Fix GH-15973: Segmentation fault in JIT mode 1135 (#16006)

Author: dstogov

ext/opcache/jit/zend_jit_arm64.dasc

@@ -13829,7 +13829,9 @@ static int zend_jit_load_this(dasm_State **Dst, uint32_t var)
 
 static int zend_jit_fetch_this(dasm_State **Dst, const zend_op *opline, const zend_op_array *op_array, bool check_only)
 {
-	if (!op_array->scope || (op_array->fn_flags & ZEND_ACC_STATIC)) {
+	if (!op_array->scope ||
+			(op_array->fn_flags & ZEND_ACC_STATIC) ||
+			((op_array->fn_flags & (ZEND_ACC_CLOSURE|ZEND_ACC_IMMUTABLE)) == ZEND_ACC_CLOSURE)) {
 		if (JIT_G(trigger) == ZEND_JIT_ON_HOT_TRACE) {
 			if (!JIT_G(current_frame) ||
 			    !TRACE_FRAME_IS_THIS_CHECKED(JIT_G(current_frame))) {

ext/opcache/jit/zend_jit_x86.dasc

@@ -14749,7 +14749,9 @@ static int zend_jit_load_this(dasm_State **Dst, uint32_t var)
 
 static int zend_jit_fetch_this(dasm_State **Dst, const zend_op *opline, const zend_op_array *op_array, bool check_only)
 {
-	if (!op_array->scope || (op_array->fn_flags & ZEND_ACC_STATIC)) {
+	if (!op_array->scope ||
+			(op_array->fn_flags & ZEND_ACC_STATIC) ||
+			((op_array->fn_flags & (ZEND_ACC_CLOSURE|ZEND_ACC_IMMUTABLE)) == ZEND_ACC_CLOSURE)) {
 		if (JIT_G(trigger) == ZEND_JIT_ON_HOT_TRACE) {
 			if (!JIT_G(current_frame) ||
 			    !TRACE_FRAME_IS_THIS_CHECKED(JIT_G(current_frame))) {

ext/opcache/tests/jit/gh15973.phpt

@@ -0,0 +1,24 @@
+--TEST--
+GH-15973 (Segmentation fault in JIT mode 1135)
+--EXTENSIONS--
+opcache
+--INI--
+opcache.jit=1215
+opcache.jit_buffer_size=64M
+--FILE--
+<?php
+class Test {
+}
+$appendProp2 = (function() {
+$this->prop[] = 1;
+})->bindTo($test, Test::class);
+$appendProp2();
+?>
+--EXPECTF--
+Warning: Undefined variable $test in %sgh15973.php on line 6
+
+Fatal error: Uncaught Error: Using $this when not in object context in %sgh15973.php:5
+Stack trace:
+#0 %sgh15973.php(7): Test::{closure}()
+#1 {main}
+  thrown in %sgh15973.php on line 5