Merge branch 'PHP-8.4'

* PHP-8.4: Fix GH-17654: Multiple classes using same trait causes function JIT crash
2025-08-15 21:48:51 +02:00 · 2025-02-03 19:28:26 +01:00 · 2025-02-03 19:28:26 +01:00 · 9b7e08603b
commit 9b7e08603b
parent 4e6a3cecf5 6d6380c09d
2 changed files with 41 additions and 3 deletions
--- a/ext/opcache/jit/zend_jit_ir.c
+++ b/ext/opcache/jit/zend_jit_ir.c
@ -10053,9 +10053,9 @@ static int zend_jit_do_fcall(zend_jit_ctx *jit, const zend_op *opline, const zen
 			func = call_info->callee_func;
 		}
 		if ((op_array->fn_flags & ZEND_ACC_TRAIT_CLONE)
-		 && JIT_G(current_frame)
-		 && JIT_G(current_frame)->call
-		 && !JIT_G(current_frame)->call->func) {
+		 && (!JIT_G(current_frame)
+		  || !JIT_G(current_frame)->call
+		  || !JIT_G(current_frame)->call->func)) {
 			call_info = NULL; func = NULL; /* megamorphic call from trait */
 		}
 	}
--- a/ext/opcache/tests/jit/gh17654.phpt
+++ b/ext/opcache/tests/jit/gh17654.phpt
@ -0,0 +1,38 @@
+--TEST--
+GH-17654 (Multiple classes using same trait causes function JIT crash)
+--EXTENSIONS--
+opcache
+--INI--
+opcache.jit=1214
+opcache.jit_buffer_size=16M
+--FILE--
+<?php
+trait TestTrait {
+	public function addUnit(string $x) {
+		self::addRawUnit($this, $x);
+	}
+
+	public function addRawUnit(self $data, string $x) {
+		var_dump($x);
+	}
+}
+
+class Test {
+	use TestTrait;
+}
+
+class Test2 {
+	use TestTrait;
+}
+
+function main()
+{
+	(new Test2)->addUnit("test2");
+	(new Test)->addUnit("test");
+}
+
+main();
+?>
+--EXPECT--
+string(5) "test2"
+string(4) "test"