Fix type inference

Fixes oss-fuzz #50792

Author: dstogov

ext/opcache/Optimizer/zend_inference.c

@@ -3319,6 +3319,9 @@ static zend_always_inline int _zend_update_type_info(
 				opline->op1_type,
 				opline->result_type == IS_VAR,
 				opline->op2_type == IS_UNUSED);
+			if (opline->opcode == ZEND_FETCH_DIM_FUNC_ARG && (t1 & (MAY_BE_TRUE|MAY_BE_LONG|MAY_BE_DOUBLE|MAY_BE_RESOURCE))) {
+				tmp |= MAY_BE_NULL;
+			}
 			if (opline->opcode == ZEND_FETCH_DIM_IS && (t1 & MAY_BE_STRING)) {
 				tmp |= MAY_BE_NULL;
 			}

ext/opcache/tests/jit/fetch_dim_func_arg_002.phpt

@@ -0,0 +1,18 @@
+--TEST--
+JIT FETCH_DIM_FUNC_ARG: 002
+--INI--
+opcache.enable=1
+opcache.enable_cli=1
+opcache.file_update_protection=0
+opcache.jit_buffer_size=1M
+--SKIPIF--
+<?php require_once('skipif.inc'); ?>
+--FILE--
+<?php
+new class(true[""]) {
+}
+?>
+DONE
+--EXPECTF--
+Warning: Trying to access array offset on value of type bool in %sfetch_dim_func_arg_002.php on line 2
+DONE