Fix GH-17257: SEGV ext/opcache/jit/zend_jit_vm_helpers.c #17260
Conversation
EX(opline) / opline can be stale if the IP is not stored, like in this case on a trace enter. We always need to make sure that the opline is up to date to make sure we don't use stale data.
There was a problem hiding this comment.
I'm not completely sure, but this looks suspicious to me.
The original code avoided some unnecessary opline and EX(opline) modifications on purpose. In JIT-ed code they don't have to be always in consistent state. but they should be restored when exit to VM (during de-optimization) or before calling sensitive functions.
May be instead of opline modification, we should invalidate last_known_opline.
Unfortunately, I can't reproduce the failure with the provided test case and I can't spend significant time now. Can you please improve the test case (may be add ASSERT to make it reproducible) or explain the problem in more details.
|
Sorry, the bug title was misleading. |
|
Now I see. I would treat this as not a SEGV but just an undefined behavior warning. Right? To fix this we may create a copy of |
Yes
I may try this a bit later |
Please do. |
|
Ok I pushed that. |
EX(opline) / opline can be stale if the IP is not stored, like in this case on a trace enter. We always need to make sure that the opline is up to date to make sure we don't use stale data.
I also simplified the original test case a bit.
Needs to be fixed on 8.3, but the backport is simple.