Skip to content

Commit 7971602

Browse files
dstogovdstogov
committed
Fixed bug #80480 (Segmentation fault with JIT enabled)
1 parent 9dc42b4 commit 7971602

File tree

2 files changed

+38
-21
lines changed

2 files changed

+38
-21
lines changed

NEWS

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@ PHP NEWS
2929
JIT). (Nikita)
3030
. Fixed bug #80447 (Strange out of memory error when running with JIT).
3131
(Dmitry)
32+
. Fixed bug #80480 (Segmentation fault with JIT enabled). (Dmitry)
3233

3334
- OpenSSL:
3435
. Fixed bug #80368 (OpenSSL extension fails to build against LibreSSL due to

ext/opcache/jit/zend_jit_x86.dasc

Lines changed: 37 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -599,7 +599,7 @@ static void* dasm_labels[zend_lb_MAX];
599599
|| }
600600
|.endmacro
601601

602-
|.macro SSE_GET_LONG, reg, lval
602+
|.macro SSE_GET_LONG, reg, lval, tmp_reg
603603
|| if (lval == 0) {
604604
|| if (CAN_USE_AVX()) {
605605
| vxorps xmm(reg-ZREG_XMM0), xmm(reg-ZREG_XMM0), xmm(reg-ZREG_XMM0)
@@ -609,26 +609,26 @@ static void* dasm_labels[zend_lb_MAX];
609609
|| } else {
610610
|.if X64
611611
|| if (!IS_SIGNED_32BIT(lval)) {
612-
| mov64 r0, lval
612+
| mov64 Ra(tmp_reg), lval
613613
|| } else {
614-
| mov r0, lval
614+
| mov Ra(tmp_reg), lval
615615
|| }
616616
|.else
617-
| mov r0, lval
617+
| mov Ra(tmp_reg), lval
618618
|.endif
619619
|| if (CAN_USE_AVX()) {
620620
| vxorps xmm(reg-ZREG_XMM0), xmm(reg-ZREG_XMM0), xmm(reg-ZREG_XMM0)
621-
| vcvtsi2sd, xmm(reg-ZREG_XMM0), xmm(reg-ZREG_XMM0), r0
621+
| vcvtsi2sd, xmm(reg-ZREG_XMM0), xmm(reg-ZREG_XMM0), Ra(tmp_reg)
622622
|| } else {
623623
| xorps xmm(reg-ZREG_XMM0), xmm(reg-ZREG_XMM0)
624-
| cvtsi2sd, xmm(reg-ZREG_XMM0), r0
624+
| cvtsi2sd, xmm(reg-ZREG_XMM0), Ra(tmp_reg)
625625
|| }
626626
|| }
627627
|.endmacro
628628

