28 +0200 Subject: [PATCH 15/15] [skip ci] Fix news entry Every time... --- NEWS | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index f56f04dd84fa2..de36d0c9fa665 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,8 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? ????, PHP 8.3.28 +- Core: + . Fixed bug GH-19934 (CGI with auto_globals_jit=0 causes uouv). (ilutov) 23 Oct 2025, PHP 8.3.27 @@ -18,7 +20,6 @@ PHP NEWS . Fixed bug GH-19480 (error_log php.ini cannot be unset when open_basedir is configured). (nielsdos) . Fixed bug GH-20002 (Broken build on *BSD with MSAN). (outtersg) - . Fixed bug GH-19934 (CGI with auto_globals_jit=0 causes uouv). (ilutov) - CLI: . Fix useless "Failed to poll event" error logs due to EAGAIN in CLI server