From: Dmitry Stogov <dmitry@zend.com>
Date: Thu, 4 Jun 2020 11:04:21 +0000 (+0300)
Subject: Add guard for FETCH_DIM_FUNC_ARG
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=58801f7142861bdd3c7b8c7dc39a75a532dd25bf;p=php

Add guard for FETCH_DIM_FUNC_ARG
---

diff --git a/ext/opcache/jit/zend_jit_trace.c b/ext/opcache/jit/zend_jit_trace.c
index 7ffa894b90..d0430ccef5 100644
--- a/ext/opcache/jit/zend_jit_trace.c
+++ b/ext/opcache/jit/zend_jit_trace.c
@@ -1412,6 +1412,16 @@ static zend_ssa *zend_jit_trace_build_tssa(zend_jit_trace_rec *trace_buffer, uin
 				case ZEND_QM_ASSIGN:
 					ADD_OP1_TRACE_GUARD();
 					break;
+				case ZEND_FETCH_DIM_FUNC_ARG:
+					if (!frame
+					 || !frame->call
+					 || !frame->call->func
+					 || !TRACE_FRAME_IS_LAST_SEND_BY_VAL(frame->call)) {
+						break;
+					}
+					ADD_OP2_TRACE_GUARD();
+					ADD_OP1_TRACE_GUARD();
+					break;
 				case ZEND_PRE_INC:
 				case ZEND_PRE_DEC:
 				case ZEND_POST_INC:
@@ -1523,6 +1533,19 @@ propagate_arg:
 						return_value_info.type &= ~MAY_BE_GUARD;
 					}
 					break;
+				case ZEND_CHECK_FUNC_ARG:
+					if (frame
+					 && frame->call
+					 && frame->call->func) {
+						uint32_t arg_num = opline->op2.num;
+
+						if (ARG_SHOULD_BE_SENT_BY_REF(frame->call->func, arg_num)) {
+							TRACE_FRAME_SET_LAST_SEND_BY_REF(frame->call);
+						} else {
+							TRACE_FRAME_SET_LAST_SEND_BY_VAL(frame->call);
+						}
+					}
+					break;
 				default:
 					break;
 			}