Merge branch 'PHP-8.1'

dstogov · dstogov · commit 3190062c392e · 2021-10-25T12:12:53.000+03:00
* PHP-8.1:
  Tracing JIT: Fixed possible endless loop when escape from ZEND_CALL_TOP frame
diff --git a/ext/opcache/jit/zend_jit_arm64.dasc b/ext/opcache/jit/zend_jit_arm64.dasc
@@ -3089,7 +3089,7 @@ static int zend_jit_trace_link_to_root(dasm_State **Dst, zend_jit_trace_info *t,
 	return 1;
 }
 
-static int zend_jit_trace_return(dasm_State **Dst, bool original_handler)
+static int zend_jit_trace_return(dasm_State **Dst, bool original_handler, const zend_op *opline)
 {
 	if (zend_jit_vm_kind == ZEND_VM_KIND_HYBRID) {
 		|	ADD_HYBRID_SPAD
@@ -3124,7 +3124,15 @@ static int zend_jit_trace_return(dasm_State **Dst, bool original_handler)
 		}
 		|	ldp FP, RX, T2                // retore FP and IP
 		|	ldp x29, x30, [sp], # NR_SPAD // stack alignment
-		|	mov RETVALx, #2               // ZEND_VM_LEAVE
+		if (!original_handler || !opline ||
+		    (opline->opcode != ZEND_RETURN
+		  && opline->opcode != ZEND_RETURN_BY_REF
+		  && opline->opcode != ZEND_GENERATOR_RETURN
+		  && opline->opcode != ZEND_GENERATOR_CREATE
+		  && opline->opcode != ZEND_YIELD
+		  && opline->opcode != ZEND_YIELD_FROM)) {
+			|	mov RETVALx, #2               // ZEND_VM_LEAVE
+		}
 		|	ret
 	}
 	return 1;
diff --git a/ext/opcache/jit/zend_jit_trace.c b/ext/opcache/jit/zend_jit_trace.c
@@ -6698,10 +6698,10 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par
 			}
 			zend_jit_trace_link_to_root(&dasm_state, &zend_jit_traces[t->link], timeout_exit_addr);
 		} else {
-			zend_jit_trace_return(&dasm_state, 0);
+			zend_jit_trace_return(&dasm_state, 0, NULL);
 		}
 	} else if (p->stop == ZEND_JIT_TRACE_STOP_RETURN) {
-		zend_jit_trace_return(&dasm_state, 0);
+		zend_jit_trace_return(&dasm_state, 0, NULL);
 	} else {
 		// TODO: not implemented ???
 		ZEND_ASSERT(0 && p->stop);
@@ -6847,7 +6847,7 @@ static const void *zend_jit_trace_exit_to_vm(uint32_t trace_num, uint32_t exit_n
 		zend_jit_set_ip_ex(&dasm_state, opline, original_handler);
 	}
 
-	zend_jit_trace_return(&dasm_state, original_handler);
+	zend_jit_trace_return(&dasm_state, original_handler, opline);
 
 	handler = dasm_link_and_encode(&dasm_state, NULL, NULL, NULL, NULL, name, ZEND_JIT_TRACE_NUM, SP_ADJ_JIT, SP_ADJ_NONE);
 
diff --git a/ext/opcache/jit/zend_jit_x86.dasc b/ext/opcache/jit/zend_jit_x86.dasc
@@ -3433,7 +3433,7 @@ static int zend_jit_trace_link_to_root(dasm_State **Dst, zend_jit_trace_info *t,
 	return 1;
 }
 
-static int zend_jit_trace_return(dasm_State **Dst, bool original_handler)
+static int zend_jit_trace_return(dasm_State **Dst, bool original_handler, const zend_op *opline)
 {
 #if 0
 	|	jmp ->trace_escape
@@ -3469,7 +3469,15 @@ static int zend_jit_trace_return(dasm_State **Dst, bool original_handler)
 		|	mov FP, aword T2 // restore FP
 		|	mov RX, aword T3 // restore IP
 		|	add r4, NR_SPAD // stack alignment
-		|	mov r0, 2 // ZEND_VM_LEAVE
+		if (!original_handler || !opline ||
+		    (opline->opcode != ZEND_RETURN
+		  && opline->opcode != ZEND_RETURN_BY_REF
+		  && opline->opcode != ZEND_GENERATOR_RETURN
+		  && opline->opcode != ZEND_GENERATOR_CREATE
+		  && opline->opcode != ZEND_YIELD
+		  && opline->opcode != ZEND_YIELD_FROM)) {
+			|	mov r0, 2 // ZEND_VM_LEAVE
+		}
 		|	ret
 	}
 #endif

