php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixed incorrect type assumption

Browse Source 
Fixes oss-fuzz #63809
This commit is contained in:
Dmitry Stogov
2023-11-02 22:33:01 +03:00
parent bc47e2db80
commit 7aa9ef7d12
2 changed files with 32 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ext/opcache/jit/zend_jit_ir.c
View File

@@ -6446,8 +6446,14 @@ static int zend_jit_assign(zend_jit_ctx *jit,
/* We have to update type of CV because it may be captured by exception backtrace or released on RETURN */
if ((op1_def_info & MAY_BE_ANY) == MAY_BE_LONG) {
jit_set_Z_TYPE_INFO(jit, op1_use_addr, IS_LONG);
if (JIT_G(current_frame)) {
SET_STACK_TYPE(JIT_G(current_frame)->stack, EX_VAR_TO_NUM(Z_OFFSET(op1_use_addr)), IS_LONG, 1);
}
} else if ((op1_def_info & MAY_BE_ANY) == MAY_BE_DOUBLE) {
jit_set_Z_TYPE_INFO(jit, op1_use_addr, IS_DOUBLE);
if (JIT_G(current_frame)) {
SET_STACK_TYPE(JIT_G(current_frame)->stack, EX_VAR_TO_NUM(Z_OFFSET(op1_use_addr)), IS_DOUBLE, 1);
}
} else {
ZEND_UNREACHABLE();
}

26
ext/opcache/tests/jit/reg_alloc_022.phpt Normal file
View File

@@ -0,0 +1,26 @@
--TEST--
Register Alloction 022: Incorrect type assumption
--INI--
opcache.enable=1
opcache.enable_cli=1
opcache.file_update_protection=0
opcache.jit_buffer_size=1M
--FILE--
<?php
function test() {
$a = $b = $x = 0; $c = null;
for ($i = 0; $i < 20; $i++) {
$x .= $b;
$x = $a ? $b : $c;
$a &= $x != $a ? $b : $c;
$x = $a ? $b : $c;
$a &= $x != $a ? $b : $c;
$x != $a ?: $c;
$a--;
}
}
test();
?>
DONE
--EXPECT--
DONE