Commit 95e93b85fa3 for php.net
commit 95e93b85fa30b535922726f3e951a382c6ab40e8
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date: Wed Apr 8 00:00:25 2026 +0200
Fix faulty zend_try handling in zend_jit_trace()
diff --git a/NEWS b/NEWS
index 92cc9be453d..84ef07ea11e 100644
--- a/NEWS
+++ b/NEWS
@@ -23,6 +23,7 @@ PHP NEWS
zend_jit_use_reg). (Arnaud)
. Fixed bug GH-21593 (Borked function JIT JMPNZ smart branch). (ilutov)
. Fixed bug GH-21460 (COND optimization regression). (Dmitry, Arnaud)
+ . Fixed faulty returns out of zend_try block in zend_jit_trace(). (ilutov)
- OpenSSL:
. Fix a bunch of memory leaks and crashes on edge cases. (ndossche)
diff --git a/ext/opcache/jit/zend_jit_trace.c b/ext/opcache/jit/zend_jit_trace.c
index b5d980ca5af..32096741905 100644
--- a/ext/opcache/jit/zend_jit_trace.c
+++ b/ext/opcache/jit/zend_jit_trace.c
@@ -5167,7 +5167,7 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par
&& ssa->vars[ssa_op->op2_def].use_chain < 0
&& !ssa->vars[ssa_op->op2_def].phi_use_chain) {
if (!zend_jit_store_type(&ctx, var_num, type)) {
- return 0;
+ goto jit_failure;
}
SET_STACK_TYPE(stack, var_num, type, 1);
}
@@ -5220,7 +5220,7 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par
&& ssa->vars[ssa_op->op1_def].use_chain < 0
&& !ssa->vars[ssa_op->op1_def].phi_use_chain) {
if (!zend_jit_store_type(&ctx, var_num, type)) {
- return 0;
+ goto jit_failure;
}
SET_STACK_TYPE(stack, var_num, type, 1);
}
@@ -5317,7 +5317,7 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par
&& ssa->vars[ssa_op->op1_def].use_chain < 0
&& !ssa->vars[ssa_op->op1_def].phi_use_chain) {
if (!zend_jit_store_type(&ctx, var_num, type)) {
- return 0;
+ goto jit_failure;
}
SET_STACK_TYPE(stack, var_num, type, 1);
}
@@ -6539,7 +6539,7 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par
var_num = EX_VAR_TO_NUM(var_num);
if (!zend_jit_store_type(&ctx, var_num, type)) {
- return 0;
+ goto jit_failure;
}
SET_STACK_TYPE(stack, var_num, type, 1);
}
@@ -7179,7 +7179,7 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par
&& type != STACK_MEM_TYPE(stack, i)
&& zend_jit_trace_must_store_type(op_array, op_array_ssa, opline - op_array->opcodes, i, type)) {
if (!zend_jit_store_type(jit, i, type)) {
- return 0;
+ goto jit_failure;
}
SET_STACK_TYPE(stack, i, type, 1);
}
@@ -7301,11 +7301,11 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par
zend_string_release(name);
}
+jit_cleanup:;
} zend_catch {
do_bailout = 1;
} zend_end_try();
-jit_cleanup:
/* Clean up used op_arrays */
while (num_op_arrays > 0) {
op_array = op_arrays[--num_op_arrays];