Original file line number	Diff line number	Diff line change
`@@ -3089,7 +3089,7 @@ static int zend_jit_trace_link_to_root(dasm_State *Dst, zend_jit_trace_info t,`
`3089`	`3089`	`return 1;`
`3090`	`3090`	`}`
`3091`	`3091`
`3092`		`-static int zend_jit_trace_return(dasm_State **Dst, bool original_handler)`
	`3092`	`+static int zend_jit_trace_return(dasm_State *Dst, bool original_handler, const zend_op opline)`
`3093`	`3093`	`{`
`3094`	`3094`	`if (zend_jit_vm_kind == ZEND_VM_KIND_HYBRID) {`
`3095`	`3095`	`\| ADD_HYBRID_SPAD`
`@@ -3124,7 +3124,15 @@ static int zend_jit_trace_return(dasm_State **Dst, bool original_handler)`
`3124`	`3124`	`}`
`3125`	`3125`	`\| ldp FP, RX, T2 // retore FP and IP`
`3126`	`3126`	`\| ldp x29, x30, [sp], # NR_SPAD // stack alignment`
`3127`		`- \| mov RETVALx, #2 // ZEND_VM_LEAVE`
	`3127`	`+ if (!original_handler \|\| !opline \|\|`
	`3128`	`+ (opline->opcode != ZEND_RETURN`
	`3129`	`+ && opline->opcode != ZEND_RETURN_BY_REF`
	`3130`	`+ && opline->opcode != ZEND_GENERATOR_RETURN`
	`3131`	`+ && opline->opcode != ZEND_GENERATOR_CREATE`
	`3132`	`+ && opline->opcode != ZEND_YIELD`
	`3133`	`+ && opline->opcode != ZEND_YIELD_FROM)) {`
	`3134`	`+ \| mov RETVALx, #2 // ZEND_VM_LEAVE`
	`3135`	`+ }`
`3128`	`3136`	`\| ret`
`3129`	`3137`	`}`
`3130`	`3138`	`return 1;`
Original file line number	Diff line number	Diff line change
`@@ -6698,10 +6698,10 @@ static const void zend_jit_trace(zend_jit_trace_rec trace_buffer, uint32_t par`
`6698`	`6698`	`}`
`6699`	`6699`	`zend_jit_trace_link_to_root(&dasm_state, &zend_jit_traces[t->link], timeout_exit_addr);`
`6700`	`6700`	`} else {`
`6701`		`- zend_jit_trace_return(&dasm_state, 0);`
	`6701`	`+ zend_jit_trace_return(&dasm_state, 0, NULL);`
`6702`	`6702`	`}`
`6703`	`6703`	`} else if (p->stop == ZEND_JIT_TRACE_STOP_RETURN) {`
`6704`		`- zend_jit_trace_return(&dasm_state, 0);`
	`6704`	`+ zend_jit_trace_return(&dasm_state, 0, NULL);`
`6705`	`6705`	`} else {`
`6706`	`6706`	`// TODO: not implemented ???`
`6707`	`6707`	`ZEND_ASSERT(0 && p->stop);`
`@@ -6847,7 +6847,7 @@ static const void *zend_jit_trace_exit_to_vm(uint32_t trace_num, uint32_t exit_n`
`6847`	`6847`	`zend_jit_set_ip_ex(&dasm_state, opline, original_handler);`
`6848`	`6848`	`}`
`6849`	`6849`
`6850`		`- zend_jit_trace_return(&dasm_state, original_handler);`
	`6850`	`+ zend_jit_trace_return(&dasm_state, original_handler, opline);`
`6851`	`6851`
`6852`	`6852`	`handler = dasm_link_and_encode(&dasm_state, NULL, NULL, NULL, NULL, name, ZEND_JIT_TRACE_NUM, SP_ADJ_JIT, SP_ADJ_NONE);`
`6853`	`6853`