PHP Core Roundup #17

Published on by ,

Welcome back to PHP Core Roundup series! This is post #17, where we highlight and celebrate the improvements made to PHP during the month past by the PHP development team, members of the PHP Foundation, and more.

The PHP Foundation is a collective of PHP contributors, veterans, and companies that collaborate to ensure the long-term sustainability of the PHP programming language. The foundation currently supports six contributors focused on PHP's maintenance, debt reduction, and feature development. These contributors work closely with others on coding, documentation, and discussions.

Started over a year ago, the PHP Core Roundup series offers a summary of the latest developments, discussions, and news about PHP Core, contributed by both PHP Foundation members and other participants. This post is the thirteenth in the PHP Core Roundup series.

Subscribe to PHP Core Roundup newsletter
We care about your data. Read our privacy policy.

PHP Security Audit organized by The PHP Foundation ๐Ÿ’œ

The PHP Foundation intends to conduct a security audit of the PHP source code. Derick Rethans ๐Ÿ’œ has asked the PHP Internals mailing list for input on which sections of the PHP source code should be prioritized in this audit. Feel free to join the conversation if you have suggestions.


The PHP development team released two new versions in September 2023:

PHP 8.2.11 and PHP 8.1.24

These releases include several bug fixes and improvements, notably in areas such as Core, DOM, Iconv, Intl, MySQLnd, ODBC, SimpleXML, SPL, and SQLite3.

Recent RFCs and Mailing List Discussions

Changes and improvements to PHP are discussed, reported, and voted on by the PHP Foundation Team, the PHP development team, and contributors. Bug reports are made to the PHP issue tracker, changes are discussed in mailing lists, minor code changes are proposed as pull requests, and major changes are discussed in detail and voted on as PHP RFCs. Documentation and the website changes are also discussed and improved at their relevant Git repositories on GitHub.

Hundreds of awesome PHP contributors put their efforts into improvements to the PHP code base, documentation, and the website. Here is a summary of some changes made by the people behind PHP. Things marked with ๐Ÿ’œ are done by the PHP Foundation team.

PHP 8.3 Release Page

A pull-request for the upcoming PHP 8.3 release page on is in progress, and you can help with that!

This is a continuation of a good tradition started by Roman Pronskiy, Alexander Makarov, and the JetBrains design team.

Check out how these pages looked like for PHP 8.0, PHP 8.1, and PHP 8.2.

Early-developments for PHP 8.4

Although PHP 8.3 is still being ironed out, there are some discussions and even an RFC currently being voted for proposed changes in PHP 8.4 (scheduled for the end of 2024).

Declined: Support optional suffix parameter in tempnam by Athos Ribeiro

RFC proposes to add a new optional suffix parameter to the tempnam() function.

A suffix could provide even more semantic value or context for a user inspecting the generated files, and, in specific situations, could even provide more context for software processing such files. Right now, users can only add a prefix.

In Voting: Increasing the default BCrypt cost by Tim Dรผsterhus

The RFC proposes increasing the default BCrypt cost. This is to enhance adaptive security in relation to increased processing power and thus increased possible cracking speed.

The last time the value was updated 11 years ago. Therefore, Tim suggests updating the default cost from 10 to either 11 (double the time) or 12 (quadruple the time). The RFC and the relevant mailing list thread mention several benchmarks showing the execution time for various cost levels on different CPUs.

Under Discussion: DOM HTML5 parsing and serialization by Niels Dossche

RFC proposes to add two new classes: DOM\HTMLDocument and DOM\XMLDocument to the dom extension. Furthermore, existing dom classes in the global namespace get an alias in the new DOM namespace. The HTMLDocument class will add support for HTML5 document parsing and serializing. The XMLDocument class serves as a modern alternative to \DOMDocument, which is retained for compatibility. These new classes also provide a more misuse-resistant API for loading documents.

Under Discussion: XML_OPTION_PARSE_HUGE by Niels Dossche

RFC proposes to add a new option to the event-driven (SAX) XmlParser that would allow it to parse large documents.

Under Discussion: Add 4 new rounding modes to round() function by Jorg Sowa

RFC proposes to add four new modes to the round() function: PHP_ROUND_CEILING, PHP_ROUND_FLOOR, PHP_ROUND_AWAY_FROM_ZERO, PHP_ROUND_TOWARD_ZERO.

