From 58801f7142861bdd3c7b8c7dc39a75a532dd25bf Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Thu, 4 Jun 2020 14:04:21 +0300
Subject: [PATCH] Add guard for FETCH_DIM_FUNC_ARG

---
 ext/opcache/jit/zend_jit_trace.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/ext/opcache/jit/zend_jit_trace.c b/ext/opcache/jit/zend_jit_trace.c
index 7ffa894b90..d0430ccef5 100644
--- a/ext/opcache/jit/zend_jit_trace.c
+++ b/ext/opcache/jit/zend_jit_trace.c
@@ -1412,6 +1412,16 @@ static zend_ssa *zend_jit_trace_build_tssa(zend_jit_trace_rec *trace_buffer, uin
 				case ZEND_QM_ASSIGN:
 					ADD_OP1_TRACE_GUARD();
 					break;
+				case ZEND_FETCH_DIM_FUNC_ARG:
+					if (!frame
+					 || !frame->call
+					 || !frame->call->func
+					 || !TRACE_FRAME_IS_LAST_SEND_BY_VAL(frame->call)) {
+						break;
+					}
+					ADD_OP2_TRACE_GUARD();
+					ADD_OP1_TRACE_GUARD();
+					break;
 				case ZEND_PRE_INC:
 				case ZEND_PRE_DEC:
 				case ZEND_POST_INC:
@@ -1523,6 +1533,19 @@ propagate_arg:
 						return_value_info.type &= ~MAY_BE_GUARD;
 					}
 					break;
+				case ZEND_CHECK_FUNC_ARG:
+					if (frame
+					 && frame->call
+					 && frame->call->func) {
+						uint32_t arg_num = opline->op2.num;
+
+						if (ARG_SHOULD_BE_SENT_BY_REF(frame->call->func, arg_num)) {
+							TRACE_FRAME_SET_LAST_SEND_BY_REF(frame->call);
+						} else {
+							TRACE_FRAME_SET_LAST_SEND_BY_VAL(frame->call);
+						}
+					}
+					break;
 				default:
 					break;
 			}
-- 
2.50.1