Accurate handling of ZEND_ASSIGN_OBJ

Author: dstogov

ext/opcache/Optimizer/zend_inference.c

@@ -4176,6 +4176,43 @@ int zend_may_throw(const zend_op *opline, zend_op_array *op_array, zend_ssa *ssa
 		case ZEND_ASSIGN_DIM:
 			return (t1 & (MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_TRUE|MAY_BE_STRING|MAY_BE_LONG|MAY_BE_DOUBLE)) || opline->op2_type == IS_UNUSED ||
 				(t2 & (MAY_BE_UNDEF|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE));
+		case ZEND_ASSIGN_OBJ:
+			if (t1 & (MAY_BE_ANY-(MAY_BE_NULL|MAY_BE_FALSE|MAY_BE_OBJECT))) {
+				return 1;
+			}
+			if (ssa->ops[opline - op_array->opcodes].op1_use) {
+				zend_ssa_var_info *var_info = ssa->var_info + ssa->ops[opline - op_array->opcodes].op1_use;
+				zend_class_entry *ce = var_info->ce;
+
+				if (var_info->is_instanceof ||
+				    !ce || ce->create_object || ce->__get || ce->__set ||
+				    (ce->ce_flags & ZEND_ACC_INHERITED)) {
+					return 1;
+				}
+
+				if (op_array->scope != ce && ce->default_properties_count) {
+					zend_property_info *prop_info;
+
+					if (opline->op2_type == IS_CONST) {
+						prop_info = zend_hash_find_ptr(&ce->properties_info,
+							Z_STR_P(CRT_CONSTANT_EX(op_array, opline->op2, ssa->rt_constants)));
+						if (prop_info && !(prop_info->flags & ZEND_ACC_PUBLIC)) {
+							return 1;
+						}
+					} else {
+						if (t2 & (MAY_BE_ANY-MAY_BE_STRING)) {
+							return 1;
+						}
+						ZEND_HASH_FOREACH_PTR(&ce->properties_info, prop_info) {
+							if (!(prop_info->flags & ZEND_ACC_PUBLIC)) {
+								return 1;
+							}
+						} ZEND_HASH_FOREACH_END();
+					}
+				}
+				return 0;
+			}
+			return 1;
 		case ZEND_ROPE_INIT:
 		case ZEND_ROPE_ADD:
 		case ZEND_ROPE_END: