From 3ffe2cd251731d68493becf8ebbe6312ee86bb8d Mon Sep 17 00:00:00 2001
From: Nikita Popov <nikita.ppv@gmail.com>
Date: Fri, 14 Apr 2017 21:58:35 +0200
Subject: [PATCH] Fixed bug #74431

If the last instruction in a block is a NOP, then `new_opline`
here won't be a copy of `opline`, it will be a copy of the last
non-NOP opline. Avoid performing a spurious update by explicitly
checking for NOP.
---
 NEWS                             | 3 +++
 ext/opcache/Optimizer/dfa_pass.c | 6 +++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index 29b5d08fb0..9953a67316 100644
--- a/NEWS
+++ b/NEWS
@@ -37,6 +37,9 @@ PHP                                                                        NEWS
     microseconds/fractions). (Andrew Nester)
   . Fixed bug #74433 (wrong reflection for Normalizer methods). (villfa)
 
+- Opcache:
+  . Fixed bug #74431 (foreach infinite loop). (Nikita)
+
 - OpenSSL:
   . Fixed bug #74341 (openssl_x509_parse fails to parse ASN.1 UTCTime without
     seconds). (Moritz Fain)
diff --git a/ext/opcache/Optimizer/dfa_pass.c b/ext/opcache/Optimizer/dfa_pass.c
index 55915e70a9..4e4260660c 100644
--- a/ext/opcache/Optimizer/dfa_pass.c
+++ b/ext/opcache/Optimizer/dfa_pass.c
@@ -162,8 +162,12 @@ static void zend_ssa_remove_nops(zend_op_array *op_array, zend_ssa *ssa)
 				zend_op *opline;
 				zend_op *new_opline;
 
-				opline = op_array->opcodes + end - 1;
 				b->len = target - b->start;
+				opline = op_array->opcodes + end - 1;
+				if (opline->opcode == ZEND_NOP) {
+					continue;
+				}
+
 				new_opline = op_array->opcodes + target - 1;
 				switch (new_opline->opcode) {
 					case ZEND_JMP:
-- 
2.40.0