From: Xinchen Hui <laruence@gmail.com>
Date: Sun, 21 May 2017 12:44:09 +0000 (+0800)
Subject: Fixed segfult in JIT (emalloc may trigger memory limitation)
X-Git-Tag: php-7.2.0alpha1~57^2~44
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=26a6d20ab50b47291eba0870a36c59f1840df602;p=php

Fixed segfult in JIT (emalloc may trigger memory limitation)

Zend/tests/bug68412.phpt
---

diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h
index 2ee71084e9..db1c3710c5 100644
--- a/Zend/zend_vm_def.h
+++ b/Zend/zend_vm_def.h
@@ -7783,6 +7783,8 @@ ZEND_VM_HANDLER(158, ZEND_CALL_TRAMPOLINE, ANY, ANY)
 	zend_execute_data *call;
 	USE_OPLINE
 
+	SAVE_OPLINE();
+
 	args = emalloc(sizeof(zend_array));
 	zend_hash_init(args, num_args, NULL, ZVAL_PTR_DTOR, 0);
 	if (num_args) {
@@ -7798,7 +7800,6 @@ ZEND_VM_HANDLER(158, ZEND_CALL_TRAMPOLINE, ANY, ANY)
 		} ZEND_HASH_FILL_END();
 	}
 
-	SAVE_OPLINE();
 	call = execute_data;
 	execute_data = EG(current_execute_data) = EX(prev_execute_data);
 
diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h
index c7c28e78f7..dd2a612fb8 100644
--- a/Zend/zend_vm_execute.h
+++ b/Zend/zend_vm_execute.h
@@ -1906,6 +1906,8 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_CALL_TRAMPOLINE_SPEC_HANDLER(Z
 	zend_execute_data *call;
 	USE_OPLINE
 
+	SAVE_OPLINE();
+
 	args = emalloc(sizeof(zend_array));
 	zend_hash_init(args, num_args, NULL, ZVAL_PTR_DTOR, 0);
 	if (num_args) {
@@ -1921,7 +1923,6 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_CALL_TRAMPOLINE_SPEC_HANDLER(Z
 		} ZEND_HASH_FILL_END();
 	}
 
-	SAVE_OPLINE();
 	call = execute_data;
 	execute_data = EG(current_execute_data) = EX(prev_execute_data);