Skip to content

undefined behavior in zend_strtod.c #19898

New issue
New issue
Open
#19899
Open
undefined behavior in zend_strtod.c#19898
#19899
Assignees
devnexen
Labels
BugCategory: EngineStatus: Verified
@chongwick

Description

@chongwick
chongwick
opened on Sep 20, 2025

Description

The following code:

<?php
$v_1643 = '1';
$v_1673 = '4';
$v_1674 = 1024;
$v_1675 = 1024;
$v_1676 = $v_1674 * $v_1675;
$v_1677 = 1024;
$v_1678 = $v_1676 * $v_1677;
$v_1683 = '5';
$v_1680 = $v_1678 * $v_1683;
$v_1681 = str_repeat($v_1673,$v_1680,);
$v_1651 = str_repeat($v_1643,$v_1681,);
$v_1652 = '1\n';
$v_1653 = '2';
$v_1662 = '2\n';
$v_1660 = $v_1662 * $v_1683;
$v_1661 = str_repeat($v_1653,$v_1660,);
$v_1663 = '3';
$v_1679 = 0.5;
$v_1666 = $v_1679 * $v_1668;
$v_1654 = 1024;
$v_1655 = 1024;
$v_1656 = $v_1654 * $v_1655;
$v_1668 = $v_1666 * $v_1656;
$v_1669 = 0.5;
$v_1670 = $v_1668 * $v_1669;
$v_1671 = str_repeat($v_1663,$v_1670,);
$v_1672 = '3\n';
$v_1682 = '4\n';
$v_1689 = 0.5;
$v_1690 = $v_1668 * $v_1689;
$v_1691 = str_repeat($v_1683,$v_1690,);
$v_1692 = '5\n';

Resulted in this output:

/home/w023dtc/nightly_php/php-src/Zend/zend_strtod.c:2601:50: runtime error: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /home/w023dtc/nightly_php/php-src/Zend/zend_strtod.c:2601:50 in

USE_ZEND_ALLOC=0 php -d "memory_limit = -1" -d "zend.assertions = 1" -d "display_errors = On" -d "display_startup_errors = On" -d "opcache.memory_consumption=4096M" -d "opcache.enable=1" -d "opcache.enable_cli=1" -d "opcache.jit=tracing" -d "opcache.validate_timestamps=0" -d "opcache.jit_buffer_size=128M" -d "opcache.file_update_protection=0" -d "opcache.max_accelerated_files=1000000" -d "opcache.interned_strings_buffer=64" -d "opcache.jit_prof_threshold=0.000000001" -d "opcache.jit_max_root_traces=  100000" -d "opcache.jit_max_side_traces=  100000" -d "opcache.jit_max_exit_counters=100000" -d "opcache.jit_hot_loop=1" -d "opcache.jit_hot_func=1" -d "opcache.jit_hot_return=1" -d "opcache.jit_hot_side_exit=1" -d "opcache.jit_blacklist_root_trace=255" -d "opcache.jit_blacklist_side_trace=255" -d "opcache.protect_memory=1" script.php

PHP Version

nightly

Operating System

ubuntu 22.04

Metadata

Metadata

Assignees

Labels

BugCategory: EngineStatus: Verified

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions