Fix bug #46311: Pointer aliasing issue results in miscompile on gcc4.4

The code violated the strict aliasing restriction, because it
dereferenced the same pointer as zval** once and as void**
afterwards. Now both occurances dereference void** and cast to
zval* in the former case.

diff --git a/NEWS b/NEWS
index 75a0b3c6b9599a51b903a5fb06d3b8308de909ee..6d62951e75d8c82f85a85900e5777d8b7cc2ff11 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,8 @@ PHP                                                                        NEWS
     --enable-dtrace). (Chris Jones, Kris Van Hees)
   . Fixed bug #65225 (PHP_BINARY incorrectly set). (Patrick Allaert)
   . Fixed bug #62692 (PHP fails to build with DTrace). (Chris Jones, Kris Van Hees)
+  . Fixed bug #46311 (Pointer aliasing issue results in miscompile on gcc4.4).
+    (Nikita Popov)
 
 - cURL:
   . Fixed bug #65458 (curl memory leak). (Adam)

diff --git a/Zend/zend_execute.h b/Zend/zend_execute.h
index a17f10b312e534410fb507e410062fd37c0056da..35c5bcaef116ac2a124be870036e388163b691ec 100644 (file)
--- a/Zend/zend_execute.h
+++ b/Zend/zend_execute.h
@@ -293,7 +293,7 @@ static zend_always_inline void zend_vm_stack_clear_multiple(int nested TSRMLS_DC
        void **end = p - (int)(zend_uintptr_t)*p;
 
        while (p != end) {
-               zval *q = *(zval **)(--p);
+               zval *q = *(--p);
                *p = NULL;
                i_zval_ptr_dtor(q ZEND_FILE_LINE_CC);
        }