JIT: Fixed incorrect code generation for JMPZ

Author: dstogov

ext/opcache/jit/zend_jit_trace.c

@@ -1638,13 +1638,6 @@ static zend_ssa *zend_jit_trace_build_tssa(zend_jit_trace_rec *trace_buffer, uin
 					break;
 				case ZEND_JMPZ:
 				case ZEND_JMPNZ:
-					if (/*opline > op_array->opcodes + ssa->cfg.blocks[b].start && ??? */
-					    opline->op1_type == IS_TMP_VAR &&
-					    ((opline-1)->result_type & (IS_SMART_BRANCH_JMPZ|IS_SMART_BRANCH_JMPNZ)) != 0) {
-						/* smart branch */
-						break;
-					}
-					/* break missing intentionally */
 				case ZEND_JMPZNZ:
 				case ZEND_JMPZ_EX:
 				case ZEND_JMPNZ_EX:
@@ -5003,13 +4996,6 @@ static const void *zend_jit_trace(zend_jit_trace_rec *trace_buffer, uint32_t par
 						goto done;
 					case ZEND_JMPZ:
 					case ZEND_JMPNZ:
-						if (/*opline > op_array->opcodes + ssa->cfg.blocks[b].start && ??? */
-						    opline->op1_type == IS_TMP_VAR &&
-						    ((opline-1)->result_type & (IS_SMART_BRANCH_JMPZ|IS_SMART_BRANCH_JMPNZ)) != 0) {
-							/* smart branch */
-							break;
-						}
-						/* break missing intentionally */
 					case ZEND_JMPZNZ:
 					case ZEND_JMPZ_EX:
 					case ZEND_JMPNZ_EX:

ext/opcache/jit/zend_jit_x86.dasc

@@ -15465,10 +15465,20 @@ static zend_bool zend_jit_opline_supports_reg(const zend_op_array *op_array, zen
 		case ZEND_POST_DEC:
 			op1_info = OP1_INFO();
 			return opline->op1_type == IS_CV && !(op1_info & ((MAY_BE_ANY|MAY_BE_REF|MAY_BE_UNDEF) - MAY_BE_LONG));
-		case ZEND_BOOL:
-		case ZEND_BOOL_NOT:
 		case ZEND_JMPZ:
 		case ZEND_JMPNZ:
+			if (JIT_G(trigger) != ZEND_JIT_ON_HOT_TRACE) {
+				if (!ssa->cfg.map) {
+					return 0;
+				}
+				if (opline > op_array->opcodes + ssa->cfg.blocks[ssa->cfg.map[opline-op_array->opcodes]].start &&
+				    ((opline-1)->result_type & (IS_SMART_BRANCH_JMPZ|IS_SMART_BRANCH_JMPNZ)) != 0) {
+					return 0;
+				}
+			}
+			/* break missing intentionally */
+		case ZEND_BOOL:
+		case ZEND_BOOL_NOT:
 		case ZEND_JMPZNZ:
 		case ZEND_JMPZ_EX:
 		case ZEND_JMPNZ_EX:

ext/opcache/tests/jit/jmpz_002.phpt

@@ -0,0 +1,20 @@
+--TEST--
+JIT JMPZ: Separate JMPZ for "smart branch" may be only emitted by function JIT
+--INI--
+opcache.enable=1
+opcache.enable_cli=1
+opcache.file_update_protection=0
+opcache.jit_buffer_size=1M
+opcache.protect_memory=1
+--FILE--
+<?php
+function test($b) {
+    if ($b ? 0 : (X>0)){
+        echo "Not taken\n";
+    }
+}
+test(true); 
+?>
+DONE
+--EXPECT--
+DONE