Fix incorrect CG(memoize_mode) state after bailout in ??=

Fixes GH-11108
Closes GH-11109

NEWS

@@ -11,6 +11,8 @@ PHP                                                                        NEWS
   . Fixed bug GH-10737 (PHP 8.1.16 segfaults on line 597 of
     sapi/apache2handler/sapi_apache2.c). (nielsdos, ElliotNB)
   . Fixed bug GH-11028 (Heap Buffer Overflow in zval_undefined_cv.). (nielsdos)
+  . Fixed bug GH-11108 (Incorrect CG(memoize_mode) state after bailout in ??=).
+    (ilutov)
 
 - DOM:
   . Fixed bug #80602 (Segfault when using DOMChildNode::before()).

Zend/tests/gh11108.phpt

@@ -0,0 +1,11 @@
+--TEST--
+GH-11108: Incorrect CG(memoize_mode) state after bailout in ??=
+--FILE--
+<?php
+register_shutdown_function(function() {
+    include __DIR__ . '/gh11108_shutdown.inc';
+});
+include __DIR__ . '/gh11108_test.inc';
+?>
+--EXPECTF--
+Fatal error: Cannot use [] for reading in %s on line %d

Zend/tests/gh11108_shutdown.inc

@@ -0,0 +1,5 @@
+<?php
+
+function test() {
+    throw new Exception();
+}

Zend/tests/gh11108_test.inc

@@ -0,0 +1,3 @@
+<?php
+
+$messageList[] ??= true;

Zend/zend.c

@@ -1192,6 +1192,7 @@ ZEND_API ZEND_COLD ZEND_NORETURN void _zend_bailout(const char *filename, uint32
 	CG(unclean_shutdown) = 1;
 	CG(active_class_entry) = NULL;
 	CG(in_compilation) = 0;
+	CG(memoize_mode) = 0;
 	EG(current_execute_data) = NULL;
 	LONGJMP(*EG(bailout), FAILURE);
 }