From fe513655dc0d5966512ad034617fc3acddfdd962 Mon Sep 17 00:00:00 2001 From: Dmitry Stogov Date: Mon, 21 Oct 2024 14:50:50 +0300 Subject: [PATCH] Fix GH-16499: [JIT] Undefined to null coercion issues for return --- Zend/Optimizer/zend_inference.c | 3 +++ ext/opcache/jit/zend_jit_helpers.c | 6 ++++++ ext/opcache/tests/jit/gh16499.phpt | 28 ++++++++++++++++++++++++++++ 3 files changed, 37 insertions(+) create mode 100644 ext/opcache/tests/jit/gh16499.phpt diff --git a/Zend/Optimizer/zend_inference.c b/Zend/Optimizer/zend_inference.c index 322c10e6eeb..39e04cd941f 100644 --- a/Zend/Optimizer/zend_inference.c +++ b/Zend/Optimizer/zend_inference.c @@ -3895,6 +3895,9 @@ static zend_always_inline zend_result _zend_update_type_info( } else { zend_arg_info *ret_info = op_array->arg_info - 1; tmp = zend_fetch_arg_info_type(script, ret_info, &ce); + if ((tmp & MAY_BE_NULL) && opline->op1_type == IS_CV) { + tmp |= MAY_BE_UNDEF; + } tmp |= (t1 & MAY_BE_INDIRECT); // TODO: We could model more precisely how illegal types are converted. diff --git a/ext/opcache/jit/zend_jit_helpers.c b/ext/opcache/jit/zend_jit_helpers.c index 69c7ca3a537..c4f09bd15cd 100644 --- a/ext/opcache/jit/zend_jit_helpers.c +++ b/ext/opcache/jit/zend_jit_helpers.c @@ -1828,6 +1828,12 @@ static bool ZEND_FASTCALL zend_jit_verify_arg_slow(zval *arg, zend_arg_info *arg static void ZEND_FASTCALL zend_jit_verify_return_slow(zval *arg, const zend_op_array *op_array, zend_arg_info *arg_info, void **cache_slot) { + if (Z_TYPE_P(arg) == IS_NULL) { + ZEND_ASSERT(ZEND_TYPE_IS_SET(arg_info->type)); + if (EXPECTED(ZEND_TYPE_CONTAINS_CODE(arg_info->type, IS_NULL))) { + return; + } + } if (UNEXPECTED(!zend_check_user_type_slow( &arg_info->type, arg, /* ref */ NULL, cache_slot, /* is_return_type */ true))) { zend_verify_return_error((zend_function*)op_array, arg); diff --git a/ext/opcache/tests/jit/gh16499.phpt b/ext/opcache/tests/jit/gh16499.phpt new file mode 100644 index 00000000000..6aec1012ab5 --- /dev/null +++ b/ext/opcache/tests/jit/gh16499.phpt @@ -0,0 +1,28 @@ +--TEST-- +GH-16499 (Undefined to null coercion issues for return) +--EXTENSIONS-- +opcache +--INI-- +opcache.jit_buffer_size=64M +--FILE-- + +--EXPECTF-- +Warning: Undefined variable $i in %sgh16499.php on line 6 + +Warning: Undefined variable $i in %sgh16499.php on line 6 +NULL + +Warning: Undefined variable $i in %sgh16499.php on line 6 + +Warning: Undefined variable $i in %sgh16499.php on line 6 +NULL \ No newline at end of file