629-
|.macro SSE_GET_ZVAL_LVAL, reg, addr
629+
|.macro SSE_GET_ZVAL_LVAL, reg, addr, tmp_reg
630630
|| if (Z_MODE(addr) == IS_CONST_ZVAL) {
631-
| SSE_GET_LONG reg, Z_LVAL_P(Z_ZV(addr))
631+
| SSE_GET_LONG reg, Z_LVAL_P(Z_ZV(addr)), tmp_reg
632632
|| } else if (Z_MODE(addr) == IS_MEM_ZVAL) {
633633
|| if (CAN_USE_AVX()) {
634634
| vxorps xmm(reg-ZREG_XMM0), xmm(reg-ZREG_XMM0), xmm(reg-ZREG_XMM0)
@@ -934,7 +934,7 @@ static void* dasm_labels[zend_lb_MAX];
934934
| SSE_SET_ZVAL_DVAL dst_addr, dst_reg
935935
|| } else if (Z_TYPE_P(zv) == IS_LONG && dst_def_info == MAY_BE_DOUBLE) {
936936
|| zend_reg dst_reg = (Z_MODE(dst_addr) == IS_REG) ? Z_REG(dst_addr) : ZREG_XMM0;
937-
| SSE_GET_LONG dst_reg, Z_LVAL_P(zv)
937+
| SSE_GET_LONG dst_reg, Z_LVAL_P(zv), ZREG_R0
938938
| SSE_SET_ZVAL_DVAL dst_addr, dst_reg
939939
|| } else if (Z_LVAL_P(zv) == 0 && Z_MODE(dst_addr) == IS_REG) {
940940
| xor Ra(Z_REG(dst_addr)), Ra(Z_REG(dst_addr))
@@ -989,13 +989,13 @@ static void* dasm_labels[zend_lb_MAX];
989989
| SSE_SET_ZVAL_DVAL res_addr, ZREG_XMM0
990990
|| } else if (Z_TYPE_P(zv) == IS_LONG && dst_def_info == MAY_BE_DOUBLE) {
991991
|| if (Z_MODE(dst_addr) == IS_REG) {
992-
| SSE_GET_LONG Z_REG(dst_addr), Z_LVAL_P(zv)
992+
| SSE_GET_LONG Z_REG(dst_addr), Z_LVAL_P(zv), ZREG_R0
993993
| SSE_SET_ZVAL_DVAL res_addr, Z_REG(dst_addr)
994994
|| } else if (Z_MODE(res_addr) == IS_REG) {
995-
| SSE_GET_LONG Z_REG(res_addr), Z_LVAL_P(zv)
995+
| SSE_GET_LONG Z_REG(res_addr), Z_LVAL_P(zv), ZREG_R0
996996
| SSE_SET_ZVAL_DVAL dst_addr, Z_REG(res_addr)
997997
|| } else {
998-
| SSE_GET_LONG ZREG_XMM0, Z_LVAL_P(zv)
998+
| SSE_GET_LONG ZREG_XMM0, Z_LVAL_P(zv), ZREG_R0
999999
| SSE_SET_ZVAL_DVAL dst_addr, ZREG_XMM0
10001000
| SSE_SET_ZVAL_DVAL res_addr, ZREG_XMM0
10011001
|| }
@@ -4208,6 +4208,7 @@ static int zend_jit_math_long_long(dasm_State **Dst,
42084208
{
42094209
zend_bool same_ops = zend_jit_same_addr(op1_addr, op2_addr);
42104210
zend_reg result_reg;
4211+
zend_reg tmp_reg = ZREG_R0;
42114212

42124213
if (Z_MODE(res_addr) == IS_REG && (res_info & MAY_BE_LONG)) {
42134214
if (may_overflow && (res_info & MAY_BE_GUARD)
@@ -4224,6 +4225,7 @@ static int zend_jit_math_long_long(dasm_State **Dst,
42244225
} else {
42254226
/* ASSIGN_DIM_OP */
42264227
result_reg = ZREG_FCARG1a;
4228+
tmp_reg = ZREG_FCARG1a;
42274229
}
42284230

42294231
if (opcode == ZEND_MUL &&
@@ -4346,8 +4348,8 @@ static int zend_jit_math_long_long(dasm_State **Dst,
43464348
}
43474349
}
43484350

4349-
| SSE_GET_ZVAL_LVAL tmp_reg1, op1_addr
4350-
| SSE_GET_ZVAL_LVAL tmp_reg2, op2_addr
4351+
| SSE_GET_ZVAL_LVAL tmp_reg1, op1_addr, tmp_reg
4352+
| SSE_GET_ZVAL_LVAL tmp_reg2, op2_addr, tmp_reg
43514353
if (CAN_USE_AVX()) {
43524354
| AVX_MATH_REG opcode, tmp_reg1, tmp_reg1, tmp_reg2
43534355
} else {
@@ -4379,8 +4381,16 @@ static int zend_jit_math_long_double(dasm_State **Dst,
43794381
{
43804382
zend_reg result_reg =
43814383
(Z_MODE(res_addr) == IS_REG) ? Z_REG(res_addr) : ZREG_XMM0;
4384+
zend_reg tmp_reg;
4385+
4386+
if (Z_MODE(res_addr) == IS_MEM_ZVAL && Z_REG(res_addr) == ZREG_R0) {
4387+
/* ASSIGN_DIM_OP */
4388+
tmp_reg = ZREG_R1;
4389+
} else {
4390+
tmp_reg = ZREG_R0;
4391+
}
43824392

4383-
| SSE_GET_ZVAL_LVAL result_reg, op1_addr
4393+
| SSE_GET_ZVAL_LVAL result_reg, op1_addr, tmp_reg
43844394

