From: Nikita Popov <nikita.ppv@gmail.com>
Date: Wed, 2 Jan 2019 12:58:44 +0000 (+0100)
Subject: Possible fix for bug #77287
X-Git-Tag: php-7.3.2RC1~57
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=325a1139744413420a62d3006c04914587628810;p=php

Possible fix for bug #77287

The cache size could be off by 4, if we're on a 32-bit system and
the slot had to be bumped for alignment reasons.

I wasn't able to reproduce the issue reported in bug #77287, but I
think this might be the cause.
---

diff --git a/ext/opcache/Optimizer/compact_literals.c b/ext/opcache/Optimizer/compact_literals.c
index 4f71e5635e..10bdf54011 100644
--- a/ext/opcache/Optimizer/compact_literals.c
+++ b/ext/opcache/Optimizer/compact_literals.c
@@ -805,9 +805,9 @@ void zend_optimizer_compact_literals(zend_op_array *op_array, zend_optimizer_ctx
 					zval *val = &op_array->literals[opline->op2.constant];
 
 					if (Z_TYPE_P(val) == IS_CONSTANT_AST) {
-						uint32_t slot = ZEND_MM_ALIGNED_SIZE_EX(op_array->cache_size, 8);
-
-						Z_CACHE_SLOT_P(val) = slot;
+						/* Ensure zval is aligned to 8 bytes */
+						op_array->cache_size = ZEND_MM_ALIGNED_SIZE_EX(op_array->cache_size, 8);
+						Z_CACHE_SLOT_P(val) = op_array->cache_size;
 						op_array->cache_size += sizeof(zval);
 					}
 				} else if (opline->opcode != ZEND_RECV) {