Indirect Branch Tracking (IBT) is part of Intel's Control-Flow
Enforcement Technology (CET). IBT is hardware based, forward edge
Control-Flow-Integrity mechanism where any indirect CALL/JMP must target
an ENDBR instruction or suffer #CP.
This commit adds IBT support for fiber:
1. Add endbr32/64 in assembly
2. Inform compiler jump_fcontext may return via indirect branch
Furthermore:
gcc support CET since v8.1 and set it to default since gcc 11. That is,
the ELF header of sapi/cli/php has a property named IBT. However, such
property is lost since PHP8.1 because the assembly introduced by Fiber.
This commit also fixes this.
Closes GH-8339
Signed-off-by: Chen, Hu <hu1.chen@intel.com>
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
While we avoid emitting labels for handlers that are not referenced
from anywhere else, we do not perform a fine-grained analysis on
used specializations, so some of the specialization labels may not
be used. Use ATTRIBUTE_UNUSED_LABEL to suppress the warning. Drop
"cold" from the definition of this attribute, as it is completely
unrelated.
We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.
Of course, zend_bool is retained as an alias.
Based on:
"Fast CRC Computation for Generic Polynomials Using PCLMULQDQ Instruction"
V. Gopal, E. Ozturk, et al., 2009, http://intel.ly/2ySEwL0
Signed-off-by: Frank Du <frank.du@intel.com>
Closes GH-6018
Formerly, this had to be enabled by passing the configuration flag
`--enable-crt-debug`; now it can be enabled by setting the environment
variable `PHP_WIN32_DEBUG_HEAP`. The advantage is that it is no longer
necessary to do separate builds, at the cost of a very minor
performance penalty during process startup.
I reverted this previously for 7.4 because of bug #78769. Relanding
it now for master, because I still believe that this change is
right, and if it causes complications, those indicate a bug elsewhere.
---
These were checking whether the instruction set is supported by
the host CPU, however they were only used to condition on whether
this instruction set is targeted at all. It would still use dynamic
dispatch (e.g. based on ifunc resolvers) to select the actual
implementation. Whether the target is guaranteed to support the
instruction set without dispatch is determined based on pre-defined
macros like __SSE2__.
This removes the configure-time builtin cpu checks to remove
confusion. Additionally this allows targeting an architecture that
is newer than the host architecture.
While basic support for MSVCRT debugging has been added long
ago[1], the leak checking is not usable for the test suite, because we
are no longer calling `xmlCleanupParser()` on RSHUTDOWN of
ext/libxml[2], and therefore a few bogus leaks are reported whenever
ext/libxml is unloaded.
We therefore ignore memory leaks for this case. We introduce
`ZEND_IGNORE_LEAKS_BEGIN()` and `ZEND_IGNORE_LEAKS_END()` to keep
those ignores better readable, and also because these *might* be
useful for other leak checkers as well.
We also explicitly free the `zend_handlers_table` and the `p5s` to
avoid spurious leak reports.
[1] <http://git.php.net/?p=php-src.git;a=commit;h=d756e1db2324c1f4ab6f9b52e329959ce6a02bc3>
[2] <http://git.php.net/?p=php-src.git;a=commit;h=8742276eb3905eb97a585417000c7b8df85006d4>
ASan instrumentation does not support the MSVC debug runtime, but still
it does not make sense to enable optimizations for such builds, since
they are not meant for production usage anyway, and although memory
corruption issues are still found in optimized builds, the generated
diagnostics are close to being useless, and apparently sometimes even
outright wrong. Therefore, we disable all optimizations for ASan
instrumented builds.
We also introduce and use `ZEND_WIN32_NEVER_INLINE` for ASan enabled
builds to avoid inlining of functions, so we get even better
diagnostics.
This reverts commit edccf32f7f.
This was reported to cause issues for as yet unknown reasons in
bug #78769. As this was intended as code cleanup, revert this from
7.4 at least. May reapply it to master later.
These were checking whether the instruction set is supported by
the host CPU, however they were only used to condition on whether
this instruction set is targeted at all. It would still use dynamic
dispatch (e.g. based on ifunc resolvers) to select the actual
implementation. Whether the target is guaranteed to support the
instruction set without dispatch is determined based on pre-defined
macros like __SSE2__.
This removes the configure-time builtin cpu checks to remove
confusion. Additionally this allows targeting an architecture that
is newer than the host architecture.
This makes sure that we use compiler builtins when they are
available and thus avoid ubsan warnings in clang.
And also reindent the fallback implementation.
Just marking them as no_sanitize("memory") is unforunately not
sufficient, as the function still gets instrumented -- the attribute
only disables reporting.
We're not using this anywhere, and it causes warnings, so I'm
dropping it. If we do end up needing this, it should be reintroduced
with a ZEND_ prefix.
The `<limits.h>` header file is part of the standard C89 headers [1]
and on current systems can be included unconditionally.
Since PHP requires at least C89 or greater, the `HAVE_LIMITS_H` symbol
defined by Autoconf in configure.ac [2] can be ommitted and simplifed
however due to bundled file library (libmagic) and timelib still using
it, the removal there was omitted and done only in Zend.m4 file.
Current bundled libraries libtime, oniguruma, and libmagic still include
partial `HAVE_LIMITS_H` usage and will be more refactored when this is
possible.
Refs:
[1] https://port70.net/~nsz/c/c89/c89-draft.html#4.1.2
[2] https://git.savannah.gnu.org/cgit/autoconf.git/tree/lib/autoconf/headers.m4
This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly used by Vim and Emacs editors
yet with recent changes the once working definitions don't work
anymore in Vim without custom plugins or additional configuration.
Neither are these settings synced across the PHP code base.
A simpler and better approach is EditorConfig and fixing code
using some code style fixing tools in the future instead.
This patch also removes the so called modelines for Vim. Modelines
allow Vim editor specifically to set some editor configuration such as
syntax highlighting, indentation style and tab width to be set in the
first line or the last 5 lines per file basis. Since the php test
files have syntax highlighting already set in most editors properly and
EditorConfig takes care of the indentation settings, this patch removes
these as well for the Vim 6.0 and newer versions.
With the removal of local variables for certain editors such as
Emacs and Vim, the footer is also probably not needed anymore when
creating extensions using ext_skel.php script.
Additionally, Vim modelines for setting php syntax and some editor
settings has been removed from some *.phpt files. All these are
mostly not relevant for phpt files neither work properly in the
middle of the file.
By usage of -fmodules, all the intrinsic items are loaded automatically.
The headers included come however from Visual Studio, thus bringing some
conflicting declarations. On the other hand, -fmodules is needed to
mitigate linking issues with clang in VS compatibility mode.