Fix 15981: Segfault with frameless jumps and minimal JIT#17329
Fix 15981: Segfault with frameless jumps and minimal JIT#17329ndossche wants to merge 2 commits intophp:PHP-8.4from
Conversation
Minimal JIT shouldn't generate a call to the complex handler, but instead rely on the VM and then check for a two-way jump. This moves the frameless codegen under the check `JIT_G(opt_level) >= ZEND_JIT_LEVEL_INLINE`.
iluuu1994
left a comment
iluuu1994
left a comment
There was a problem hiding this comment.
@nielsdos Thank you very much for taking care of this. With my limited understanding, this looks correct. I don't know exactly what rules should be used to decide if something needs to be compiled for ZEND_JIT_LEVEL_MINIMAL. In that case, maybe ZEND_FRAMELESS_ICALL_n itself also shouldn't? @dstogov can maybe confirm (he's on holiday until next week). For now, this looks harmless as it only changes the rarely used minimal mode, and is broken as-is anyway.
|
Right, I suppose the frameless icalss should also go via the VM because the optimization level is below inline VM handlers. Fortunately that handler doesn't seem to cause issues. |
|
Ok. It's probably fine to do this here as well then, I think. |
|
Ok. I moved those too, in a new commit such that the actual fix is still in the first commit separately. We can wait for Dmitry to confirm. |
…el is set to inline
|
Merged via 72184ab |
3 participants
Minimal JIT shouldn't generate a call to the complex handler, but instead rely on the VM and then check for a two-way jump. This moves the frameless codegen under the check
JIT_G(opt_level) >= ZEND_JIT_LEVEL_INLINE. (See issue for more discussion)I'm fixing this finally because some fuzzer constantly hit this.