From a4f1c898dfeb5ae72d9b1aa25640bae715249e82 Mon Sep 17 00:00:00 2001
From: Florian Engelhardt <flo@dotbox.org>
Date: Tue, 22 Jul 2025 10:39:56 +0200
Subject: [PATCH 1/2] reset global pointers to prevent use-after-free

---
 ext/opcache/jit/zend_jit.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/ext/opcache/jit/zend_jit.c b/ext/opcache/jit/zend_jit.c
index 4d2baddb90090..0f38627c4c0b9 100644
--- a/ext/opcache/jit/zend_jit.c
+++ b/ext/opcache/jit/zend_jit.c
@@ -791,7 +791,7 @@ ZEND_EXT_API void zend_jit_status(zval *ret)
 	add_assoc_long(&stats, "kind", JIT_G(trigger));
 	add_assoc_long(&stats, "opt_level", JIT_G(opt_level));
 	add_assoc_long(&stats, "opt_flags", JIT_G(opt_flags));
-	if (dasm_buf) {
+	if (dasm_buf && dasm_end && dasm_ptr) {
 		add_assoc_long(&stats, "buffer_size", (char*)dasm_end - (char*)dasm_buf);
 		add_assoc_long(&stats, "buffer_free", (char*)dasm_end - (char*)*dasm_ptr);
 	} else {
@@ -5087,6 +5087,12 @@ ZEND_EXT_API void zend_jit_shutdown(void)
 #else
 	zend_jit_trace_free_caches(&jit_globals);
 #endif
+
+	// Reset global pointers to prevent use-after-free in Apache reload
+	dasm_ptr = NULL;
+	dasm_buf = NULL;
+	dasm_end = NULL;
+	dasm_size = 0;
 }
 
 static void zend_jit_reset_counters(void)

From c939b91bf9e9f1c46ffde812d1c4196af4b9b1ab Mon Sep 17 00:00:00 2001
From: Florian Engelhardt <flo@dotbox.org>
Date: Tue, 22 Jul 2025 14:42:10 +0200
Subject: [PATCH 2/2] clarify comment

---
 ext/opcache/jit/zend_jit.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/ext/opcache/jit/zend_jit.c b/ext/opcache/jit/zend_jit.c
index 0f38627c4c0b9..f0225b0c7a889 100644
--- a/ext/opcache/jit/zend_jit.c
+++ b/ext/opcache/jit/zend_jit.c
@@ -791,7 +791,7 @@ ZEND_EXT_API void zend_jit_status(zval *ret)
 	add_assoc_long(&stats, "kind", JIT_G(trigger));
 	add_assoc_long(&stats, "opt_level", JIT_G(opt_level));
 	add_assoc_long(&stats, "opt_flags", JIT_G(opt_flags));
-	if (dasm_buf && dasm_end && dasm_ptr) {
+	if (dasm_buf) {
 		add_assoc_long(&stats, "buffer_size", (char*)dasm_end - (char*)dasm_buf);
 		add_assoc_long(&stats, "buffer_free", (char*)dasm_end - (char*)*dasm_ptr);
 	} else {
@@ -5088,7 +5088,9 @@ ZEND_EXT_API void zend_jit_shutdown(void)
 	zend_jit_trace_free_caches(&jit_globals);
 #endif
 
-	// Reset global pointers to prevent use-after-free in Apache reload
+	/* Reset global pointers to prevent use-after-free in `zend_jit_status()`
+	 * after gracefully restarting Apache with mod_php, see:
+	 * https://github.com/php/php-src/pull/19212 */
 	dasm_ptr = NULL;
 	dasm_buf = NULL;
 	dasm_end = NULL;

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/php/php-src/pull/19212.patch" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/php/php-src/pull/19212.patch" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/php/php-src/pull/19212.patch" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/php/php-src/pull/19212.patch" target="_blank">pFad v4 Proxy</a></p></body>
</html>