archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 21:48:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fixed incorrect VM stack overflow checks elimination

Browse source
This commit is contained in:
Dmitry Stogov 2023-06-20 11:59:36 +03:00
parent c174ebfce0
commit 1a96d64828
2 changed files with 25 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

2
ext/opcache/jit/zend_jit_internal.h
View file

@ -602,6 +602,8 @@ struct _zend_jit_trace_stack_frame {
uint32_t call_level; uint32_t call_level;
uint32_t _info; uint32_t _info;
int used_stack; int used_stack;
int old_checked_stack;
int old_peek_checked_stack;
zend_jit_trace_stack stack[1]; zend_jit_trace_stack stack[1];
}; };

23
ext/opcache/jit/zend_jit_trace.c
View file

@ -6603,7 +6603,8 @@ done:
op_array_ssa = &jit_extension->func_info.ssa; op_array_ssa = &jit_extension->func_info.ssa;
top = frame; top = frame;
if (frame->prev) { if (frame->prev) {
checked_stack -= frame->used_stack; checked_stack = frame->old_checked_stack;
peek_checked_stack = frame->old_peek_checked_stack;
frame = frame->prev; frame = frame->prev;
stack = frame->stack; stack = frame->stack;
ZEND_ASSERT(&frame->func->op_array == op_array); ZEND_ASSERT(&frame->func->op_array == op_array);
@ -6762,24 +6763,40 @@ done:
} }
} }
} }
call->old_checked_stack = checked_stack;
call->old_peek_checked_stack = peek_checked_stack;
if (p->info & ZEND_JIT_TRACE_FAKE_INIT_CALL) { if (p->info & ZEND_JIT_TRACE_FAKE_INIT_CALL) {
frame->call_level++; frame->call_level++;
call->used_stack = 0; call->used_stack = checked_stack = peek_checked_stack = 0;
} else { } else {
if (p->func) { if (p->func) {
call->used_stack = zend_vm_calc_used_stack(init_opline->extended_value, (zend_function*)p->func); call->used_stack = zend_vm_calc_used_stack(init_opline->extended_value, (zend_function*)p->func);
} else { } else {
call->used_stack = (ZEND_CALL_FRAME_SLOT + init_opline->extended_value) * sizeof(zval); call->used_stack = (ZEND_CALL_FRAME_SLOT + init_opline->extended_value) * sizeof(zval);
} }
switch (init_opline->opcode) {
case ZEND_INIT_FCALL:
case ZEND_INIT_FCALL_BY_NAME:
case ZEND_INIT_NS_FCALL_BY_NAME:
case ZEND_INIT_METHOD_CALL:
case ZEND_INIT_DYNAMIC_CALL:
//case ZEND_INIT_STATIC_METHOD_CALL:
//case ZEND_INIT_USER_CALL:
//case ZEND_NEW:
checked_stack += call->used_stack; checked_stack += call->used_stack;
if (checked_stack > peek_checked_stack) { if (checked_stack > peek_checked_stack) {
peek_checked_stack = checked_stack; peek_checked_stack = checked_stack;
} }
break;
default:
checked_stack = peek_checked_stack = 0;
}
} }
} else if (p->op == ZEND_JIT_TRACE_DO_ICALL) { } else if (p->op == ZEND_JIT_TRACE_DO_ICALL) {
call = frame->call; call = frame->call;
if (call) { if (call) {
checked_stack -= call->used_stack; checked_stack = call->old_checked_stack;
peek_checked_stack = call->old_peek_checked_stack;
top = call; top = call;
frame->call = call->prev; frame->call = call->prev;
} }