id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	blockedby	phpversion	appname	pending	exts	sapi	probability	blocking
45	xc_coverager_get_op_array_size_no_tail crash when size reaches 0	judas_iscariote	moo	"Im getting a crash there...

a quick looks says :

seems when  op_array->size is 2 ..


{{{
static int xc_coverager_get_op_array_size_no_tail(zend_op_array *op_array) /* {{{ */
{
        zend_uint size;

        size = op_array->size;

#ifdef ZEND_ENGINE_2
        if (op_array->opcodes[size - 1].opcode == ZEND_HANDLE_EXCEPTION) {
                size --;
                 //size is 1 now
#endif
                if (op_array->opcodes[size - 1].opcode == ZEND_RETURN) {
                        size --;
                        //size is 0 now
                        /* it's not real php statement */
                        // crash here I guess is 'cause - 1 underflow zend_uint right ?
                        if (op_array->opcodes[size - 1].opcode == ZEND_EXT_STMT) {
                                size --;
                        }
                }
#ifdef ZEND_ENGINE_2
        }
#endif
        return size;
}
}}}

"	defect	closed	major	1.0.3	coverager	1.2-dev	fixed	coverager