diff --git a/ext/opcache/jit/zend_jit_trace.c b/ext/opcache/jit/zend_jit_trace.c index ece08045a55..5ee54eed118 100644 --- a/ext/opcache/jit/zend_jit_trace.c +++ b/ext/opcache/jit/zend_jit_trace.c @@ -2277,7 +2277,7 @@ propagate_arg: assert(0); } if (opline->opcode == ZEND_ASSIGN_DIM_OP - && ssa_ops[idx].op1_def > 0 + && ssa_ops[idx].op1_def >= 0 && op1_type == IS_ARRAY && (orig_op1_type & IS_TRACE_PACKED) && val_type != IS_UNKNOWN @@ -5096,7 +5096,7 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par zend_may_throw_ex(opline, ssa_op, op_array, ssa, op1_info, op2_info))) { goto jit_failure; } - if (ssa_op->op2_def > 0 + if (ssa_op->op2_def >= 0 && Z_MODE(op2_addr) == IS_REG && ssa->vars[ssa_op->op2_def].no_val) { uint8_t type = (op2_info & MAY_BE_LONG) ? IS_LONG : IS_DOUBLE; @@ -5149,7 +5149,7 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par res_use_info, res_info, res_addr)) { goto jit_failure; } - if (ssa_op->op1_def > 0 + if (ssa_op->op1_def >= 0 && Z_MODE(op1_addr) == IS_REG && ssa->vars[ssa_op->op1_def].no_val) { uint8_t type = (op1_info & MAY_BE_LONG) ? IS_LONG : IS_DOUBLE; @@ -5246,7 +5246,7 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par op1_info, op1_addr, op1_def_addr)) { goto jit_failure; } - if (ssa_op->op1_def > 0 + if (ssa_op->op1_def >= 0 && Z_MODE(op1_addr) == IS_REG && ssa->vars[ssa_op->op1_def].no_val) { uint8_t type = (op1_info & MAY_BE_LONG) ? IS_LONG : IS_DOUBLE; @@ -5826,7 +5826,7 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par RES_REG_ADDR(), val_type)) { goto jit_failure; } - if (ssa_op->result_def > 0 + if (ssa_op->result_def >= 0 && (opline->opcode == ZEND_FETCH_DIM_W || opline->opcode == ZEND_FETCH_LIST_W) && !(op1_info & (MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_LONG|MAY_BE_DOUBLE|MAY_BE_STRING|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF)) && !(op2_info & (MAY_BE_UNDEF|MAY_BE_RESOURCE|MAY_BE_ARRAY|MAY_BE_OBJECT))) {