43854395
if (Z_MODE(res_addr) == IS_MEM_ZVAL && Z_REG(res_addr) == ZREG_R0) {
43864396
/* ASSIGN_DIM_OP */
@@ -4414,7 +4424,7 @@ static int zend_jit_math_double_long(dasm_State **Dst,
44144424
zend_jit_addr res_addr,
44154425
uint32_t res_use_info)
44164426
{
4417-
zend_reg result_reg;
4427+
zend_reg result_reg, tmp_reg;
44184428

44194429
if (zend_is_commutative(opcode)
44204430
&& (Z_MODE(res_addr) != IS_REG || Z_MODE(op1_addr) != IS_REG || Z_REG(res_addr) != Z_REG(op1_addr))) {
@@ -4423,7 +4433,13 @@ static int zend_jit_math_double_long(dasm_State **Dst,
44234433
} else {
44244434
result_reg = ZREG_XMM0;
44254435
}
4426-
| SSE_GET_ZVAL_LVAL result_reg, op2_addr
4436+
if (Z_MODE(res_addr) == IS_MEM_ZVAL && Z_REG(res_addr) == ZREG_R0) {
4437+
/* ASSIGN_DIM_OP */
4438+
tmp_reg = ZREG_R1;
4439+
} else {
4440+
tmp_reg = ZREG_R0;
4441+
}
4442+
| SSE_GET_ZVAL_LVAL result_reg, op2_addr, tmp_reg
44274443
if (Z_MODE(res_addr) == IS_MEM_ZVAL && Z_REG(res_addr) == ZREG_R0) {
44284444
/* ASSIGN_DIM_OP */
44294445
if (CAN_USE_AVX()) {
@@ -4465,7 +4481,7 @@ static int zend_jit_math_double_long(dasm_State **Dst,
44654481
&& Z_LVAL_P(Z_ZV(op2_addr)) == 0) {
44664482
/* +/- 0 */
44674483
} else {
4468-
| SSE_GET_ZVAL_LVAL tmp_reg, op2_addr
4484+
| SSE_GET_ZVAL_LVAL tmp_reg, op2_addr, ZREG_R0
44694485
| AVX_MATH_REG opcode, result_reg, op1_reg, tmp_reg
44704486
}
44714487
} else {
@@ -4475,7 +4491,7 @@ static int zend_jit_math_double_long(dasm_State **Dst,
44754491
&& Z_LVAL_P(Z_ZV(op2_addr)) == 0) {
44764492
/* +/- 0 */
44774493
} else {
4478-
| SSE_GET_ZVAL_LVAL tmp_reg, op2_addr
4494+
| SSE_GET_ZVAL_LVAL tmp_reg, op2_addr, ZREG_R0
44794495
| SSE_MATH_REG opcode, result_reg, tmp_reg
44804496
}
44814497
}
@@ -7354,7 +7370,7 @@ static int zend_jit_cmp_long_double(dasm_State **Dst, const zend_op *opline, zen
73547370
{
73557371
zend_reg tmp_reg = ZREG_XMM0;
73567372

7357-
| SSE_GET_ZVAL_LVAL tmp_reg, op1_addr
7373+
| SSE_GET_ZVAL_LVAL tmp_reg, op1_addr, ZREG_R0
73587374
| SSE_AVX_OP ucomisd, vucomisd, tmp_reg, op2_addr
73597375

73607376
return zend_jit_cmp_double_common(Dst, opline, res_addr, 0, smart_branch_opcode, target_label, target_label2, exit_addr);
@@ -7364,7 +7380,7 @@ static int zend_jit_cmp_double_long(dasm_State **Dst, const zend_op *opline, zen
73647380
{
73657381
zend_reg tmp_reg = ZREG_XMM0;
73667382

7367-
| SSE_GET_ZVAL_LVAL tmp_reg, op2_addr
7383+
| SSE_GET_ZVAL_LVAL tmp_reg, op2_addr, ZREG_R0
73687384
| SSE_AVX_OP ucomisd, vucomisd, tmp_reg, op1_addr
73697385

73707386
return zend_jit_cmp_double_common(Dst, opline, res_addr, /* swap */ 1, smart_branch_opcode, target_label, target_label2, exit_addr);

0 commit comments

Comments
 (0)