From f0dfdca0ae67940ce23703a2354b4fca08e4eab8 Mon Sep 17 00:00:00 2001
From: Nikita Popov <nikita.ppv@gmail.com>
Date: Fri, 28 Aug 2020 17:03:54 +0200
Subject: [PATCH] Fix execute fuzzer on i386

Opcode handlers use the FASTCALL calling convention...
---
 sapi/fuzzer/fuzzer-execute.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/sapi/fuzzer/fuzzer-execute.c b/sapi/fuzzer/fuzzer-execute.c
index bc903bbe634..f9faf90dea5 100644
--- a/sapi/fuzzer/fuzzer-execute.c
+++ b/sapi/fuzzer/fuzzer-execute.c
@@ -22,6 +22,10 @@
 #define MAX_STEPS 1000
 static uint32_t steps_left;
 
+/* Because the fuzzer is always compiled with clang,
+ * we can assume that we don't use global registers / hybrid VM. */
+typedef int (ZEND_FASTCALL *opcode_handler_t)(zend_execute_data *);
+
 void fuzzer_execute_ex(zend_execute_data *execute_data) {
 	while (1) {
 		int ret;
@@ -32,7 +36,7 @@ void fuzzer_execute_ex(zend_execute_data *execute_data) {
 			zend_bailout();
 		}
 
-		if ((ret = ((user_opcode_handler_t) EX(opline)->handler)(execute_data)) != 0) {
+		if ((ret = ((opcode_handler_t) EX(opline)->handler)(execute_data)) != 0) {
 			if (ret > 0) {
 				execute_data = EG(current_execute_data);
 			} else {