Under Discussion: A new JIT implementation based on IR Framework by Dmitry Stogov

RFC proposes a new JIT implementation that is based on a separately developed IR Framework. The main advantage of the new approach is that PHP source code will be freed from the low-level details of JIT compilation. The downside is a longer JIT-compilation time.

Dmitry emailed PHP Internals mailing list, which led to a lengthy discussion on the merits of the new JIT implementation.

Draft: Deprecations for PHP 8.4 RFC by Niels Dossche

RFC is currently in draft, which stands to track ideas on deprecating certain features. So far those are related to the DOMAttr::$schemaTypeInfo, DOMElement::$schemaTypeInfo properties, DOMImplementation::getFeature(), mysqli_ping(), mysqli::ping() functions, and DOM_PHP_ERR constant.


While PHP 8.3 has moved to the RC cycle, the documentation available on, requires updating. An initial version of the PHP 8.3 migration guide has been published by Yoshinari Takaoka.

Gina P. Banyard ๐Ÿ’œ is tracking the progress for PHP 8.3 related changes in php/doc-en#2796, and also triaged issues in the docs and marked several of them as "good first time", which are ideal easy picks if you would like to start contributing to PHP docs. You can find the full list on GitHub.

Merged PRs and Commits

Following are some changes that did not go through an RFC process because they are either planned, bug fixes, or progressive enhancements.

Full list of commits since PHP Core Roundup #16

Commits are in the order they were added, grouped by author in alphabetical order.

Click here to expand

Alex Dowad

  • PHP_HAVE_BUILTIN_USUB_OVERFLOW macro is defined even if __builtin_usub_overflow not available in 50ca24251d

Calvin Buckley

  • ODBC unit tests shouldn't override odbc.ini location in a648d39297
  • Fix persistent procedural ODBC connections not getting closed in 5a2b251610
  • Fix memory leak with failed SQLPrepare in a022ec53bd

David Carlier

  • zend call stack support for haiku w/o using posix pthread api but the in GH-12103
  • Fix GH-12190: stream_context_create with address and port at 0 in d65c80031a
  • Fix GH-12282: IntlDateFormatter::construct should throw an exception is the locale field has an invalid value in a80db7b52a
  • ext/intl: expose dateformat UDAT_PATTERN constant in f6fae19a10
  • Fix GH-12243, segfault on IntlDateFormatter::construct with dateType set to UDAT_PATTERN but not timeType in 84c4336aa3
  • zend_call_stack_get implementation for NetBSD in aef5225394


  • random: Perform fewer iterations if SKIP_SLOW_TESTS is set in GH-12279
  • support running testsuite with negative niceness in GH-11481

Dmitry Stogov

  • Fixed tracing JIT support for CALLABLE_CONVERT in GH-12156
  • Fix ws in 3ffa1c4c3e
  • Fixed tracing jit for BIND_INIT_STATIC_OR_JMP in 95edb50b58
  • Fixed uninitialized EX(opline) access (possible Zend/tests/gh12073.phpt crash) in f1f608bf53
  • Use version of PHP SDK binary tools that uses PHP downloads in b7af61a154

Florian Sowade

Gina Peter Banyard ๐Ÿ’œ

  • ext/mysqli: Work on making tests parallizable in GH-11814
  • ext/pcntl: Remove useless call to zend_get_callable_name() in GH-12241
  • Fixed oss-fuzz #62294: Unsetting variable after ++/-- on string variable warning in 0b614a6c2b
  • Zend: Remove dependency on zend.h for certain headers in GH-12166
  • streams: Checking if a stream is castable should not emit warnings for user defined streams in d68073c23b
  • ext/pdo: Refactor pdo_stmt_construct() to use newer FCI/FCC API in GH-12142
  • Fix OSS Fuzz #61865: Undef variable in ++/-- for declared property that is unset in error handler in 8a392eddf9
  • Fixed bug GH-12020: intl_get_error_message() broken after MessageFormatter::formatMessage() fails in a579fa807c
  • Add tests for oss-fuzz-61469: Undef dynamic property in ++/-- unset in error handler in 013bb5769b

Graham Campbell

  • Removed incorrect news items for things already in 8.3.x or earlier in 58b8393cce

