Fixed bug #70632 (Third one of segfault in gc_remove_from_buffer)

NEWS

@@ -15,6 +15,8 @@ PHP                                                                        NEWS
   . Fixed bug #70572 segfault in mysqlnd_connect. (Andrey, Remi)
 
 - Opcache:
+  . Fixed bug #70632 (Third one of segfault in gc_remove_from_buffer).
+    (Laruence)
   . Fixed bug #70631 (Another Segfault in gc_remove_from_buffer()). (Laruence)
   . Fixed bug #70601 (Segfault in gc_remove_from_buffer()). (Laruence)
 

Zend/zend_compile.c

@@ -3472,10 +3472,7 @@ static char * zend_get_function_declaration(zend_function *fptr TSRMLS_DC) /* {{
 					if (precv && precv->opcode == ZEND_RECV_INIT && precv->op2_type != IS_UNUSED) {
 						zval *zv, zv_copy;
 						int use_copy;
-						ALLOC_ZVAL(zv);
-						*zv = *precv->op2.zv;
-						zval_copy_ctor(zv);
-						INIT_PZVAL(zv);
+						zv = precv->op2.zv;
 						if ((Z_TYPE_P(zv) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) {
 							REALLOC_BUF_IF_EXCEED(buf, offset, length, Z_STRLEN_P(zv));
 							memcpy(offset, Z_STRVAL_P(zv), Z_STRLEN_P(zv));
@@ -3517,7 +3514,6 @@ static char * zend_get_function_declaration(zend_function *fptr TSRMLS_DC) /* {{
 								zval_dtor(&zv_copy);
 							}
 						}
-						zval_ptr_dtor(&zv);
 					}
 				} else {
 					memcpy(offset, "NULL", 4);

ext/opcache/tests/bug70632.phpt

@@ -0,0 +1,21 @@
+--TEST--
+Bug #70632 (Third one of segfault in gc_remove_from_buffer)
+--INI--
+opcache.enable=1
+opcache.enable_cli=1
+opcache.protect_memory=1
+--SKIPIF--
+<?php if (!extension_loaded('Zend OPcache')) die("skip"); ?>
+--FILE--
+<?php
+
+class A {
+	public function test($a = array("okey")) {
+	}
+}
+
+
+eval ("class B extends A { public function test() {} }");
+?>
+--EXPECTF--
+Strict Standards: Declaration of B::test() should be compatible with A::test($a = Array) in %sbug70632.php(%d) : eval()'d code on line %d