MantisBT - Xdebug
View Issue Details
0001386XdebugCode Coveragepublic2017-01-08 16:492017-01-09 17:58
lordelph 
derick 
normalmajoralways
closedfixed 
2.5.0 
2.5.12.5.1 
7.0.10-7.0.14
0001386: Overcoming coverage issues where executable code not shown as executed/executable
This is in reference to work done in the php-code-coverage issue 0000488 https://github.com/sebastianbergmann/php-code-coverage/issues/488 [^]

In particular, JoepRoebroek appeared to isolate this as xdebug using a bitfield flag which Zend is now using for other purposes. See https://github.com/sebastianbergmann/php-code-coverage/issues/488#issuecomment-269617008 [^] for this discovery.

To follow up on this, I verified that the Zend ZEND_ACC_USE_GUARDS flag and the xdebug ZEND_XDEBUG_VISITED flag both use the same bit 0x1000000. This conflict is what appears to cause the anomalous results.

My suggestion is simple to use a different bit - 0x10000000. I searched the php source for all references to ce_flags, and audited which flags of the bitfield were in use. I concluded that 0x10000000 could be used. It is the same as another Zend constant ZEND_ACC_HAS_TYPE_HINTS, but this only used in fn_flags and not ce_flags

See my comment on the issue for more background https://github.com/sebastianbergmann/php-code-coverage/issues/488#issuecomment-271152897 [^]
JoepRoebroek created a standalone method of reproducing the flaw here:

https://github.com/sebastianbergmann/php-code-coverage/issues/488#issuecomment-269082179 [^]
No tags attached.
Issue History
2017-01-08 16:49lordelphNew Issue
2017-01-08 19:45derickAssigned To => derick
2017-01-08 19:45derickStatusnew => assigned
2017-01-08 19:45derickFixed in Version => 2.5.1
2017-01-08 19:45derickTarget Version => 2.5.1
2017-01-09 17:58derickNote Added: 0004168
2017-01-09 17:58derickStatusassigned => closed
2017-01-09 17:58derickResolutionopen => fixed

Notes
(0004168)
derick   
2017-01-09 17:58   
Fixed in GIT. Thanks for the research!