Ilija Tovilo ๐Ÿ’œ

  • Use autoconf for recognizing __builtin_unreachable() in GH-12266
  • Fix getpriority test with negative return value in 181598d403
  • Use __builtin_unreachable() directly in ZEND_UNREACHABLE in 37ce7199f2
  • Move static property check to assert in GH-12239
  • Upgrade to macOS 12 in CI in 55ed7690f4
  • Upload callgrind profile to GA in GH-12212
  • Fix filter_var with callback and explicit REQUIRE_SCALAR in c2fb10d2d2
  • Use zend_error_noreturn for E_ERROR consistently in 692cea5cbc
  • Fix noreturn with warning that should be an error in 2227fefa17
  • Improve invalid cpp modifier message in 011071a3b3
  • Fix zend_separate_if_call_and_write for FUNC_ARGs in 748adf18fc
  • Revert "Skip profiling of sqlite3_step" in 3fb09940fc
  • Skip profiling of sqlite3_step in bb31a75321
  • Revert 479e6593 in 3433dab5f7
  • Fix freeing of incompletely initialized closures in af2110e664
  • xfail mbstring test on Windows 32-bit in 6b74f1f745
  • Fix master branch check in find-target-branch.bat in 9ce9c11ee8
  • Include branch in benchmarking information in ee6f9e294c

Jakub Zelenka ๐Ÿ’œ

  • Prepare NEWS for PHP 8.3.0RC4 in 517411d2fb
  • Reduce impact of stream file path check in filestat in 5e8c992c78
  • Fix GH-12151: str_getcsv ending with escape zero segfualt in 64ebadcac5
  • Use version of PHP SDK binary tools that uses PHP downloads in GH-12085


Kamil Tekiela

Levi Morrison

  • Set func pointer to null in Closure __invoke in GH-12275

Lewis Cowles

Max Semenik

Mรกtรฉ Kocsis ๐Ÿ’œ

  • Fix predefined constant page synchonization in cc2a68e588
  • Fix GH-12123 Make _ZEND_TYPE_PREFIX apply only for MSVC in 45c7e3b06b
  • Fix type of the PHP_FLOAT_DIG constant in 58657ff26a
  • Fix type of the PHP_FLOAT_DIG constant in 2fad7cdd60
  • Improve detection of predefined constants in 2cb4d00693
  • Add support for verifying and syncronizing predefined constants with the manual in 0363dbfef4
  • Align class name detection to the new class synopsis format in c5fb8b6a6b

Niels Dossche

  • Revert "Fix GH-10008: Narrowing occurred during type inference of ZEND_ADD_ARRAY_ELEMENT" in 643c4ba417
  • Fix compile error with -Werror=incompatible-function-pointer-types and old libxml2 in df89409aba
  • Fix GH-10008: Narrowing occurred during type inference of ZEND_ADD_ARRAY_ELEMENT in e72fc12058
  • Fix type error on XSLTProcessor::transformToDoc return value with SimpleXML in 2a7f23e9b9
  • Restore old namespace reconciliation behaviour in e127f87114
  • Fix GH-11997: ctype_alnum 5 times slower in PHP 8.1 or greater in 07811b6390
  • Fix GH-12297: PHP Startup: Invalid library (maybe not a PHP library) '' in Unknown on line in 14fc3d1566
  • Fix GH-12167 and GH-12169: Unable to get comment or processing instruction contents in SimpleXML in 82a84d0b7b
  • Make sure core module has number 0 in GH-12272
  • Extend C14N fast path to HTML documents too in GH-12293
  • Remove unnecessary libxml2 version checks in 6a7b96529b
  • Add additional test for special cases for C14N in 916dedf7d7
  • Remove unnecessary invalidation in 554f659602
  • Implement #53655: Improve speed of DOMNode::C14N() on large XML documents in 5d68d61943
  • Fix memory leak when calling xml_parse_into_struct() twice in 30f26b587a
  • Fix return type of stub of xml_parse_into_struct() in b1d9a8d321
  • Fix GH-12215: Module entry being overwritten causes type errors in ext/dom (PHP 8.4) in 8a812c3fda
  • Fix GH-12215: Module entry being overwritten causes type errors in ext/dom (<= PHP 8.3) in da6097ffc8
  • Fix bug #55098: SimpleXML iteration produces infinite loop in 1a4e401bf0
  • Fix GH-11956: PCRE regular expressions with JIT enabled gives different result in d61efdfe97
  • Fix GH-12208: SimpleXML infinite loop when a cast is used inside a foreach in 486276f0f9
  • Simplify php_sxe_count_elements_helper() by using non-destructive iterator reset in 8f9626c0f7
  • Add a test case for iterator and empty & var_dump interactions in fe98a16af7
  • Use php_sxe_reset_iterator_no_clear_iter_data() to avoid having to store and restore iterator data in 550ec29821
  • Remove unnecessary _IS_BOOL case in GH-12230
  • Fix GH-12223: Entity reference produces infinite loop in var_dump/print_r in 39a9e561f9
  • Fix GH-12192: SimpleXML infinite loop when getName() is called within foreach in 4d888cf53f
  • Simplify node check in simplexml in 0fee720173
  • Fix GH-12170: Can't use xpath with comments in SimpleXML in 747335f100
  • Small optimization in php_sxe_get_first_node() by avoiding unwrapping iterator data in GH-12194
  • Fix #52751: XPath processing-instruction() function is not supported in 107443b311
  • Deduplicate ParentNode and ChildNode interface implementations using @implementation-alias in f2fede56c8
  • Remove useless SKIP_TEXT() invokes in GH-12164
  • Preallocate result array size in simplexml xpath in d18bab5562
  • Remove obsolete libxml2 code in 0ea268b51a
  • Use zend_get_gc_buffer_add_fcc() in 49980ee89d
  • Fix build with sqlite3 gc and fci/fcc api in 1d59b37742
  • Fix GH-11878: SQLite3 callback functions cause a memory leak with a callable array in 07a9d2fb32
  • Add DOMNode::compareDocumentPosition() in GH-12146
  • Replace always-false attribute type check with assertion in 8c2c69494e
  • Update bundled pcre2 to 10.42 in c4e8f652c5
  • Remove DOM_NO_ARGS() and DOM_NOT_IMPLEMENTED() in GH-12147
  • Tweak behaviour of dynamic properties wrt error handlers in eee1617f38
  • Use zend_result as return for properties in ext/dom in GH-12113
  • Preallocate result array size in xpath in GH-12105
  • Add XPath tests for basic types in 7be47953a3
  • Add XPath test with a context node in 07c688f224

