Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Fix GH-17654: Multiple classes using same trait causes function JIT crash #17660

Closed
wants to merge 1 commit into from
Closed

Fix GH-17654: Multiple classes using same trait causes function JIT crash #17660

wants to merge 1 commit into from
+44 −6

Conversation

nielsdos
Copy link
Member

@nielsdos nielsdos commented Jan 31, 2025
edited
Loading

This test has two classes that use the same trait. In function JIT mode the same cache slot will be used. This causes problems because it is primed for the first class and then reused for the second class, resulting in an incorrect type check failure.

The current check for a megamorphic trait call requires current_frame to not be NULL, but this is only set in tracing mode and not in function mode.

This patch corrects the check.
This also needs to be fixed in 8.4, but the port to 8.4 is trivial.

@nielsdos nielsdos linked an issue Jan 31, 2025 that may be closed by this pull request
Multiple classes using same trait causes function JIT crash #17654
Closed
@nielsdos
Fix phpGH-17654: JIT OPcache with CRTO Modes XX14, XX34, XX15 and XX3…
7e8fc4d 
…5 Crash The Application

This test has two classes that use the same trait. In function JIT mode
the same cache slot will be used. This causes problems because it is
primed for the first class and then reused for the second class,
resulting in an incorrect type check failure.

The current check for a megamorphic trait call requires current_frame to
not be NULL, but this is only set in tracing mode and not in function
mode.

This patch corrects the check.
@nielsdos nielsdos marked this pull request as ready for review January 31, 2025 21:37
@nielsdos nielsdos requested a review from dstogov as a code owner January 31, 2025 21:37
iluuu1994
iluuu1994 reviewed Jan 31, 2025
View reviewed changes
Copy link
Member

@iluuu1994 iluuu1994 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not a very useful review, I know 😄

ext/opcache/jit/zend_jit_arm64.dasc Show resolved Hide resolved
@nielsdos nielsdos changed the title Fix GH-17654: JIT OPcache with CRTO Modes XX14, XX34, XX15 and XX35 Crash The Application Fix GH-17654: Multiple classes using same trait causes function JIT crash Jan 31, 2025
@nielsdos nielsdos closed this in f88445b Feb 3, 2025
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@iluuu1994 iluuu1994 iluuu1994 left review comments

@dstogov dstogov dstogov approved these changes

Assignees
No one assigned
Labels
Extension: opcache
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Multiple classes using same trait causes function JIT crash
3 participants
@nielsdos @iluuu1994 @dstogov