Fixed bug #79864 (JIT segfault in Symfony OptionsResolver)

diff --git a/NEWS b/NEWS
index 1d9668625e929ba7688f2b7abfaedfd0d30f2cd3..660644e8b819c91371bd0a052f227cf78060e61b 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,8 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? ????, PHP 8.0.0beta1
 
+- JIT:
+  . Fixed bug #79864 (JIT segfault in Symfony OptionsResolver). (Dmitry)
 
 23 Jul 2020, PHP 8.0.0alpha3
 

diff --git a/ext/opcache/jit/zend_jit.c b/ext/opcache/jit/zend_jit.c
index 74f63c53a4f1f28f9365f699a31565cbb5d7404a..48a04735da552b56c894c68b243e959a7e7d5771 100644 (file)
--- a/ext/opcache/jit/zend_jit.c
+++ b/ext/opcache/jit/zend_jit.c
@@ -3029,6 +3029,17 @@ static int zend_jit(const zend_op_array *op_array, zend_ssa *ssa, const zend_op
                                                        zend_may_throw(opline, ssa_op, op_array, ssa))) {
                                                goto jit_failure;
                                        }
+                                       if (i == end
+                                        && (opline->result_type & (IS_SMART_BRANCH_JMPZ|IS_SMART_BRANCH_JMPNZ)) != 0) {
+                                               /* smart branch split across basic blocks */
+                                               if (!zend_jit_cond_jmp(&dasm_state, opline + 2, ssa->cfg.blocks[b+1].successors[0])) {
+                                                       goto jit_failure;
+                                               }
+                                               if (!zend_jit_jmp(&dasm_state, ssa->cfg.blocks[b+1].successors[1])) {
+                                                       goto jit_failure;
+                                               }
+                                               is_terminated = 1;
+                                       }
                        }
 done:
                        switch (opline->opcode) {