Skip to content

Commit 1949151

Browse files
dstogovdstogov
committed
Merge branch 'PHP-8.2'
* PHP-8.2: Fixed incorrect VM stack overflow checks elimination
2 parents 443927e + e50ed0f commit 1949151

File tree

2 files changed

+25
-6
lines changed

2 files changed

+25
-6
lines changed

ext/opcache/jit/zend_jit_internal.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -602,6 +602,8 @@ struct _zend_jit_trace_stack_frame {
602602
uint32_t call_level;
603603
uint32_t _info;
604604
int used_stack;
605+
int old_checked_stack;
606+
int old_peek_checked_stack;
605607
zend_jit_trace_stack stack[1];
606608
};
607609

ext/opcache/jit/zend_jit_trace.c

Lines changed: 23 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -6591,7 +6591,8 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par
65916591
op_array_ssa = &jit_extension->func_info.ssa;
65926592
top = frame;
65936593
if (frame->prev) {
6594-
checked_stack -= frame->used_stack;
6594+
checked_stack = frame->old_checked_stack;
6595+
peek_checked_stack = frame->old_peek_checked_stack;
65956596
frame = frame->prev;
65966597
stack = frame->stack;
65976598
ZEND_ASSERT(&frame->func->op_array == op_array);
@@ -6764,24 +6765,40 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par
67646765
}
67656766
}
67666767
}
6768+
call->old_checked_stack = checked_stack;
6769+
call->old_peek_checked_stack = peek_checked_stack;
67676770
if (p->info & ZEND_JIT_TRACE_FAKE_INIT_CALL) {
67686771
frame->call_level++;
6769-
call->used_stack = 0;
6772+
call->used_stack = checked_stack = peek_checked_stack = 0;
67706773
} else {
67716774
if (p->func) {
67726775
call->used_stack = zend_vm_calc_used_stack(init_opline->extended_value, (zend_function*)p->func);
67736776
} else {
67746777
call->used_stack = (ZEND_CALL_FRAME_SLOT + init_opline->extended_value) * sizeof(zval);
67756778
}
6776-
checked_stack += call->used_stack;
6777-
if (checked_stack > peek_checked_stack) {
6778-
peek_checked_stack = checked_stack;
6779+
switch (init_opline->opcode) {
6780+
case ZEND_INIT_FCALL:
6781+
case ZEND_INIT_FCALL_BY_NAME:
6782+
case ZEND_INIT_NS_FCALL_BY_NAME:
6783+
case ZEND_INIT_METHOD_CALL:
6784+
case ZEND_INIT_DYNAMIC_CALL:
6785+
//case ZEND_INIT_STATIC_METHOD_CALL:
6786+
//case ZEND_INIT_USER_CALL:
6787+
//case ZEND_NEW:
6788+
checked_stack += call->used_stack;
6789+
if (checked_stack > peek_checked_stack) {
6790+
peek_checked_stack = checked_stack;
6791+
}
6792+
break;
6793+
default:
6794+
checked_stack = peek_checked_stack = 0;
67796795
}
67806796
}
67816797
} else if (p->op == ZEND_JIT_TRACE_DO_ICALL) {
67826798
call = frame->call;
67836799
if (call) {
6784-
checked_stack -= call->used_stack;
6800+
checked_stack = call->old_checked_stack;
6801+
peek_checked_stack = call->old_peek_checked_stack;
67856802
top = call;
67866803
frame->call = call->prev;
67876804
}

0 commit comments

Comments
 (0)