fix(tracing): sandbox should save/restore jit_trace_num

[morrisonlevi]

Description

Fixes a PHP 8 tracing-JIT crash after sandboxed hook bailouts.

AppSec/RASP can trigger a zend_bailout() when it blocks a request during a hooked call. That bailout skips PHP’s normal EG(jit_trace_num) restore in zend_call_function(). ddtrace’s sandbox restored current_execute_data, but not jit_trace_num, leaving the JIT with a stale trace id.

A later JIT side exit could then read exit metadata from the wrong trace and crash.

Reviewer checklist

• Test coverage seems ok.
• Appropriate labels assigned.

[datadog-prod-us1-4]

 

✨ Fix all issues with BitsAI or with Cursor

⚠️ Warnings

🚦 14 Pipeline jobs failed

DataDog/apm-reliability/dd-trace-php | ASAN Opcache tests: [8.5]     

DataDog/apm-reliability/dd-trace-php | ASAN test_c with multiple observers: [8.4]     

DataDog/apm-reliability/dd-trace-php | ASAN test_c with multiple observers: [8.5]     

View all 14 failed jobs.

❄️ 1 New flaky test detected

tmp/build_extension/tests/opcache/jit_trace_num_bailout.phpt ([Sandbox regression] Bailout in a hot hook closure restores the active JIT trace) from php.tmp.build_extension.tests.opcache   (Fix with Cursor)

001- ok
001+ AddressSanitizer:DEADLYSIGNAL
002+ =================================================================
003+ ==409==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000078 (pc 0x000049400942 bp 0x7ffe9945b8c0 sp 0x7ffe9945b7e0 T0)
004+ ==409==The signal is caused by a READ memory access.
005+ ==409==Hint: address points to the zero page.
006+ /usr/bin/llvm-symbolizer-20: error: '/dev/zero (deleted)': No such file or directory
007+     #0 0x000049400942  (/dev/zero (deleted)+0x8000942)
008+     #1 0x59259b7e2f9c in zend_execute /usr/local/src/php/Zend/zend_vm_execute.h:121914:2
009+     #2 0x59259be93cdb in zend_execute_script /usr/local/src/php/Zend/zend.c:1977:3
...

New test introduced in this PR is flaky.

View in Flaky Test Management

ℹ️ Info

No other issues found (see more)

🧪 All tests passed

Useful? React with 👍 / 👎

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: a175a4a | Docs | Datadog PR Page | Give us feedback!}

[bwoebi]

LGTM assuming CI passes.

[pr-commenter]

Benchmarks [ tracer ]

Benchmark execution time: 2026-06-08 21:51:07

Comparing candidate commit a175a4a in PR branch levi/sandbox-jit_trace_num with baseline commit 5c5fdb8 in branch master.

Found 0 performance improvements and 6 performance regressions! Performance is the same for 188 metrics, 0 unstable metrics.

Explanation

This is an A/B test comparing a candidate commit's performance against that of a baseline commit. Performance changes are noted in the tables below as:

• 🟩 = significantly better candidate vs. baseline
• 🟥 = significantly worse candidate vs. baseline

We compute a confidence interval (CI) over the relative difference of means between metrics from the candidate and baseline commits, considering the baseline as the reference.

If the CI is entirely outside the configured SIGNIFICANT_IMPACT_THRESHOLD (or the deprecated UNCONFIDENCE_THRESHOLD), the change is considered significant.

Feel free to reach out to #apm-benchmarking-platform on Slack if you have any questions.

More details about the CI and significant changes

You can imagine this CI as a range of values that is likely to contain the true difference of means between the candidate and baseline commits.

CIs of the difference of means are often centered around 0%, because often changes are not that big:

---------------------------------(------|---^--------)-------------------------------->
                              -0.6%    0%  0.3%     +1.2%
                                 |          |        |
         lower bound of the CI --'          |        |
sample mean (center of the CI) -------------'        |
         upper bound of the CI ----------------------'

As described above, a change is considered significant if the CI is entirely outside the configured SIGNIFICANT_IMPACT_THRESHOLD (or the deprecated UNCONFIDENCE_THRESHOLD).

For instance, for an execution time metric, this confidence interval indicates a significantly worse performance:

----------------------------------------|---------|---(---------^---------)---------->
                                       0%        1%  1.3%      2.2%      3.1%
                                                  |   |         |         |
       significant impact threshold --------------'   |         |         |
                      lower bound of CI --------------'         |         |
       sample mean (center of the CI) --------------------------'         |
                      upper bound of CI ----------------------------------'

scenario:EmptyFileBench/benchEmptyFileBaseline-opcache

• 🟥 execution_time [+77.910µs; +323.450µs] or [+2.409%; +10.000%]

scenario:EmptyFileBench/benchEmptyFileOverhead-opcache

• 🟥 execution_time [+101.332µs; +292.728µs] or [+2.984%; +8.621%]

scenario:SamplingRuleMatchingBench/benchRegexMatching1

• 🟥 execution_time [+72.239ns; +141.761ns] or [+4.927%; +9.669%]

scenario:SamplingRuleMatchingBench/benchRegexMatching2

• 🟥 execution_time [+61.157ns; +148.643ns] or [+4.133%; +10.046%]

scenario:SamplingRuleMatchingBench/benchRegexMatching3

• 🟥 execution_time [+88.600ns; +149.400ns] or [+6.068%; +10.232%]

scenario:SamplingRuleMatchingBench/benchRegexMatching4

• 🟥 execution_time [+89.620ns; +176.580ns] or [+6.157%; +12.132%]

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a175a4a857

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Avoid using E_USER_ERROR for the bailout regression

On PHP 8.4+ this trigger_error(..., E_USER_ERROR) first emits the new deprecation for using E_USER_ERROR; because the sandbox installs EH_THROW, that deprecation is converted into an exception before the fatal error bailout is reached. In those environments the test can still print ok, but it no longer exercises the zend_bailout() path or the restored EG(jit_trace_num), so the regression this test is meant to catch would slip through.

Useful? React with 👍 / 👎.