From: Dmitry Stogov <dmitry@zend.com>
Date: Fri, 10 Apr 2020 11:42:26 +0000 (+0300)
Subject: Fixed overflow handling
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d3dda1e0f10c00d6f62891685ad0b5662fd34393;p=php

Fixed overflow handling
---

diff --git a/ext/opcache/jit/zend_jit_trace.c b/ext/opcache/jit/zend_jit_trace.c
index 01ea6fa977..e42970b97d 100644
--- a/ext/opcache/jit/zend_jit_trace.c
+++ b/ext/opcache/jit/zend_jit_trace.c
@@ -1899,6 +1899,10 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par
 								ssa->var_info[ssa_op->result_def].type &= ~MAY_BE_GUARD;
 							}
 						}
+						if (opline->result_type != IS_UNUSED
+						 && (res_info & (MAY_BE_ANY|MAY_BE_GUARD)) == (MAY_BE_LONG|MAY_BE_GUARD)) {
+							ssa->var_info[ssa_op->result_def].type &= ~MAY_BE_GUARD;
+						}
 						goto done;
 					case ZEND_BW_OR:
 					case ZEND_BW_AND:
diff --git a/ext/opcache/jit/zend_jit_x86.dasc b/ext/opcache/jit/zend_jit_x86.dasc
index 7fa4f108ea..df9c52ab43 100644
--- a/ext/opcache/jit/zend_jit_x86.dasc
+++ b/ext/opcache/jit/zend_jit_x86.dasc
@@ -3411,10 +3411,14 @@ static int zend_jit_inc_dec(dasm_State **Dst, const zend_op *opline, const zend_
 		|	LONG_OP_WITH_CONST sub, op1_def_addr, Z_L(1)
 	}
 
-	if (may_overflow && (op1_def_info & MAY_BE_GUARD)) {
+	if (may_overflow && ((op1_def_info & MAY_BE_GUARD) || (opline->result_type != IS_UNUSED && (res_info & MAY_BE_GUARD)))) {
 		int32_t exit_point = zend_jit_trace_get_exit_point(opline, opline, NULL);
 		const void *exit_addr = zend_jit_trace_get_exit_addr(exit_point);
 		|	jo &exit_addr
+		if ((opline->opcode == ZEND_PRE_INC || opline->opcode == ZEND_PRE_DEC) &&
+		    opline->result_type != IS_UNUSED) {
+			|	ZVAL_COPY_VALUE res_addr, res_use_info, op1_def_addr, MAY_BE_LONG, ZREG_R0, ZREG_R1
+		}
 	} else if (may_overflow) {
 		|	jo >1
 		if ((opline->opcode == ZEND_PRE_INC || opline->opcode == ZEND_PRE_DEC) &&