|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #73668 "SIGFPE Arithmetic exception" in opcache when divide by minus 1
Submitted: 2016-12-06 12:44 UTC Modified: 2016-12-06 21:28 UTC
From: richardh at channelgrabber dot com Assigned: nikic (profile)
Status: Closed Package: opcache
PHP Version: 7.1.0 OS: Ubuntu 14.04.1 LTS
Private report: No CVE-ID: None
 [2016-12-06 12:44 UTC] richardh at channelgrabber dot com
We recently switched to PHP 7.1.0 and noticed that when was included it caused PHP to exit with SIGFPE.

We installed the debug symbols and ran it through GDB a few times, reducing the issue down to lines 901 and 902 (

From this we created the reduced test case attached below.

The backtrace from the error is:
#0  0x00007ffff5b069a7 in zend_inference_calc_range (op_array=op_array@entry=0x7ffff6075008, ssa=ssa@entry=0x7ffff6097028, var=var@entry=1, 
    widening=widening@entry=0, narrowing=narrowing@entry=1, tmp=tmp@entry=0x7fffffffa7f0)
    at /build/php7.1-kMIlXM/php7.1-7.1.0/ext/opcache/Optimizer/zend_inference.c:727
#1  0x00007ffff5b0c21f in zend_infer_ranges (op_array=op_array@entry=0x7ffff6075008, ssa=ssa@entry=0x7ffff6097028)
    at /build/php7.1-kMIlXM/php7.1-7.1.0/ext/opcache/Optimizer/zend_inference.c:1954
#2  0x00007ffff5b133f3 in zend_ssa_inference (arena=arena@entry=0x7fffffffa960, op_array=op_array@entry=0x7ffff6075008, script=0x7ffff6075000, 
    ssa=ssa@entry=0x7ffff6097028) at /build/php7.1-kMIlXM/php7.1-7.1.0/ext/opcache/Optimizer/zend_inference.c:4181
#3  0x00007ffff5afb7f7 in zend_dfa_analyze_op_array (op_array=0x7ffff6075008, ctx=ctx@entry=0x7fffffffa960, ssa=0x7ffff6097028, flags=0x7ffff6097024)
    at /build/php7.1-kMIlXM/php7.1-7.1.0/ext/opcache/Optimizer/dfa_pass.c:106
#4  0x00007ffff5aef7e7 in zend_optimize_script (script=script@entry=0x7ffff6075000, optimization_level=2147467263, debug_level=0)
    at /build/php7.1-kMIlXM/php7.1-7.1.0/ext/opcache/Optimizer/zend_optimizer.c:967
#5  0x00007ffff5adf1c4 in cache_script_in_shared_memory (from_shared_memory=<synthetic pointer>, key_length=22, 
    key=0x7ffff5d2e6cc <accel_globals+556> "test.php:223344:223384", new_persistent_script=0x7ffff6075000)
    at /build/php7.1-kMIlXM/php7.1-7.1.0/ext/opcache/ZendAccelerator.c:1271
#6  persistent_compile_file (file_handle=<optimized out>, type=8) at /build/php7.1-kMIlXM/php7.1-7.1.0/ext/opcache/ZendAccelerator.c:1863
#7  0x00007ffff589ff9d in xdebug_compile_file (file_handle=<optimized out>, type=<optimized out>) at /build/xdebug-_hXbf9/xdebug-2.5.0/build-7.1/xdebug.c:2153
#8  0x00005555557b469d in zend_execute_scripts ()
#9  0x0000555555754b18 in php_execute_script ()
#10 0x000055555584e1c9 in ?? ()
#11 0x000055555563d92f in main ()

Test script:


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2016-12-06 21:26 UTC]
Automatic comment on behalf of nikic
Log: Fix bug #73668
 [2016-12-06 21:26 UTC]
-Status: Open +Status: Closed
 [2016-12-06 21:28 UTC]
-Assigned To: +Assigned To: nikic
 [2016-12-06 21:28 UTC]
That must be a record length reproduce script...
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Jul 22 15:01:29 2024 UTC