diff options
| author | Andi Gutmans <andi@php.net> | 2004-09-09 16:47:22 +0000 |
|---|---|---|
| committer | Andi Gutmans <andi@php.net> | 2004-09-09 16:47:22 +0000 |
| commit | 96ab56e1467110164aae07d2e2e17c0d126d8d46 (patch) | |
| tree | 3d822bbec6783ecfcba5f2e8ace7ddb9fc3e81b5 | |
| parent | bb8167cda308394a7d4d689bfdf12292b9eb4e04 (diff) | |
| download | php-git-96ab56e1467110164aae07d2e2e17c0d126d8d46.tar.gz | |
- Roll back VM commit
| -rw-r--r-- | Zend/ChangeLog | 27 | ||||
| -rw-r--r-- | Zend/zend.c | 1 | ||||
| -rw-r--r-- | Zend/zend_API.c | 94 | ||||
| -rw-r--r-- | Zend/zend_API.h | 1 | ||||
| -rw-r--r-- | Zend/zend_builtin_functions.c | 4 | ||||
| -rw-r--r-- | Zend/zend_compile.c | 23 | ||||
| -rw-r--r-- | Zend/zend_compile.h | 2 | ||||
| -rw-r--r-- | Zend/zend_exceptions.c | 2 | ||||
| -rw-r--r-- | Zend/zend_execute.c | 4161 | ||||
| -rw-r--r-- | Zend/zend_execute.h | 2 | ||||
| -rw-r--r-- | Zend/zend_execute_API.c | 3 | ||||
| -rw-r--r-- | Zend/zend_extensions.h | 4 | ||||
| -rw-r--r-- | Zend/zend_opcode.c | 4 |
13 files changed, 3847 insertions, 481 deletions
diff --git a/Zend/ChangeLog b/Zend/ChangeLog index 65c7d201b0..9a28774a2b 100644 --- a/Zend/ChangeLog +++ b/Zend/ChangeLog @@ -1,30 +1,3 @@ -2004-09-08 Andi Gutmans <andi@zend.com> - - * zend_builtin_functions.c: - - Fix bug #28054 by preventing printing out bogus information in backtrace - when in error handler (still doesn't know all information but at least - it's not bogus) - - * zend_compile.h - zend_exceptions.c - zend_execute.c - zend_execute.h - zend_execute_API.c - zend_opcode.c - zend_vm.h - zend_vm_handlers.h - zend_vm_spec.h: - - Some architectural changes: - a) We specialize opcodes according to op_type fields. Each opcode has to - be marked with which op_type's it uses. - b) We support different execution methods. Function handlers, switch() - and goto dispatching. goto seems to be the fastest but it really - depends on the compiler and how well it optimizes. I suggest playing - around with optimization flags. - - - Warning: Things might break so keep us posted on how things are going. - (Dmitry, Andi) - 2004-09-06 Marcus Boerger <marcus.boerger@post.rwth-aachen.de> * zend_objects.c: diff --git a/Zend/zend.c b/Zend/zend.c index 97dfcd3a91..80fa7f2367 100644 --- a/Zend/zend.c +++ b/Zend/zend.c @@ -84,6 +84,7 @@ ZEND_INI_END() ZEND_API int compiler_globals_id; ZEND_API int executor_globals_id; ZEND_API int alloc_globals_id; +zend_class_entry global_main_class; HashTable *global_function_table; HashTable *global_class_table; HashTable *global_constants_table; diff --git a/Zend/zend_API.c b/Zend/zend_API.c index 1733720130..bd1450cff5 100644 --- a/Zend/zend_API.c +++ b/Zend/zend_API.c @@ -316,13 +316,12 @@ static char *zend_parse_arg_impl(zval **arg, va_list *va, char **spec TSRMLS_DC) *pl = Z_STRLEN_PP(arg); break; case IS_OBJECT: { - if (Z_OBJ_HANDLER_PP(arg, cast_object)) { + if (Z_OBJ_HANDLER_PP(arg, cast_object) + && Z_OBJ_HANDLER_PP(arg, cast_object)(*arg, *arg, IS_STRING, 0 TSRMLS_CC) == SUCCESS) { SEPARATE_ZVAL_IF_NOT_REF(arg); - if (Z_OBJ_HANDLER_PP(arg, cast_object)(*arg, *arg, IS_STRING, 0 TSRMLS_CC) == SUCCESS) { - *pl = Z_STRLEN_PP(arg); - *p = Z_STRVAL_PP(arg); - break; - } + *pl = Z_STRLEN_PP(arg); + *p = Z_STRVAL_PP(arg); + break; } } @@ -1218,29 +1217,6 @@ ZEND_API int zend_startup_module(zend_module_entry *module) return zend_register_module_ex(module TSRMLS_CC); } -ZEND_API void zend_check_magic_method_implementation(zend_class_entry *ce, zend_function *fptr, int error_type TSRMLS_DC) -{ - char lcname[16]; - int name_len; - - /* we don't care if the function name is longer, in fact lowercasing only - * the beginning of the name speeds up the check process */ - name_len = strlen(fptr->common.function_name); - zend_str_tolower_copy(lcname, fptr->common.function_name, MIN(name_len, sizeof(lcname)-1)); - lcname[sizeof(lcname)-1] = '\0'; /* zend_str_tolower_copy won't necessarily set the zero byte */ - - if (name_len == sizeof(ZEND_DESTRUCTOR_FUNC_NAME) - 1 && !memcmp(lcname, ZEND_DESTRUCTOR_FUNC_NAME, sizeof(ZEND_DESTRUCTOR_FUNC_NAME)) && fptr->common.num_args != 0) { - zend_error(error_type, "Destuctor %s::%s() cannot take arguments", ce->name, ZEND_DESTRUCTOR_FUNC_NAME); - } else if (name_len == sizeof(ZEND_CLONE_FUNC_NAME) - 1 && !memcmp(lcname, ZEND_CLONE_FUNC_NAME, sizeof(ZEND_CLONE_FUNC_NAME)) && fptr->common.num_args != 0) { - zend_error(error_type, "Method %s::%s() cannot accept any arguments", ce->name, ZEND_CLONE_FUNC_NAME); - } else if (name_len == sizeof(ZEND_GET_FUNC_NAME) - 1 && !memcmp(lcname, ZEND_GET_FUNC_NAME, sizeof(ZEND_GET_FUNC_NAME)) && fptr->common.num_args != 1) { - zend_error(error_type, "Method %s::%s() must take exactly 1 argument", ce->name, ZEND_GET_FUNC_NAME); - } else if (name_len == sizeof(ZEND_SET_FUNC_NAME) - 1 && !memcmp(lcname, ZEND_SET_FUNC_NAME, sizeof(ZEND_SET_FUNC_NAME)) && fptr->common.num_args != 2) { - zend_error(error_type, "Method %s::%s() must take exactly 2 arguments", ce->name, ZEND_SET_FUNC_NAME); - } else if (name_len == sizeof(ZEND_CALL_FUNC_NAME) - 1 && !memcmp(lcname, ZEND_CALL_FUNC_NAME, sizeof(ZEND_CALL_FUNC_NAME)) && fptr->common.num_args != 2) { - zend_error(error_type, "Method %s::%s() must take exactly 2 arguments", ce->name, ZEND_CALL_FUNC_NAME); - } -} /* registers all functions in *library_functions in the function hash */ ZEND_API int zend_register_functions(zend_class_entry *scope, zend_function_entry *functions, HashTable *function_table, int type TSRMLS_DC) @@ -1251,11 +1227,9 @@ ZEND_API int zend_register_functions(zend_class_entry *scope, zend_function_entr int count=0, unload=0; HashTable *target_function_table = function_table; int error_type; - zend_function *ctor = NULL, *dtor = NULL, *clone = NULL, *__get = NULL, *__set = NULL, *__call = NULL; + zend_function *ctor = NULL, *dtor = NULL, *clone = NULL; char *lowercase_name; int fname_len; - char *lc_class_name; - int class_name_len; if (type==MODULE_PERSISTENT) { error_type = E_CORE_WARNING; @@ -1267,11 +1241,6 @@ ZEND_API int zend_register_functions(zend_class_entry *scope, zend_function_entr target_function_table = CG(function_table); } internal_function->type = ZEND_INTERNAL_FUNCTION; - - if (scope) { - class_name_len = strlen(scope->name); - lc_class_name = zend_str_tolower_dup(scope->name, class_name_len); - } while (ptr->fname) { internal_function->handler = ptr->handler; @@ -1341,28 +1310,18 @@ ZEND_API int zend_register_functions(zend_class_entry *scope, zend_function_entr * If it's an old-style constructor, store it only if we don't have * a constructor already. */ - if ((fname_len == class_name_len) && !memcmp(lowercase_name, lc_class_name, class_name_len+1) && !ctor) { + if (!strcmp(ptr->fname, scope->name) && !ctor) { ctor = reg_function; - } else if ((fname_len == sizeof(ZEND_CONSTRUCTOR_FUNC_NAME)-1) && !memcmp(lowercase_name, ZEND_CONSTRUCTOR_FUNC_NAME, sizeof(ZEND_CONSTRUCTOR_FUNC_NAME))) { + } else if (!strcmp(ptr->fname, ZEND_CONSTRUCTOR_FUNC_NAME)) { ctor = reg_function; - } else if ((fname_len == sizeof(ZEND_DESTRUCTOR_FUNC_NAME)-1) && !memcmp(lowercase_name, ZEND_DESTRUCTOR_FUNC_NAME, sizeof(ZEND_DESTRUCTOR_FUNC_NAME))) { + } else if (!strcmp(ptr->fname, ZEND_DESTRUCTOR_FUNC_NAME)) { dtor = reg_function; if (internal_function->num_args) { zend_error(error_type, "Destructor %s::%s() cannot take arguments", scope->name, ptr->fname); } - } else if ((fname_len == sizeof(ZEND_CLONE_FUNC_NAME)-1) && !memcmp(lowercase_name, ZEND_CLONE_FUNC_NAME, sizeof(ZEND_CLONE_FUNC_NAME))) { + + } else if (!strcmp(ptr->fname, ZEND_CLONE_FUNC_NAME)) { clone = reg_function; - } else if ((fname_len == sizeof(ZEND_CALL_FUNC_NAME)-1) && !memcmp(lowercase_name, ZEND_CALL_FUNC_NAME, sizeof(ZEND_CALL_FUNC_NAME))) { - __call = reg_function; - } else if ((fname_len == sizeof(ZEND_GET_FUNC_NAME)-1) && !memcmp(lowercase_name, ZEND_GET_FUNC_NAME, sizeof(ZEND_GET_FUNC_NAME))) { - __get = reg_function; - } else if ((fname_len == sizeof(ZEND_SET_FUNC_NAME)-1) && !memcmp(lowercase_name, ZEND_SET_FUNC_NAME, sizeof(ZEND_SET_FUNC_NAME))) { - __set = reg_function; - } else { - reg_function = NULL; - } - if (reg_function) { - zend_check_magic_method_implementation(scope, reg_function, error_type TSRMLS_CC); } } ptr++; @@ -1370,9 +1329,6 @@ ZEND_API int zend_register_functions(zend_class_entry *scope, zend_function_entr free_alloca(lowercase_name); } if (unload) { /* before unloading, display all remaining bad function in the module */ - if (scope) { - efree(lc_class_name); - } while (ptr->fname) { if (zend_hash_exists(target_function_table, ptr->fname, strlen(ptr->fname)+1)) { zend_error(error_type, "Function registration failed - duplicate name - %s", ptr->fname); @@ -1386,49 +1342,27 @@ ZEND_API int zend_register_functions(zend_class_entry *scope, zend_function_entr scope->constructor = ctor; scope->destructor = dtor; scope->clone = clone; - scope->__call = __call; - scope->__get = __get; - scope->__set = __set; if (ctor) { ctor->common.fn_flags |= ZEND_ACC_CTOR; if (ctor->common.fn_flags & ZEND_ACC_STATIC) { - zend_error(error_type, "Constructor %s::%s() cannot be static", scope->name, ctor->common.function_name); + zend_error(error_type, "Constructor %s::%s() cannot be static", ctor->common.scope->name, ctor->common.function_name); } ctor->common.fn_flags &= ~ZEND_ACC_ALLOW_STATIC; } if (dtor) { dtor->common.fn_flags |= ZEND_ACC_DTOR; if (dtor->common.fn_flags & ZEND_ACC_STATIC) { - zend_error(error_type, "Destructor %s::%s() cannot be static", scope->name, dtor->common.function_name); + zend_error(error_type, "Destructor %s::%s() cannot be static", dtor->common.scope->name, dtor->common.function_name); } dtor->common.fn_flags &= ~ZEND_ACC_ALLOW_STATIC; } if (clone) { clone->common.fn_flags |= ZEND_ACC_CLONE; if (clone->common.fn_flags & ZEND_ACC_STATIC) { - zend_error(error_type, "Constructor %s::%s() cannot be static", scope->name, clone->common.function_name); + zend_error(error_type, "Constructor %s::%s() cannot be static", clone->common.scope->name, clone->common.function_name); } clone->common.fn_flags &= ~ZEND_ACC_ALLOW_STATIC; } - if (__call) { - if (__call->common.fn_flags & ZEND_ACC_STATIC) { - zend_error(error_type, "Method %s::%s() cannot be static", scope->name, __call->common.function_name); - } - __call->common.fn_flags &= ~ZEND_ACC_ALLOW_STATIC; - } - if (__get) { - if (__get->common.fn_flags & ZEND_ACC_STATIC) { - zend_error(error_type, "Method %s::%s() cannot be static", scope->name, __get->common.function_name); - } - __get->common.fn_flags &= ~ZEND_ACC_ALLOW_STATIC; - } - if (__set) { - if (__set->common.fn_flags & ZEND_ACC_STATIC) { - zend_error(error_type, "Method %s::%s() cannot be static", scope->name, __set->common.function_name); - } - __set->common.fn_flags &= ~ZEND_ACC_ALLOW_STATIC; - } - efree(lc_class_name); } return SUCCESS; } diff --git a/Zend/zend_API.h b/Zend/zend_API.h index 12312938c0..313dd217ee 100644 --- a/Zend/zend_API.h +++ b/Zend/zend_API.h @@ -168,7 +168,6 @@ ZEND_API int zend_register_functions(zend_class_entry *scope, zend_function_entr ZEND_API void zend_unregister_functions(zend_function_entry *functions, int count, HashTable *function_table TSRMLS_DC); ZEND_API int zend_register_module(zend_module_entry *module_entry); ZEND_API int zend_register_module_ex(zend_module_entry *module TSRMLS_DC); -ZEND_API void zend_check_magic_method_implementation(zend_class_entry *ce, zend_function *fptr, int error_type TSRMLS_DC); ZEND_API zend_class_entry *zend_register_internal_class(zend_class_entry *class_entry TSRMLS_DC); ZEND_API zend_class_entry *zend_register_internal_class_ex(zend_class_entry *class_entry, zend_class_entry *parent_ce, char *parent_name TSRMLS_DC); diff --git a/Zend/zend_builtin_functions.c b/Zend/zend_builtin_functions.c index 377f096838..8bfa7a0d41 100644 --- a/Zend/zend_builtin_functions.c +++ b/Zend/zend_builtin_functions.c @@ -1621,7 +1621,7 @@ ZEND_FUNCTION(debug_print_backtrace) zval_ptr_dtor(&arg_array); } zend_printf(") called at [%s:%d]\n", filename, lineno); - include_filename = function_name?NULL:filename; + include_filename = filename; ptr = ptr->prev_execute_data; ++indent; } @@ -1766,7 +1766,7 @@ ZEND_API void zend_fetch_debug_backtrace(zval *return_value, int skip_last TSRML add_next_index_zval(return_value, stack_frame); - include_filename = function_name?NULL:filename; + include_filename = filename; ptr = ptr->prev_execute_data; } diff --git a/Zend/zend_compile.c b/Zend/zend_compile.c index 5710115689..55049cef6c 100644 --- a/Zend/zend_compile.c +++ b/Zend/zend_compile.c @@ -1103,14 +1103,25 @@ void zend_do_end_function_declaration(znode *function_token TSRMLS_DC) pass_two(CG(active_op_array) TSRMLS_CC); + /* we don't care if the function name is longer, in fact lowercasing only + * the beginning of the name speeds up the check process */ + name_len = strlen(CG(active_op_array)->function_name); + zend_str_tolower_copy(lcname, CG(active_op_array)->function_name, MIN(name_len, sizeof(lcname)-1)); + lcname[sizeof(lcname)-1] = '\0'; /* zend_str_tolower_copy won't necessarily set the zero byte */ + if (CG(active_class_entry)) { - zend_check_magic_method_implementation(CG(active_class_entry), (zend_function*)CG(active_op_array), E_COMPILE_ERROR TSRMLS_CC); + if (name_len == sizeof(ZEND_DESTRUCTOR_FUNC_NAME) - 1 && !memcmp(lcname, ZEND_DESTRUCTOR_FUNC_NAME, sizeof(ZEND_DESTRUCTOR_FUNC_NAME)) && CG(active_op_array)->num_args != 0) { + zend_error(E_COMPILE_ERROR, "Destuctor %s::%s() cannot take arguments", CG(active_class_entry)->name, ZEND_DESTRUCTOR_FUNC_NAME); + } else if (name_len == sizeof(ZEND_CLONE_FUNC_NAME) - 1 && !memcmp(lcname, ZEND_CLONE_FUNC_NAME, sizeof(ZEND_CLONE_FUNC_NAME)) && CG(active_op_array)->num_args != 0) { + zend_error(E_COMPILE_ERROR, "Method %s::%s() cannot accept any arguments", CG(active_class_entry)->name, ZEND_CLONE_FUNC_NAME); + } else if (name_len == sizeof(ZEND_GET_FUNC_NAME) - 1 && !memcmp(lcname, ZEND_GET_FUNC_NAME, sizeof(ZEND_GET_FUNC_NAME)) && CG(active_op_array)->num_args != 1) { + zend_error(E_COMPILE_ERROR, "Method %s::%s() must take exactly 1 argument", CG(active_class_entry)->name, ZEND_GET_FUNC_NAME); + } else if (name_len == sizeof(ZEND_SET_FUNC_NAME) - 1 && !memcmp(lcname, ZEND_SET_FUNC_NAME, sizeof(ZEND_SET_FUNC_NAME)) && CG(active_op_array)->num_args != 2) { + zend_error(E_COMPILE_ERROR, "Method %s::%s() must take exactly 2 arguments", CG(active_class_entry)->name, ZEND_SET_FUNC_NAME); + } else if (name_len == sizeof(ZEND_CALL_FUNC_NAME) - 1 && !memcmp(lcname, ZEND_CALL_FUNC_NAME, sizeof(ZEND_CALL_FUNC_NAME)) && CG(active_op_array)->num_args != 2) { + zend_error(E_COMPILE_ERROR, "Method %s::%s() must take exactly 2 arguments", CG(active_class_entry)->name, ZEND_CALL_FUNC_NAME); + } } else { - /* we don't care if the function name is longer, in fact lowercasing only - * the beginning of the name speeds up the check process */ - name_len = strlen(CG(active_op_array)->function_name); - zend_str_tolower_copy(lcname, CG(active_op_array)->function_name, MIN(name_len, sizeof(lcname)-1)); - lcname[sizeof(lcname)-1] = '\0'; /* zend_str_tolower_copy won't necessarily set the zero byte */ if (name_len == sizeof(ZEND_AUTOLOAD_FUNC_NAME) - 1 && !memcmp(lcname, ZEND_AUTOLOAD_FUNC_NAME, sizeof(ZEND_AUTOLOAD_FUNC_NAME)) && CG(active_op_array)->num_args != 1) { zend_error(E_COMPILE_ERROR, "%s() must take exactly 1 argument", ZEND_AUTOLOAD_FUNC_NAME); } diff --git a/Zend/zend_compile.h b/Zend/zend_compile.h index 7fa78bbf34..7e6884c060 100644 --- a/Zend/zend_compile.h +++ b/Zend/zend_compile.h @@ -72,7 +72,7 @@ typedef struct _zend_execute_data zend_execute_data; typedef int (*opcode_handler_t) (ZEND_OPCODE_HANDLER_ARGS); -extern ZEND_API opcode_handler_t *zend_opcode_handlers; +extern ZEND_API opcode_handler_t zend_opcode_handlers[512]; struct _zend_op { opcode_handler_t handler; diff --git a/Zend/zend_exceptions.c b/Zend/zend_exceptions.c index c650d7a062..0122292e72 100644 --- a/Zend/zend_exceptions.c +++ b/Zend/zend_exceptions.c @@ -175,7 +175,7 @@ ZEND_METHOD(error_exception, __construct) if (argc >= 4) { zend_update_property_string(default_exception_ce, object, "file", sizeof("file")-1, filename TSRMLS_CC); if (argc < 5) { - lineno = 0; /* invalidate lineno */ + lineno = 0; // invalidate lineno } zend_update_property_long(default_exception_ce, object, "line", sizeof("line")-1, lineno TSRMLS_CC); } diff --git a/Zend/zend_execute.c b/Zend/zend_execute.c index ba1532a33b..ed6247d4c4 100644 --- a/Zend/zend_execute.c +++ b/Zend/zend_execute.c @@ -34,9 +34,6 @@ #include "zend_fast_cache.h" #include "zend_ini.h" #include "zend_exceptions.h" -#include "zend_vm.h" - -typedef int (*incdec_t)(zval *); #define get_zval_ptr(node, Ts, should_free, type) _get_zval_ptr(node, Ts, should_free TSRMLS_CC) #define get_zval_ptr_ptr(node, Ts, should_free, type) _get_zval_ptr_ptr(node, Ts, should_free TSRMLS_CC) @@ -44,6 +41,10 @@ typedef int (*incdec_t)(zval *); #define get_obj_zval_ptr_ptr(node, Ts, should_free, type) _get_obj_zval_ptr_ptr(node, Ts, should_free TSRMLS_CC) /* Prototypes */ +static void zend_fetch_var_address(zend_op *opline, temp_variable *Ts, int type TSRMLS_DC); +static void zend_fetch_dimension_address(znode *result, znode *op1, znode *op2, temp_variable *Ts, int type TSRMLS_DC); +static void zend_fetch_property_address(znode *result, znode *op1, znode *op2, temp_variable *Ts, int type TSRMLS_DC); +static void zend_fetch_dimension_address_from_tmp_var(znode *result, znode *op1, znode *op2, temp_variable *Ts TSRMLS_DC); static void zend_extension_statement_handler(zend_extension *extension, zend_op_array *op_array TSRMLS_DC); static void zend_extension_fcall_begin_handler(zend_extension *extension, zend_op_array *op_array TSRMLS_DC); static void zend_extension_fcall_end_handler(zend_extension *extension, zend_op_array *op_array TSRMLS_DC); @@ -58,7 +59,7 @@ static void zend_extension_fcall_end_handler(zend_extension *extension, zend_op_ /* former zend_execute_locks.h */ typedef struct _zend_free_op { zval* var; -/* int is_var; */ + int is_var; } zend_free_op; static inline void zend_pzval_unlock_func(zval *z, zend_free_op *should_free) @@ -67,7 +68,7 @@ static inline void zend_pzval_unlock_func(zval *z, zend_free_op *should_free) z->refcount = 1; z->is_ref = 0; should_free->var = z; -/* should_free->is_var = 1; */ + should_free->is_var = 1; } else { should_free->var = 0; } @@ -97,15 +98,15 @@ static inline void zend_pzval_unlock_free_func(zval *z) #define FREE_OP(should_free) \ if (should_free.var) { \ - if ((long)should_free.var & 1L) { \ - zval_dtor((zval*)((long)should_free.var & ~1L)); \ + if (!should_free.is_var) { \ + zval_dtor(should_free.var); \ } else { \ zval_ptr_dtor(&should_free.var); \ } \ } -#define FREE_OP_IF_VAR(should_free) \ - if (should_free.var != NULL && (((long)should_free.var & 1L) == 0)) { \ +#define FREE_OP_VAR(should_free) \ + if (should_free.var && should_free.is_var) { \ zval_ptr_dtor(&should_free.var); \ } @@ -114,29 +115,20 @@ static inline void zend_pzval_unlock_free_func(zval *z) zval_ptr_dtor(&should_free.var); \ } -#define TMP_FREE(z) (zval*)(((long)(z)) | 1L) - -#define IS_TMP_FREE(should_free) ((long)should_free.var & 1L) - -#define INIT_PZVAL_COPY(z,v) \ - (z)->value = (v)->value; \ - (z)->type = (v)->type; \ - (z)->refcount = 1; \ - (z)->is_ref = 0; +#define IS_TMP_FREE(should_free) (should_free.var && !should_free.is_var) /* End of zend_execute_locks.h */ static inline zval *_get_zval_ptr(znode *node, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) { -/* should_free->is_var = 0; */ + should_free->is_var = 0; switch (node->op_type) { case IS_CONST: should_free->var = 0; return &node->u.constant; break; case IS_TMP_VAR: - should_free->var = TMP_FREE(&T(node->u.var).tmp_var); - return &T(node->u.var).tmp_var; + return should_free->var = &T(node->u.var).tmp_var; break; case IS_VAR: if (T(node->u.var).var.ptr) { @@ -147,7 +139,7 @@ static inline zval *_get_zval_ptr(znode *node, temp_variable *Ts, zend_free_op * zval *str = T->str_offset.str; /* string offset */ - should_free->var = TMP_FREE(&T(node->u.var).tmp_var); + should_free->var = &T(node->u.var).tmp_var; if (T->str_offset.str->type != IS_STRING || ((int)T->str_offset.offset<0) @@ -193,131 +185,49 @@ static inline zval **_get_zval_ptr_ptr(znode *node, temp_variable *Ts, zend_free } } -#ifdef ZEND_VM_SPEC - -static inline zval *_get_zval_ptr_const(znode *node, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - return &node->u.constant; -} - -static inline zval *_get_zval_ptr_tmp(znode *node, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) +static inline void zend_fetch_property_address_inner(zval *object, znode *op2, znode *result, temp_variable *Ts, int type TSRMLS_DC) { - return should_free->var = &T(node->u.var).tmp_var; -} + zend_free_op free_op2; + zval *prop_ptr = get_zval_ptr(op2, Ts, &free_op2, BP_VAR_R); + zval tmp; -static inline zval *_get_zval_ptr_var(znode *node, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - if (T(node->u.var).var.ptr) { - PZVAL_UNLOCK(T(node->u.var).var.ptr, should_free); - return T(node->u.var).var.ptr; - } else { - temp_variable *T = &T(node->u.var); - zval *str = T->str_offset.str; - - /* string offset */ - should_free->var = TMP_FREE(&T(node->u.var).tmp_var); - - if (T->str_offset.str->type != IS_STRING - || ((int)T->str_offset.offset<0) - || (T->str_offset.str->value.str.len <= T->str_offset.offset)) { - zend_error(E_NOTICE, "Uninitialized string offset: %d", T->str_offset.offset); - T->tmp_var.value.str.val = STR_EMPTY_ALLOC(); - T->tmp_var.value.str.len = 0; - } else { - char c = str->value.str.val[T->str_offset.offset]; - T->tmp_var.value.str.val = estrndup(&c, 1); - T->tmp_var.value.str.len = 1; - } - PZVAL_UNLOCK_FREE(str); - T->tmp_var.refcount=1; - T->tmp_var.is_ref=1; - T->tmp_var.type = IS_STRING; - return &T->tmp_var; + switch (op2->op_type) { + case IS_CONST: + /* already a constant string */ + break; + case IS_VAR: + tmp = *prop_ptr; + zval_copy_ctor(&tmp); + convert_to_string(&tmp); + prop_ptr = &tmp; + break; + case IS_TMP_VAR: + convert_to_string(prop_ptr); + break; } -} - -static inline zval *_get_zval_ptr_unused(znode *node, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - return NULL; -} - -static inline zval **_get_zval_ptr_ptr_const(znode *node, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - return NULL; -} - -static inline zval **_get_zval_ptr_ptr_tmp(znode *node, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - return NULL; -} -static inline zval **_get_zval_ptr_ptr_var(znode *node, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - if (T(node->u.var).var.ptr_ptr) { - PZVAL_UNLOCK(*T(node->u.var).var.ptr_ptr, should_free); + if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { + zval **ptr_ptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, prop_ptr TSRMLS_CC); + if(NULL == ptr_ptr) { + zend_error(E_ERROR, "Cannot access undefined property %s::$%s for object with overloaded property access", Z_OBJCE_P(object)->name, Z_STRVAL_P(prop_ptr)); + } + T(result->u.var).var.ptr_ptr = ptr_ptr; + } else if (Z_OBJ_HT_P(object)->read_property) { + T(result->u.var).var.ptr = Z_OBJ_HT_P(object)->read_property(object, prop_ptr, BP_VAR_W TSRMLS_CC); + T(result->u.var).var.ptr_ptr = &T(result->u.var).var.ptr; } else { - /* string offset */ - PZVAL_UNLOCK(T(node->u.var).str_offset.str, should_free); + zend_error(E_WARNING, "This object doesn't support property references"); + T(result->u.var).var.ptr_ptr = &EG(error_zval_ptr); } - return T(node->u.var).var.ptr_ptr; -} - -static inline zval **_get_zval_ptr_ptr_unused(znode *node, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - return NULL; -} - -static inline zval *_get_obj_zval_ptr_const(znode *op, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - return _get_zval_ptr_const(op, Ts, should_free TSRMLS_CC); -} - -static inline zval *_get_obj_zval_ptr_tmp(znode *op, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - return _get_zval_ptr_tmp(op, Ts, should_free TSRMLS_CC); -} - -static inline zval *_get_obj_zval_ptr_var(znode *op, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - return _get_zval_ptr_var(op, Ts, should_free TSRMLS_CC); -} - -static inline zval *_get_obj_zval_ptr_unused(znode *op, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - if (EG(This)) { - return EG(This); - } else { - zend_error_noreturn(E_ERROR, "Using $this when not in object context"); - return NULL; + + if (prop_ptr == &tmp) { + zval_dtor(prop_ptr); } + FREE_OP(free_op2); } -static inline zval **_get_obj_zval_ptr_ptr_const(znode *op, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - return _get_zval_ptr_ptr_const(op, Ts, should_free TSRMLS_CC); -} -static inline zval **_get_obj_zval_ptr_ptr_tmp(znode *op, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - return _get_zval_ptr_ptr_tmp(op, Ts, should_free TSRMLS_CC); -} - -static inline zval **_get_obj_zval_ptr_ptr_var(znode *op, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - return _get_zval_ptr_ptr_var(op, Ts, should_free TSRMLS_CC); -} - -static inline zval **_get_obj_zval_ptr_ptr_unused(znode *op, temp_variable *Ts, zend_free_op *should_free TSRMLS_DC) -{ - if (EG(This)) { - return &EG(This); - } else { - zend_error_noreturn(E_ERROR, "Using $this when not in object context"); - return NULL; - } -} -#endif static inline void zend_switch_free(zend_op *opline, temp_variable *Ts TSRMLS_DC) { @@ -343,13 +253,13 @@ static inline void zend_switch_free(zend_op *opline, temp_variable *Ts TSRMLS_DC } } -static void zend_assign_to_variable_reference(zval **variable_ptr_ptr, zval **value_ptr_ptr TSRMLS_DC) +void zend_assign_to_variable_reference(znode *result, zval **variable_ptr_ptr, zval **value_ptr_ptr, temp_variable *Ts TSRMLS_DC) { zval *variable_ptr; zval *value_ptr; if (!value_ptr_ptr || !variable_ptr_ptr) { - zend_error_noreturn(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects"); + zend_error(E_ERROR, "Cannot create references to/from string offsets nor overloaded objects"); return; } @@ -395,6 +305,12 @@ static void zend_assign_to_variable_reference(zval **variable_ptr_ptr, zval **va } (*variable_ptr_ptr)->is_ref = 1; } + + if (result && !RETURN_VALUE_UNUSED(result)) { + T(result->u.var).var.ptr_ptr = variable_ptr_ptr; + PZVAL_LOCK(*variable_ptr_ptr); + AI_USE_PTR(T(result->u.var).var); + } } static inline void make_real_object(zval **object_ptr TSRMLS_DC) @@ -420,7 +336,7 @@ static inline zval **_get_obj_zval_ptr_ptr(znode *op, temp_variable *Ts, zend_fr should_free->var = 0; return &EG(This); } else { - zend_error_noreturn(E_ERROR, "Using $this when not in object context"); + zend_error(E_ERROR, "Using $this when not in object context"); } } return _get_zval_ptr_ptr(op, Ts, should_free TSRMLS_CC); @@ -433,7 +349,7 @@ static inline zval *_get_obj_zval_ptr(znode *op, temp_variable *Ts, zend_free_op should_free->var = 0; return EG(This); } else { - zend_error_noreturn(E_ERROR, "Using $this when not in object context"); + zend_error(E_ERROR, "Using $this when not in object context"); } } return _get_zval_ptr(op, Ts, should_free TSRMLS_CC); @@ -453,12 +369,12 @@ static inline void zend_verify_arg_type(zend_function *zf, zend_uint arg_num, zv if (cur_arg_info->class_name) { if (!arg) { - zend_error_noreturn(E_ERROR, "Argument %d must be an object of class %s", arg_num, cur_arg_info->class_name); + zend_error(E_ERROR, "Argument %d must