Hello community, here is the log from the commit of package php5 for openSUSE:Factory checked in at Mon Jan 11 16:15:56 CET 2010. -------- --- php5/php5.changes 2009-12-02 19:29:45.000000000 +0100 +++ /mounts/work_src_done/STABLE/php5/php5.changes 2009-12-22 18:36:49.000000000 +0100 @@ -1,0 +2,6 @@ +Tue Dec 22 18:36:04 CET 2009 - jengelh@medozas.de + +- avoid alignment crash on alignment-sensitive CPUs + (bugs.php.net#46074) + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- php-5.3.0-46074.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ php5.spec ++++++ --- /var/tmp/diff_new_pack.R6AsFE/_old 2010-01-11 16:11:53.000000000 +0100 +++ /var/tmp/diff_new_pack.R6AsFE/_new 2010-01-11 16:11:53.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package php5 (Version 5.3.0) # -# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -80,7 +80,7 @@ ### ### Version: 5.3.0 -Release: 3 +Release: 4 License: The PHP License, version 3.01 Group: Development/Languages/Other Provides: php zend php-xml php-spl php-simplexml php-session php-pcre php-date php-reflection php-filter @@ -117,6 +117,8 @@ Patch18: suhosin-0.9.29-retval.patch Patch19: php-5.3.0-bnc513080.patch Patch20: php-5.3.0-ini.patch +# http://bugs.php.net/bug.php?id=46074 +Patch21: php-5.3.0-46074.diff Url: http://www.php.net BuildRoot: %{_tmppath}/%{name}-%{version}-build Summary: PHP5 Core Files @@ -1199,6 +1201,7 @@ %patch18 %patch19 %patch20 -p1 +%patch -P 21 -p1 # we build three SAPI %{__mkdir_p} build-apache2 %{__mkdir_p} build-fastcgi/sapi/cgi/libfcgi ++++++ php-5.3.0-46074.diff ++++++ --- Zend/zend_alloc.c | 13 ---------- Zend/zend_alloc.h | 14 ++++++++++ Zend/zend_compile.c | 2 - Zend/zend_execute.h | 61 +++++++++++++++++++++++++++++++++++++---------- Zend/zend_vm_def.h | 4 +-- Zend/zend_vm_execute.h | 14 +++++----- Zend/zend_vm_execute.skl | 10 +++---- 7 files changed, 78 insertions(+), 40 deletions(-) Index: php-5.3.0/Zend/zend_alloc.c =================================================================== --- php-5.3.0.orig/Zend/zend_alloc.c +++ php-5.3.0/Zend/zend_alloc.c @@ -512,20 +512,7 @@ static unsigned int _zend_mm_cookie = 0; /* optimized access */ #define ZEND_MM_FREE_BLOCK_SIZE(b) (b)->info._size -#ifndef ZEND_MM_ALIGNMENT -# define ZEND_MM_ALIGNMENT 8 -# define ZEND_MM_ALIGNMENT_LOG2 3 -#elif ZEND_MM_ALIGNMENT < 4 -# undef ZEND_MM_ALIGNMENT -# undef ZEND_MM_ALIGNMENT_LOG2 -# define ZEND_MM_ALIGNMENT 4 -# define ZEND_MM_ALIGNMENT_LOG2 2 -#endif - -#define ZEND_MM_ALIGNMENT_MASK ~(ZEND_MM_ALIGNMENT-1) - /* Aligned header size */ -#define ZEND_MM_ALIGNED_SIZE(size) ((size + ZEND_MM_ALIGNMENT - 1) & ZEND_MM_ALIGNMENT_MASK) #define ZEND_MM_ALIGNED_HEADER_SIZE ZEND_MM_ALIGNED_SIZE(sizeof(zend_mm_block)) #define ZEND_MM_ALIGNED_FREE_HEADER_SIZE ZEND_MM_ALIGNED_SIZE(sizeof(zend_mm_small_free_block)) #define ZEND_MM_MIN_ALLOC_BLOCK_SIZE ZEND_MM_ALIGNED_SIZE(ZEND_MM_ALIGNED_HEADER_SIZE + END_MAGIC_SIZE) Index: php-5.3.0/Zend/zend_alloc.h =================================================================== --- php-5.3.0.orig/Zend/zend_alloc.h +++ php-5.3.0/Zend/zend_alloc.h @@ -27,6 +27,20 @@ #include "../TSRM/TSRM.h" #include "zend.h" +#ifndef ZEND_MM_ALIGNMENT +# define ZEND_MM_ALIGNMENT 8 +# define ZEND_MM_ALIGNMENT_LOG2 3 +#elif ZEND_MM_ALIGNMENT < 4 +# undef ZEND_MM_ALIGNMENT +# undef ZEND_MM_ALIGNMENT_LOG2 +# define ZEND_MM_ALIGNMENT 4 +# define ZEND_MM_ALIGNMENT_LOG2 2 +#endif + +#define ZEND_MM_ALIGNMENT_MASK ~(ZEND_MM_ALIGNMENT-1) + +#define ZEND_MM_ALIGNED_SIZE(size) (((size) + ZEND_MM_ALIGNMENT - 1) & ZEND_MM_ALIGNMENT_MASK) + typedef struct _zend_leak_info { void *addr; size_t size; Index: php-5.3.0/Zend/zend_compile.c =================================================================== --- php-5.3.0.orig/Zend/zend_compile.c +++ php-5.3.0/Zend/zend_compile.c @@ -239,7 +239,7 @@ ZEND_API zend_bool zend_is_compiling(TSR static zend_uint get_temporary_variable(zend_op_array *op_array) { - return (op_array->T)++ * sizeof(temp_variable); + return (op_array->T)++ * ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)); } static int lookup_cv(zend_op_array *op_array, char* name, int name_len) Index: php-5.3.0/Zend/zend_execute.h =================================================================== --- php-5.3.0.orig/Zend/zend_execute.h +++ php-5.3.0/Zend/zend_execute.h @@ -144,9 +144,11 @@ struct _zend_vm_stack { void **top; void **end; zend_vm_stack prev; - void *elements[1]; }; +#define ZEND_VM_STACK_ELEMETS(stack) \ + ((void**)(((char*)(stack)) + ZEND_MM_ALIGNED_SIZE(sizeof(struct _zend_vm_stack)))) + #define ZEND_VM_STACK_GROW_IF_NEEDED(count) \ do { \ if (UNEXPECTED((count) > \ @@ -156,10 +158,10 @@ struct _zend_vm_stack { } while (0) static inline zend_vm_stack zend_vm_stack_new_page(int count) { - zend_vm_stack page = (zend_vm_stack)emalloc(sizeof(*page)+sizeof(page->elements[0])*(count-1)); + zend_vm_stack page = (zend_vm_stack)emalloc(ZEND_MM_ALIGNED_SIZE(sizeof(*page)) + sizeof(void*) * count); - page->top = page->elements; - page->end = page->elements + count; + page->top = ZEND_VM_STACK_ELEMETS(page); + page->end = page->top + count; page->prev = NULL; return page; } @@ -207,7 +209,7 @@ static inline void *zend_vm_stack_pop(TS { void *el = *(--EG(argument_stack)->top); - if (UNEXPECTED(EG(argument_stack)->top == EG(argument_stack)->elements)) { + if (UNEXPECTED(EG(argument_stack)->top == ZEND_VM_STACK_ELEMETS(EG(argument_stack)))) { zend_vm_stack p = EG(argument_stack); EG(argument_stack) = p->prev; efree(p); @@ -221,15 +223,32 @@ static inline void *zend_vm_stack_alloc( size = (size + (sizeof(void*) - 1)) / sizeof(void*); - ZEND_VM_STACK_GROW_IF_NEEDED((int)size); + /* the following comparison must be optimized out at compile time */ + if (ZEND_MM_ALIGNMENT > sizeof(void*)) { + int extra = (ZEND_MM_ALIGNMENT - ((zend_uintptr_t)EG(argument_stack)->top & (ZEND_MM_ALIGNMENT - 1))) / sizeof(void*); + + if (UNEXPECTED(size + extra + ZEND_MM_ALIGNED_SIZE(sizeof(void*)) / sizeof(void*) > + EG(argument_stack)->end - EG(argument_stack)->top)) { + zend_vm_stack_extend(size TSRMLS_CC); + } else { + void **old_top = EG(argument_stack)->top; + + EG(argument_stack)->top += extra; + /* store old top on the stack */ + *EG(argument_stack)->top = (void*)old_top; + EG(argument_stack)->top += ZEND_MM_ALIGNED_SIZE(sizeof(void*)) / sizeof(void*); + } + } else { + ZEND_VM_STACK_GROW_IF_NEEDED((int)size); + } ret = (void*)EG(argument_stack)->top; EG(argument_stack)->top += size; return ret; } -static inline void zend_vm_stack_free(void *ptr TSRMLS_DC) +static inline void zend_vm_stack_free_int(void *ptr TSRMLS_DC) { - if (UNEXPECTED(EG(argument_stack)->elements == (void**)ptr)) { + if (UNEXPECTED(ZEND_VM_STACK_ELEMETS(EG(argument_stack)) == (void**)ptr)) { zend_vm_stack p = EG(argument_stack); EG(argument_stack) = p->prev; @@ -239,10 +258,28 @@ static inline void zend_vm_stack_free(vo } } +static inline void zend_vm_stack_free(void *ptr TSRMLS_DC) +{ + if (UNEXPECTED(ZEND_VM_STACK_ELEMETS(EG(argument_stack)) == (void**)ptr)) { + zend_vm_stack p = EG(argument_stack); + + EG(argument_stack) = p->prev; + efree(p); + } else { + /* the following comparison must be optimized out at compile time */ + if (ZEND_MM_ALIGNMENT > sizeof(void*)) { + ptr = (void*)(((char*)ptr) - ZEND_MM_ALIGNED_SIZE(sizeof(void*))); + EG(argument_stack)->top = *(void***)ptr; + } else { + EG(argument_stack)->top = (void**)ptr; + } + } +} + static inline void** zend_vm_stack_push_args(int count TSRMLS_DC) { - if (UNEXPECTED(EG(argument_stack)->top - EG(argument_stack)->elements < count) || + if (UNEXPECTED(EG(argument_stack)->top - ZEND_VM_STACK_ELEMETS(EG(argument_stack)) < count) || UNEXPECTED(EG(argument_stack)->top == EG(argument_stack)->end)) { zend_vm_stack p = EG(argument_stack); @@ -253,14 +290,14 @@ static inline void** zend_vm_stack_push_ while (count-- > 0) { void *data = *(--p->top); - if (UNEXPECTED(p->top == p->elements)) { + if (UNEXPECTED(p->top == ZEND_VM_STACK_ELEMETS(p))) { zend_vm_stack r = p; EG(argument_stack)->prev = p->prev; p = p->prev; efree(r); } - *(EG(argument_stack)->elements + count) = data; + *(ZEND_VM_STACK_ELEMETS(EG(argument_stack)) + count) = data; } return EG(argument_stack)->top++; } @@ -278,7 +315,7 @@ static inline void zend_vm_stack_clear_m *p = NULL; zval_ptr_dtor(&q); } - zend_vm_stack_free(p TSRMLS_CC); + zend_vm_stack_free_int(p TSRMLS_CC); } static inline zval** zend_vm_stack_get_arg(int requested_arg TSRMLS_DC) Index: php-5.3.0/Zend/zend_vm_def.h =================================================================== --- php-5.3.0.orig/Zend/zend_vm_def.h +++ php-5.3.0/Zend/zend_vm_def.h @@ -4254,8 +4254,8 @@ ZEND_VM_HANDLER(149, ZEND_HANDLE_EXCEPTI int catched = 0; zval restored_error_reporting; - void **stack_frame = (void**)EX(Ts) + - (sizeof(temp_variable) * EX(op_array)->T) / sizeof(void*); + void **stack_frame = (void**)(((char*)EX(Ts)) + + (ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)) * EX(op_array)->T)); while (zend_vm_stack_top(TSRMLS_C) != stack_frame) { zval *stack_zval_p = zend_vm_stack_pop(TSRMLS_C); Index: php-5.3.0/Zend/zend_vm_execute.h =================================================================== --- php-5.3.0.orig/Zend/zend_vm_execute.h +++ php-5.3.0/Zend/zend_vm_execute.h @@ -52,13 +52,13 @@ ZEND_API void execute(zend_op_array *op_ zend_vm_enter: /* Initialize execute_data */ execute_data = (zend_execute_data *)zend_vm_stack_alloc( - sizeof(zend_execute_data) + - sizeof(zval**) * op_array->last_var * (EG(active_symbol_table) ? 