From 94b800182d86cb03f1a62c7d997ce98f48c45dfd Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Thu, 12 Aug 2021 16:05:05 +0300
Subject: [PATCH] Fixed conditional jump on uninitialised value
 (Zend/tests/match/028.phpt failure with function JIT)

---
 ext/opcache/jit/zend_jit_arm64.dasc | 5 +++++
 ext/opcache/jit/zend_jit_x86.dasc   | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/ext/opcache/jit/zend_jit_arm64.dasc b/ext/opcache/jit/zend_jit_arm64.dasc
index e25134ddaa8..a6b4f1a75dd 100644
--- a/ext/opcache/jit/zend_jit_arm64.dasc
+++ b/ext/opcache/jit/zend_jit_arm64.dasc
@@ -9460,6 +9460,11 @@ static int zend_jit_send_val(dasm_State **Dst, const zend_op *opline, uint32_t o
 			|	bne >1
 			|.cold_code
 			|1:
+			if (Z_MODE(op1_addr) == IS_REG) {
+				/* set type to avoid zval_ptr_dtor() on uninitialized value */
+				zend_jit_addr addr = ZEND_ADDR_MEM_ZVAL(ZREG_FP, opline->op1.var);
+				|	SET_ZVAL_TYPE_INFO addr, IS_UNDEF, TMP1w, TMP2
+			}
 			|	SET_EX_OPLINE opline, REG0
 			|	b ->throw_cannot_pass_by_ref
 			|.code
diff --git a/ext/opcache/jit/zend_jit_x86.dasc b/ext/opcache/jit/zend_jit_x86.dasc
index 399fee3ab7c..27965c6bd94 100644
--- a/ext/opcache/jit/zend_jit_x86.dasc
+++ b/ext/opcache/jit/zend_jit_x86.dasc
@@ -10091,6 +10091,11 @@ static int zend_jit_send_val(dasm_State **Dst, const zend_op *opline, uint32_t o
 			|	jnz >1
 			|.cold_code
 			|1:
+			if (Z_MODE(op1_addr) == IS_REG) {
+				/* set type to avoid zval_ptr_dtor() on uninitialized value */
+				zend_jit_addr addr = ZEND_ADDR_MEM_ZVAL(ZREG_FP, opline->op1.var);
+				|	SET_ZVAL_TYPE_INFO addr, IS_UNDEF
+			}
 			|	SET_EX_OPLINE opline, r0
 			|	jmp ->throw_cannot_pass_by_ref
 			|.code