Backport phpGH-17869 to PHP 8.3 JIT

Closes phpGH-17918.

Author: nielsdos

NEWS

@@ -44,6 +44,7 @@ PHP                                                                        NEWS
   . Fixed bug GH-17577 (JIT packed type guard crash). (nielsdos, Dmitry)
   . Fixed bug GH-17899 (zend_test_compile_string with invalid path
     when opcache is enabled). (David Carlier)
+  . Fixed bug GH-17868 (Cannot allocate memory with tracing JIT). (nielsdos)
 
 - PDO_SQLite:
   . Fixed GH-17837 ()::getColumnMeta() on unexecuted statement segfaults).

ext/opcache/jit/zend_jit_arm64.dasc

@@ -8629,11 +8629,18 @@ static int zend_jit_push_call_frame(dasm_State **Dst, const zend_op *opline, con
 		|	str TMP1w, EX:RX->This.u1.type_info
 		|	// Z_PTR(call->This) = object_or_called_scope;
 		|	str REG1, EX:RX->This.value.ptr
-		|	ldr TMP1, [REG0, #offsetof(zend_closure, func.op_array.run_time_cache__ptr)]
-		|	cbnz TMP1, >1
-		|	add FCARG1x, REG0, #offsetof(zend_closure, func)
-		|	EXT_CALL zend_jit_init_func_run_time_cache_helper, REG0
-		|1:
+		if (!func) {
+			|	ldrb TMP1w, [REG0, #offsetof(zend_closure, func.type)]
+			|	cmp TMP1w, #ZEND_USER_FUNCTION
+			|	beq >1
+		}
+		if (!func || func->common.type == ZEND_USER_FUNCTION) {
+			|	add FCARG1x, REG0, #offsetof(zend_closure, func)
+			|	EXT_CALL zend_jit_init_func_run_time_cache_helper, REG0
+		}
+		if (!func) {
+			|1:
+		}
 	}
 	|	// ZEND_CALL_NUM_ARGS(call) = num_args;
 	|	LOAD_32BIT_VAL TMP1w, opline->extended_value

ext/opcache/jit/zend_jit_x86.dasc

@@ -9221,11 +9221,17 @@ static int zend_jit_push_call_frame(dasm_State **Dst, const zend_op *opline, con
 		|	or dword EX:RX->This.u1.type_info, edx
 		|	// Z_PTR(call->This) = object_or_called_scope;
 		|	mov aword EX:RX->This.value.ptr, r1
-		|	cmp aword [r0 + offsetof(zend_closure, func.op_array.run_time_cache__ptr)], 0
-		|	jnz >1
-		|	lea FCARG1a, aword [r0 + offsetof(zend_closure, func)]
-		|	EXT_CALL zend_jit_init_func_run_time_cache_helper, r0
-		|1:
+		if (!func) {
+			|	cmp byte [r0 + offsetof(zend_closure, func.type)], ZEND_USER_FUNCTION
+			|	jnz >1
+		}
+		if (!func || func->common.type == ZEND_USER_FUNCTION) {
+			|	lea FCARG1a, aword [r0 + offsetof(zend_closure, func)]
+			|	EXT_CALL zend_jit_init_func_run_time_cache_helper, r0
+		}
+		if (!func) {
+			|1:
+		}
 	}
 	|	// ZEND_CALL_NUM_ARGS(call) = num_args;
 	|	mov dword EX:RX->This.u2.num_args, opline->extended_value