1 : 2) + - sizeof(temp_variable) * op_array->T TSRMLS_CC); + ZEND_MM_ALIGNED_SIZE(sizeof(zend_execute_data)) + + ZEND_MM_ALIGNED_SIZE(sizeof(zval**) * op_array->last_var * (EG(active_symbol_table) ? 1 : 2)) + + ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)) * op_array->T TSRMLS_CC); - EX(CVs) = (zval***)((char*)execute_data + sizeof(zend_execute_data)); + EX(CVs) = (zval***)((char*)execute_data + ZEND_MM_ALIGNED_SIZE(sizeof(zend_execute_data))); memset(EX(CVs), 0, sizeof(zval**) * op_array->last_var); - EX(Ts) = (temp_variable *)(EX(CVs) + op_array->last_var * (EG(active_symbol_table) ? 1 : 2)); + EX(Ts) = (temp_variable *)(((char*)EX(CVs)) + ZEND_MM_ALIGNED_SIZE(sizeof(zval**) * op_array->last_var * (EG(active_symbol_table) ? 1 : 2))); EX(fbc) = NULL; EX(called_scope) = NULL; EX(object) = NULL; @@ -602,8 +602,8 @@ static int ZEND_FASTCALL ZEND_HANDLE_EX int catched = 0; zval restored_error_reporting; - void **stack_frame = (void**)EX(Ts) + - (sizeof(temp_variable) * EX(op_array)->T) / sizeof(void*); + void **stack_frame = (void**)(((char*)EX(Ts)) + + (ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)) * EX(op_array)->T)); while (zend_vm_stack_top(TSRMLS_C) != stack_frame) { zval *stack_zval_p = zend_vm_stack_pop(TSRMLS_C); Index: php-5.3.0/Zend/zend_vm_execute.skl =================================================================== --- php-5.3.0.orig/Zend/zend_vm_execute.skl +++ php-5.3.0/Zend/zend_vm_execute.skl @@ -18,13 +18,13 @@ ZEND_API void {%EXECUTOR_NAME%}(zend_op_ zend_vm_enter: /* Initialize execute_data */ execute_data = (zend_execute_data *)zend_vm_stack_alloc( - sizeof(zend_execute_data) + - sizeof(zval**) * op_array->last_var * (EG(active_symbol_table) ? 1 : 2) + - sizeof(temp_variable) * op_array->T TSRMLS_CC); + ZEND_MM_ALIGNED_SIZE(sizeof(zend_execute_data)) + + ZEND_MM_ALIGNED_SIZE(sizeof(zval**) * op_array->last_var * (EG(active_symbol_table) ? 1 : 2)) + + ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)) * op_array->T TSRMLS_CC); - EX(CVs) = (zval***)((char*)execute_data + sizeof(zend_execute_data)); + EX(CVs) = (zval***)((char*)execute_data + ZEND_MM_ALIGNED_SIZE(sizeof(zend_execute_data))); memset(EX(CVs), 0, sizeof(zval**) * op_array->last_var); - EX(Ts) = (temp_variable *)(EX(CVs) + op_array->last_var * (EG(active_symbol_table) ? 1 : 2)); + EX(Ts) = (temp_variable *)(((char*)EX(CVs)) + ZEND_MM_ALIGNED_SIZE(sizeof(zval**) * op_array->last_var * (EG(active_symbol_table) ? 1 : 2))); EX(fbc) = NULL; EX(called_scope) = NULL; EX(object) = NULL; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org