From fae6bedea5e094a1f6ddbd1a4453eaea340d1855 Mon Sep 17 00:00:00 2001
From: Bob Weinand <bobwei9@hotmail.com>
Date: Thu, 18 Jun 2015 15:58:46 +0200
Subject: [PATCH] Fix bug #69871 (short-circuiting failure with smart_branch)

---
 Zend/tests/bug69871.phpt | 15 +++++++++++++++
 Zend/zend_execute.c      | 16 ++++++++++++++--
 2 files changed, 29 insertions(+), 2 deletions(-)
 create mode 100644 Zend/tests/bug69871.phpt

diff --git a/Zend/tests/bug69871.phpt b/Zend/tests/bug69871.phpt
new file mode 100644
index 0000000000..7b87a7507c
--- /dev/null
+++ b/Zend/tests/bug69871.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Bug #69871 (Short-circuiting failure with smart_branch)
+--FILE--
+<?php
+
+$a = true;
+if (isset($a) && 0) {
+	var_dump(true);
+} else {
+	var_dump(false);
+}
+
+?>
+--EXPECT--
+bool(false)
diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c
index 9190eff2c3..27274d334d 100644
--- a/Zend/zend_execute.c
+++ b/Zend/zend_execute.c
@@ -2428,9 +2428,21 @@ static zend_always_inline zend_generator *zend_get_running_generator(zend_execut
 # define ZEND_VM_SMART_BRANCH(_result, _check) do { \
 		int __result; \
 		if (EXPECTED((opline+1)->opcode == ZEND_JMPZ)) { \
-			__result = (_result); \
+			if (UNEXPECTED((opline+1)->op1_type == IS_CONST)) { \
+				zend_uchar __type = Z_TYPE_P(EX_CONSTANT((opline+1)->op1)); \
+				ZEND_ASSERT(__type == IS_TRUE || __type == IS_FALSE); /* assume boolean */ \
+				__result = __type == IS_TRUE; \
+			} else { \
+				__result = (_result); \
+			} \
 		} else if (EXPECTED((opline+1)->opcode == ZEND_JMPNZ)) { \
-			__result = !(_result); \
+			if (UNEXPECTED((opline+1)->op1_type == IS_CONST)) { \
+				zend_uchar __type = Z_TYPE_P(EX_CONSTANT((opline+1)->op1)); \
+				ZEND_ASSERT(__type == IS_TRUE || __type == IS_FALSE); /* assume boolean */ \
+				__result = __type != IS_TRUE; \
+			} else { \
+				__result = !(_result); \
+			} \
 		} else { \
 			break; \
 		} \
-- 
2.40.0