Fix #81206: Multiple PHP processes crash with JIT enabled

cmb69 · cmb69 · commit ef77d3c89f3c · 2021-07-19T23:45:37.000+02:00
We need to avoid resetting the JIT for all SAPIs, but we need to initialize the JIT handlers even when only reattaching on Windows. Closes GH-7208.
diff --git a/NEWS b/NEWS
@@ -16,6 +16,8 @@ PHP                                                                        NEWS
     (Dmitry)
   . Fixed bug #81249 (Intermittent property assignment failure with JIT
     enabled). (Dmitry)
+  . Fixed bug #81206 (Multiple PHP processes crash with JIT enabled). (cmb,
+    Nikita)
 
 - Standard:
   . Fixed bug #72146 (Integer overflow on substr_replace). (cmb)
diff --git a/ext/opcache/ZendAccelerator.c b/ext/opcache/ZendAccelerator.c
@@ -3008,7 +3008,7 @@ static zend_result accel_post_startup(void)
 				zend_accel_error(ACCEL_LOG_FATAL, "Failure to initialize shared memory structures - probably not enough shared memory.");
 				return SUCCESS;
 			case SUCCESSFULLY_REATTACHED:
-#if defined(HAVE_JIT) && !defined(ZEND_WIN32)
+#ifdef HAVE_JIT
 				reattached = 1;
 #endif
 				zend_shared_alloc_lock();
diff --git a/ext/opcache/jit/zend_jit.c b/ext/opcache/jit/zend_jit.c
@@ -4044,24 +4044,8 @@ ZEND_EXT_API void zend_jit_protect(void)
 #endif
 }
 
-static int zend_jit_make_stubs(void)
+static void zend_jit_init_handlers(void)
 {
-	dasm_State* dasm_state = NULL;
-	uint32_t i;
-
-	dasm_init(&dasm_state, DASM_MAXSECTION);
-	dasm_setupglobal(&dasm_state, dasm_labels, zend_lb_MAX);
-
-	for (i = 0; i < sizeof(zend_jit_stubs)/sizeof(zend_jit_stubs[0]); i++) {
-		dasm_setup(&dasm_state, dasm_actions);
-		if (!zend_jit_stubs[i].stub(&dasm_state)) {
-			return 0;
-		}
-		if (!dasm_link_and_encode(&dasm_state, NULL, NULL, NULL, NULL, zend_jit_stubs[i].name, 0)) {
-			return 0;
-		}
-	}
-
 	if (zend_jit_vm_kind == ZEND_VM_KIND_HYBRID) {
 		zend_jit_runtime_jit_handler = dasm_labels[zend_lbhybrid_runtime_jit];
 		zend_jit_profile_jit_handler = dasm_labels[zend_lbhybrid_profile_jit];
@@ -4079,6 +4063,27 @@ static int zend_jit_make_stubs(void)
 		zend_jit_ret_trace_counter_handler = (const void*)zend_jit_ret_trace_helper;
 		zend_jit_loop_trace_counter_handler = (const void*)zend_jit_loop_trace_helper;
 	}
+}
+
+static int zend_jit_make_stubs(void)
+{
+	dasm_State* dasm_state = NULL;
+	uint32_t i;
+
+	dasm_init(&dasm_state, DASM_MAXSECTION);
+	dasm_setupglobal(&dasm_state, dasm_labels, zend_lb_MAX);
+
+	for (i = 0; i < sizeof(zend_jit_stubs)/sizeof(zend_jit_stubs[0]); i++) {
+		dasm_setup(&dasm_state, dasm_actions);
+		if (!zend_jit_stubs[i].stub(&dasm_state)) {
+			return 0;
+		}
+		if (!dasm_link_and_encode(&dasm_state, NULL, NULL, NULL, NULL, zend_jit_stubs[i].name, 0)) {
+			return 0;
+		}
+	}
+
+	zend_jit_init_handlers();
 
 	dasm_free(&dasm_state);
 	return 1;
@@ -4353,6 +4358,7 @@ ZEND_EXT_API int zend_jit_startup(void *buf, size_t size, zend_bool reattached)
 #if _WIN32
 		/* restore global labels */
 		memcpy(dasm_labels, dasm_buf, sizeof(void*) * zend_lb_MAX);
+		zend_jit_init_handlers();
 #endif
 	}
 
