From 3a8767b0d1dc837917fa62d3e438ba05aa20b2eb Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Wed, 25 Oct 2023 09:42:07 +0300
Subject: [PATCH] Fixed compilation of dead code after assignment property to
 non object

Fixes oss-fuzz #63558
---
 ext/opcache/jit/zend_jit_ir.c             |  4 ++++
 ext/opcache/tests/jit/assign_obj_004.phpt | 17 +++++++++++++++++
 2 files changed, 21 insertions(+)
 create mode 100644 ext/opcache/tests/jit/assign_obj_004.phpt

diff --git a/ext/opcache/jit/zend_jit_ir.c b/ext/opcache/jit/zend_jit_ir.c
index 59092c05d71..b74a9aa102e 100644
--- a/ext/opcache/jit/zend_jit_ir.c
+++ b/ext/opcache/jit/zend_jit_ir.c
@@ -3462,6 +3462,10 @@ static void _zend_jit_merge_smart_branch_inputs(zend_jit_ctx *jit,
 	if (true_label == false_label && true_path && false_path) {
 		ir_MERGE_2(true_path, false_path);
 		_zend_jit_add_predecessor_ref(jit, true_label, jit->b, ir_END());
+	} else if (!true_path && !false_path) {
+		/* dead code */
+		true_path = ir_END();
+		_zend_jit_add_predecessor_ref(jit, true_label, jit->b, true_path);
 	} else {
 		if (true_path) {
 			_zend_jit_add_predecessor_ref(jit, true_label, jit->b, true_path);
diff --git a/ext/opcache/tests/jit/assign_obj_004.phpt b/ext/opcache/tests/jit/assign_obj_004.phpt
new file mode 100644
index 00000000000..2b210bed443
--- /dev/null
+++ b/ext/opcache/tests/jit/assign_obj_004.phpt
@@ -0,0 +1,17 @@
+--TEST--
+JIT ASSIGN_OBJ: Assign property to undefined value
+--INI--
+opcache.enable=1
+opcache.enable_cli=1
+opcache.file_update_protection=0
+opcache.jit_buffer_size=1M
+--FILE--
+<?php
+functiOn foo() {
+    $obj->y = 42;
+    $obj && y;
+}
+?>
+DONE
+--EXPECT--
+DONE