Skip to content

Commit 5762fc5

Browse files
dstogovdstogov
committed
Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0: Tracing JIT: Fix incorrect guard elimination
2 parents 6427c4b + c9c51eb commit 5762fc5

File tree

2 files changed

+57
-5
lines changed

2 files changed

+57
-5
lines changed

ext/opcache/jit/zend_jit_trace.c

Lines changed: 32 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1085,6 +1085,9 @@ static int is_checked_guard(const zend_ssa *tssa, const zend_op **ssa_opcodes, u
10851085
&& (tssa->var_info[tssa->ops[idx].op1_use].type & MAY_BE_STRING)) {
10861086
return 0;
10871087
}
1088+
if (!(tssa->var_info[tssa->ops[idx].op1_use].type & (MAY_BE_LONG|MAY_BE_DOUBLE))) {
1089+
return 0;
1090+
}
10881091
return 1;
10891092
} else if (opline->opcode == ZEND_ASSIGN_OP
10901093
&& (opline->extended_value == ZEND_ADD
@@ -1113,11 +1116,7 @@ static int is_checked_guard(const zend_ssa *tssa, const zend_op **ssa_opcodes, u
11131116
const zend_op *opline = ssa_opcodes[idx];
11141117
if (opline->opcode == ZEND_ADD
11151118
|| opline->opcode == ZEND_SUB
1116-
|| opline->opcode == ZEND_MUL
1117-
|| opline->opcode == ZEND_PRE_DEC
1118-
|| opline->opcode == ZEND_PRE_INC
1119-
|| opline->opcode == ZEND_POST_DEC
1120-
|| opline->opcode == ZEND_POST_INC) {
1119+
|| opline->opcode == ZEND_MUL) {
11211120
if ((opline->op1_type & (IS_VAR|IS_CV))
11221121
&& tssa->ops[idx].op1_use >= 0
11231122
&& (tssa->var_info[tssa->ops[idx].op1_use].type & MAY_BE_REF)) {
@@ -1128,6 +1127,34 @@ static int is_checked_guard(const zend_ssa *tssa, const zend_op **ssa_opcodes, u
11281127
&& (tssa->var_info[tssa->ops[idx].op2_use].type & MAY_BE_REF)) {
11291128
return 0;
11301129
}
1130+
if (opline->op1_type == IS_CONST) {
1131+
zval *zv = RT_CONSTANT(opline, opline->op1);
1132+
if (Z_TYPE_P(zv) != IS_LONG && Z_TYPE_P(zv) != IS_DOUBLE) {
1133+
return 0;
1134+
}
1135+
} else if (!(tssa->var_info[tssa->ops[idx].op1_use].type & (MAY_BE_LONG|MAY_BE_DOUBLE))) {
1136+
return 0;
1137+
}
1138+
if (opline->op2_type == IS_CONST) {
1139+
zval *zv = RT_CONSTANT(opline, opline->op2);
1140+
if (Z_TYPE_P(zv) != IS_LONG && Z_TYPE_P(zv) != IS_DOUBLE) {
1141+
return 0;
1142+
}
1143+
} else if (!(tssa->var_info[tssa->ops[idx].op2_use].type & (MAY_BE_LONG|MAY_BE_DOUBLE))) {
1144+
return 0;
1145+
}
1146+
} else if (opline->opcode == ZEND_PRE_DEC
1147+
|| opline->opcode == ZEND_PRE_INC
1148+
|| opline->opcode == ZEND_POST_DEC
1149+
|| opline->opcode == ZEND_POST_INC) {
1150+
if ((opline->op1_type & (IS_VAR|IS_CV))
1151+
&& tssa->ops[idx].op1_use >= 0
1152+
&& (tssa->var_info[tssa->ops[idx].op1_use].type & MAY_BE_REF)) {
1153+
return 0;
1154+
}
1155+
if (!(tssa->var_info[tssa->ops[idx].op1_use].type & (MAY_BE_LONG|MAY_BE_DOUBLE))) {
1156+
return 0;
1157+
}
11311158
return 1;
11321159
}
11331160
}

ext/opcache/tests/jit/add_014.phpt

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
--TEST--
2+
JIT ADD: 014 incorrect guard elimination
3+
--INI--
4+
opcache.enable=1
5+
opcache.enable_cli=1
6+
opcache.file_update_protection=0
7+
opcache.jit_buffer_size=1M
8+
--FILE--
9+
<?php
10+
function test() {
11+
$s = null;
12+
$i = $a + $a = $j = 2;
13+
for ($a = 0; $i < 20; $a = !$a + $s .= 0xfff0001/34028236692903846346336*6) {
14+
$a = !$a + $a &= 74444444 - 444 >> 4 - $j++;
15+
if ($j > 14) break;
16+
}
17+
}
18+
try {
19+
@test();
20+
} catch (Throwable $e) {
21+
echo $e->getMessage() . "\n";
22+
}
23+
?>
24+
--EXPECT--
25+
Bit shift by negative number

0 commit comments

Comments
 (0)