Skip to content

Commit faa18bb

Browse files
dstogovdstogov
committed
Merge branch 'PHP-8.1'
* PHP-8.1: JIT: Fix incorrect elimination of type store
2 parents fe1f613 + b4ccc52 commit faa18bb

File tree

2 files changed

+35
-3
lines changed

2 files changed

+35
-3
lines changed

ext/opcache/jit/zend_jit.c

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2909,7 +2909,9 @@ static int zend_jit(const zend_op_array *op_array, zend_ssa *ssa, const zend_op
29092909
if (opline->result_type != IS_UNUSED) {
29102910
res_use_info = -1;
29112911

2912-
if (opline->result_type == IS_CV) {
2912+
if (opline->result_type == IS_CV
2913+
&& ssa_op->result_use >= 0
2914+
&& !ssa->vars[ssa_op->result_use].no_val) {
29132915
zend_jit_addr res_use_addr = RES_USE_REG_ADDR();
29142916

29152917
if (Z_MODE(res_use_addr) != IS_REG
@@ -2967,7 +2969,9 @@ static int zend_jit(const zend_op_array *op_array, zend_ssa *ssa, const zend_op
29672969
} else {
29682970
res_use_info = -1;
29692971

2970-
if (opline->result_type == IS_CV) {
2972+
if (opline->result_type == IS_CV
2973+
&& ssa_op->result_use >= 0
2974+
&& !ssa->vars[ssa_op->result_use].no_val) {
29712975
zend_jit_addr res_use_addr = RES_USE_REG_ADDR();
29722976

29732977
if (Z_MODE(res_use_addr) != IS_REG
@@ -3018,7 +3022,9 @@ static int zend_jit(const zend_op_array *op_array, zend_ssa *ssa, const zend_op
30183022
} else {
30193023
res_use_info = -1;
30203024

3021-
if (opline->result_type == IS_CV) {
3025+
if (opline->result_type == IS_CV
3026+
&& ssa_op->result_use >= 0
3027+
&& !ssa->vars[ssa_op->result_use].no_val) {
30223028
zend_jit_addr res_use_addr = RES_USE_REG_ADDR();
30233029

30243030
if (Z_MODE(res_use_addr) != IS_REG

ext/opcache/tests/jit/mul_008.phpt

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
--TEST--
2+
JIT MUL: 008 incorrect elimination of type store
3+
--INI--
4+
opcache.enable=1
5+
opcache.enable_cli=1
6+
opcache.file_update_protection=0
7+
opcache.jit_buffer_size=1M
8+
opcache.protect_memory=1
9+
--SKIPIF--
10+
<?php if (PHP_INT_SIZE != 8) die("skip: 64-bit only"); ?>
11+
--FILE--
12+
<?php
13+
function foo(int $a){
14+
$a=$a%10;
15+
$a=$f=$a*(6158978401740);
16+
$a=$f=$a*(261740);
17+
$a%0;
18+
}
19+
foo(3);
20+
?>
21+
--EXPECTF--
22+
Fatal error: Uncaught DivisionByZeroError: Modulo by zero in %smul_008.php:6
23+
Stack trace:
24+
#0 %smul_008.php(8): foo(%d)
25+
#1 {main}
26+
thrown in %smul_008.php on line 6

0 commit comments

Comments
 (0)