Fixed #79582 (Crash seen when opcache.jit=1235 and opcache.jit_debug=2)

Author: laruence

NEWS

@@ -67,6 +67,8 @@ PHP                                                                        NEWS
   . Removed deprecated INTL_IDNA_VARIANT_2003. (cmb)
 
 - JIT:
+  . Fixed bug #79582 (Crash seen when opcache.jit=1235 and
+    opcache.jit_debug=2). (Laruence)
   . Fixed bug #77857 (Wrong result if executed with JIT). (Laruence)
   . Fixed bug #79255 (PHP cannot be compiled with enable JIT).
     (Laruence, Dmitry)

ext/opcache/jit/zend_jit.c

@@ -3206,6 +3206,7 @@ void ZEND_FASTCALL zend_jit_hot_func(zend_execute_data *execute_data, const zend
 static int zend_jit_setup_hot_counters(zend_op_array *op_array)
 {
 	zend_op *opline = op_array->opcodes;
+	zend_func_info *func_info;
 	zend_jit_op_array_hot_extension *jit_extension;
 	zend_cfg cfg;
 	uint32_t i;
@@ -3218,6 +3219,14 @@ static int zend_jit_setup_hot_counters(zend_op_array *op_array)
 	}
 
 	jit_extension = (zend_jit_op_array_hot_extension*)zend_shared_alloc(sizeof(zend_jit_op_array_hot_extension) + (op_array->last - 1) * sizeof(void*));
+	func_info = (zend_func_info*)ZEND_FUNC_INFO(op_array);
+	if (func_info) {
+		memcpy(&jit_extension->func_info, func_info, sizeof(zend_func_info));
+	} else {
+		memset(&jit_extension->func_info, 0, sizeof(zend_func_info));
+		jit_extension->func_info.num_args = -1;
+		jit_extension->func_info.return_value_used = -1;
+	}
 	jit_extension->counter = &zend_jit_hot_counters[zend_jit_op_array_hash(op_array) & (ZEND_HOT_COUNTERS_COUNT - 1)];
 	for (i = 0; i < op_array->last; i++) {
 		jit_extension->orig_handlers[i] = op_array->opcodes[i].handler;

ext/opcache/jit/zend_jit_internal.h

@@ -53,6 +53,7 @@ static zend_always_inline zend_long zend_jit_hash(const void *ptr)
 void ZEND_FASTCALL zend_jit_hot_func(zend_execute_data *execute_data, const zend_op *opline);
 
 typedef struct _zend_jit_op_array_hot_extension {
+	zend_func_info func_info;
 	int16_t    *counter;
 	const void *orig_handlers[1];
 } zend_jit_op_array_hot_extension;

ext/opcache/jit/zend_jit_trace.c

@@ -4984,6 +4984,7 @@ static zend_always_inline uint8_t zend_jit_trace_supported(const zend_op *opline
 static int zend_jit_setup_hot_trace_counters(zend_op_array *op_array)
 {
 	zend_op *opline;
+	zend_func_info *func_info;
 	zend_jit_op_array_trace_extension *jit_extension;
 	zend_cfg cfg;
 	uint32_t i;
@@ -4998,9 +4999,14 @@ static int zend_jit_setup_hot_trace_counters(zend_op_array *op_array)
 	}
 
 	jit_extension = (zend_jit_op_array_trace_extension*)zend_shared_alloc(sizeof(zend_jit_op_array_trace_extension) + (op_array->last - 1) * sizeof(zend_op_trace_info));
-	memset(&jit_extension->func_info, 0, sizeof(jit_extension->func_info));
-	jit_extension->func_info.num_args = -1;
-	jit_extension->func_info.return_value_used = -1;
+	func_info = (zend_func_info*)ZEND_FUNC_INFO(op_array);
+	if (func_info) {
+		memcpy(&jit_extension->func_info, func_info, sizeof(zend_func_info));
+	} else {
+		memset(&jit_extension->func_info, 0, sizeof(zend_func_info));
+		jit_extension->func_info.num_args = -1;
+		jit_extension->func_info.return_value_used = -1;
+	}
 	jit_extension->offset = (char*)jit_extension->trace_info - (char*)op_array->opcodes;
 	for (i = 0; i < op_array->last; i++) {
 		jit_extension->trace_info[i].orig_handler = op_array->opcodes[i].handler;