Peter Kokot

  • Remove _IO_cookie_io_functions_t in favor of cookie_io_functions_t in abed8b8e41
  • Fix too many arguments in FPM ACL compile check in GH-12242
  • Remove unused --with-zlib-dir configure option in a8e1b1018d
  • Remove unneeded zend_language_parser.h patch in GH-12178

Remi Collet

  • Fix port conflict 64324 used in bug51056.phpt in 80266f80d4
  • zip: add new test for dynamic files in 57123ee489
  • also display PHP version in phpize in c3c4b5356a
  • ensure displays_errors is off (default) in 1f2cfd8009

Thomas Hurst

Tim Dรผsterhus

  • abs: Make value == ZEND_LONG_MIN an unexpected branch in 9e66bc9b97
  • round: Make fractional == 0.5 an unexpected branch in 865535267b
  • Unify type juggling in math.c in GH-12286
  • UPGRADING: Move the validation of the rounding mode to Backward Incompatible Changes in 659c06d4c9
  • round(): Validate the rounding mode in GH-12252
  • Reimplement php_round_helper() using modf() in GH-12220
  • Fix #[Override] on traits overriding a parent method without a matching interface in GH-12205
  • Show the integer size in phpinfo() in GH-12201
  • Add abstract __construct() test for #[\Override] (024.phpt) in 0e9d658dd2
  • Update GitHub Action workflows to actions/checkout@v4 (8.3+) in 99cd81cd0a
  • Update GitHub Action workflows to actions/checkout@v4 in 45e60e585e


  • Fix socket_export_stream() with wrong protocol in b5da98b972

We are incredibly grateful for the commitment and dedication of all contributors. Stay tuned for next month's roundup as we continue to make PHP better together.

Support PHP Foundation

At PHP Foundation, we support, promote, and advance the PHP language. We financially support six part-time PHP core developers to contribute to the PHP project. You can help support PHP Foundation at OpenCollective or via GitHub Sponsors.

A big thanks to all our sponsors โ€” PHP Foundation is all of us!

Follow us on Twitter @ThePHPF to get the latest updates from the Foundation.

๐Ÿ’œ๏ธ ๐Ÿ˜

PHP Roundup is prepared by Ayesh Karunaratne from PHP.Watch, a source for PHP News, Articles, Upcoming Changes, and more.