|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2020-03-09 10:52 UTC] nikic@php.net
Description:
------------
The attached reduction is miscompiled, resulting in incorrect dependency resolution in composer.
Test script:
---------------
<?php
function test($x, $y)
{
return ($x && $y && unimportant()) ||
($x < 0 && unimportant());
}
var_dump(test(1, []));
Expected result:
----------------
bool(false)
Actual result:
--------------
UNKNOWN:0
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Fri May 09 13:01:28 2025 UTC |
Slightly better reduction: <?php function test(int $x) { return ($x > 0xdead && unimportant()) || ($x < 0xbeef && unimportant()); } var_dump(test(0xcccc)); We see #7.T2 [bool] RANGE[0..1] = IS_SMALLER #6.CV0($x) [long] RANGE[-9223372036854775808..9223372036854775807] int(48879) #8.T1 [bool] RANGE[0..1] = JMPZ_EX #7.T2 [bool] RANGE[0..1] BB7 BB5: follow lines=[8-9] and .L17: mov 0x50(%r14), %rax cmp $0xbeef, %rax setl %al movzx %al, %eax lea 0x2(%rax), %eax mov %eax, 0x78(%r14) jge .L31 where 0x78 is T2. We should be either writing directly to T1 at 0x68, or copying from T2 to T1.