be an object of class %s", arg_num, cur_arg_info->class_name); } switch (Z_TYPE_P(arg)) { case IS_NULL: if (!cur_arg_info->allow_null) { - zend_error_noreturn(E_ERROR, "Argument %d must not be null", arg_num); + zend_error(E_ERROR, "Argument %d must not be null", arg_num); } break; case IS_OBJECT: { @@ -471,18 +387,17 @@ static inline void zend_verify_arg_type(zend_function *zf, zend_uint arg_num, zv } else { error_msg = "be an instance of"; } - zend_error_noreturn(E_ERROR, "Argument %d must %s %s", arg_num, error_msg, ce->name); + zend_error(E_ERROR, "Argument %d must %s %s", arg_num, error_msg, ce->name); } } break; default: - zend_error_noreturn(E_ERROR, "Argument %d must be an object of class %s", arg_num, cur_arg_info->class_name); + zend_error(E_ERROR, "Argument %d must be an object of class %s", arg_num, cur_arg_info->class_name); break; } } } - static inline void zend_assign_to_object(znode *result, zval **object_ptr, znode *op2, znode *value_op, temp_variable *Ts, int opcode TSRMLS_DC) { zval *object; @@ -516,7 +431,7 @@ static inline void zend_assign_to_object(znode *result, zval **object_ptr, znode value->is_ref = 0; value->refcount = 0; if (Z_OBJ_HANDLER_P(value, clone_obj) == NULL) { - zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", Z_OBJCE_P(orig_value)->name); + zend_error(E_ERROR, "Trying to clone an uncloneable object of class %s", Z_OBJCE_P(orig_value)->name); } zend_error(E_STRICT, "Implicit cloning object of class '%s' because of 'zend.ze1_compatibility_mode'", Z_OBJCE_P(orig_value)->name); value->value.obj = Z_OBJ_HANDLER_P(orig_value, clone_obj)(orig_value TSRMLS_CC); @@ -563,7 +478,7 @@ static inline void zend_assign_to_object(znode *result, zval **object_ptr, znode } else { /* Note: property_name in this case is really the array index! */ if (!Z_OBJ_HT_P(object)->write_dimension) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); + zend_error(E_ERROR, "Cannot use object as array"); } Z_OBJ_HT_P(object)->write_dimension(object, property_name, value TSRMLS_CC); } @@ -575,7 +490,7 @@ static inline void zend_assign_to_object(znode *result, zval **object_ptr, znode PZVAL_LOCK(value); } zval_ptr_dtor(&value); - FREE_OP_IF_VAR(free_value); + FREE_OP_VAR(free_value); } @@ -614,7 +529,7 @@ static inline void zend_assign_to_variable(znode *result, znode *op1, znode *op2 if (value->type!=IS_STRING) { tmp = *value; - if (op2->op_type == IS_VAR) { + if (op2 && op2->op_type == IS_VAR) { zval_copy_ctor(&tmp); } convert_to_string(&tmp); @@ -623,25 +538,27 @@ static inline void zend_assign_to_variable(znode *result, znode *op1, znode *op2 T->str_offset.str->value.str.val[T->str_offset.offset] = final_value->value.str.val[0]; - if (op2->op_type == IS_VAR) { - if (value == &T(op2->u.var).tmp_var) { - if (result->u.EA.type & EXT_TYPE_UNUSED) { - /* We are not going to use return value, drop it */ - STR_FREE(value->value.str.val); - } else { - /* We are going to use return value, make it real zval */ - ALLOC_ZVAL(value); - *value = T(op2->u.var).tmp_var; - value->is_ref = 0; - value->refcount = 0; /* LOCK will increase it */ + if (op2) { + if (op2->op_type == IS_VAR) { + if (value == &T(op2->u.var).tmp_var) { + if (result->u.EA.type & EXT_TYPE_UNUSED) { + /* We are not going to use return value, drop it */ + STR_FREE(value->value.str.val); + } else { + /* We are going to use return value, make it real zval */ + ALLOC_ZVAL(value); + *value = T(op2->u.var).tmp_var; + value->is_ref = 0; + value->refcount = 0; /* LOCK will increase it */ + } + } + } else { + if (final_value == &T(op2->u.var).tmp_var) { + /* we can safely free final_value here + * because separation is done only + * in case op2->op_type == IS_VAR */ + STR_FREE(final_value->value.str.val); } - } - } else { - if (final_value == &T(op2->u.var).tmp_var) { - /* we can safely free final_value here - * because separation is done only - * in case op2->op_type == IS_VAR */ - STR_FREE(final_value->value.str.val); } } if (final_value == &tmp) { @@ -688,7 +605,7 @@ static inline void zend_assign_to_variable(znode *result, znode *op1, znode *op2 if (EG(ze1_compatibility_mode) && Z_TYPE_P(value) == IS_OBJECT) { if (Z_OBJ_HANDLER_P(value, clone_obj) == NULL) { - zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", Z_OBJCE_P(value)->name); + zend_error(E_ERROR, "Trying to clone an uncloneable object of class %s", Z_OBJCE_P(value)->name); } else if (PZVAL_IS_REF(variable_ptr)) { if (variable_ptr != value) { zend_uint refcount = variable_ptr->refcount; @@ -807,29 +724,6 @@ done_setting_var: } -static inline void zend_receive(zval **variable_ptr_ptr, zval *value TSRMLS_DC) -{ - zval *variable_ptr = *variable_ptr_ptr; - - if (EG(ze1_compatibility_mode) && Z_TYPE_P(value) == IS_OBJECT) { - if (Z_OBJ_HANDLER_P(value, clone_obj) == NULL) { - zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", Z_OBJCE_P(value)->name); - } else { - variable_ptr->refcount--; - ALLOC_ZVAL(variable_ptr); - *variable_ptr_ptr = variable_ptr; - *variable_ptr = *value; - INIT_PZVAL(variable_ptr); - zend_error(E_STRICT, "Implicit cloning object of class '%s' because of 'zend.ze1_compatibility_mode'", Z_OBJCE_P(value)->name); - variable_ptr->value.obj = Z_OBJ_HANDLER_P(value, clone_obj)(value TSRMLS_CC); - } - } else { - variable_ptr->refcount--; - *variable_ptr_ptr = value; - value->refcount++; - } -} - /* Utility Functions for Extensions */ static void zend_extension_statement_handler(zend_extension *extension, zend_op_array *op_array TSRMLS_DC) { @@ -855,6 +749,12 @@ static void zend_extension_fcall_end_handler(zend_extension *extension, zend_op_ } +static void print_refcount(zval *p, char *str) +{ + print_refcount(NULL, NULL); +} + + static inline HashTable *zend_get_target_symbol_table(zend_op *opline, temp_variable *Ts, int type, zval *variable TSRMLS_DC) { switch (opline->op2.u.EA.type) { @@ -876,8 +776,81 @@ static inline HashTable *zend_get_target_symbol_table(zend_op *opline, temp_vari return NULL; } -static inline zval **zend_fetch_dimension_address_inner(HashTable *ht, zval *dim, int type TSRMLS_DC) + +static void zend_fetch_var_address(zend_op *opline, temp_variable *Ts, int type TSRMLS_DC) +{ + zend_free_op free_op1; + zval *varname = get_zval_ptr(&opline->op1, Ts, &free_op1, BP_VAR_R); + zval **retval; + zval tmp_varname; + HashTable *target_symbol_table; + zend_bool free_tmp = 0; + + if (varname->type != IS_STRING) { + tmp_varname = *varname; + zval_copy_ctor(&tmp_varname); + convert_to_string(&tmp_varname); + varname = &tmp_varname; + free_tmp = 1; + } + + if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) { + target_symbol_table = NULL; + retval = zend_std_get_static_property(T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0 TSRMLS_CC); + } else { + if (opline->op2.u.EA.type == ZEND_FETCH_GLOBAL && opline->op1.op_type == IS_VAR) { + varname->refcount++; + } + target_symbol_table = zend_get_target_symbol_table(opline, Ts, type, varname TSRMLS_CC); + if (!target_symbol_table) { + return; + } + if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &retval) == FAILURE) { + switch (type) { + case BP_VAR_R: + zend_error(E_NOTICE,"Undefined variable: %s", varname->value.str.val); + /* break missing intentionally */ + case BP_VAR_IS: + retval = &EG(uninitialized_zval_ptr); + break; + case BP_VAR_RW: + zend_error(E_NOTICE,"Undefined variable: %s", varname->value.str.val); + /* break missing intentionally */ + case BP_VAR_W: { + zval *new_zval = &EG(uninitialized_zval); + + new_zval->refcount++; + zend_hash_update(target_symbol_table, varname->value.str.val, varname->value.str.len+1, &new_zval, sizeof(zval *), (void **) &retval); + } + break; + EMPTY_SWITCH_DEFAULT_CASE() + } + } + switch (opline->op2.u.EA.type) { + case ZEND_FETCH_LOCAL: + FREE_OP(free_op1); + break; + case ZEND_FETCH_STATIC: + zval_update_constant(retval, (void*) 1 TSRMLS_CC); + break; + } + } + + + if (free_tmp) { + zval_dtor(varname); + } + if (!RETURN_VALUE_UNUSED(&opline->result)) { + T(opline->result.u.var).var.ptr_ptr = retval; + PZVAL_LOCK(*retval); + } +} + + +static inline zval **zend_fetch_dimension_address_inner(HashTable *ht, znode *op2, temp_variable *Ts, int type TSRMLS_DC) { + zend_free_op free_op2; + zval *dim = get_zval_ptr(op2, Ts, &free_op2, BP_VAR_R); zval **retval; char *offset_key; int offset_key_length; @@ -965,27 +938,32 @@ fetch_string_dim: } break; } + FREE_OP(free_op2); return retval; } -static void zend_fetch_dimension_address(temp_variable *result, zval **container_ptr, zval *dim, int type TSRMLS_DC) +static void zend_fetch_dimension_address(znode *result, znode *op1, znode *op2, temp_variable *Ts, int type TSRMLS_DC) { + zend_free_op free_op1; + zval **container_ptr = get_zval_ptr_ptr(op1, Ts, &free_op1, type); zval *container; + zval ***retval = &T(result->u.var).var.ptr_ptr; if (!container_ptr) { - zend_error_noreturn(E_ERROR, "Cannot use string offset as an array"); + zend_error(E_ERROR, "Cannot use string offset as an array"); } container = *container_ptr; if (container == EG(error_zval_ptr)) { - if (result) { - result->var.ptr_ptr = &EG(error_zval_ptr); - PZVAL_LOCK(*result->var.ptr_ptr); + if (!RETURN_VALUE_UNUSED(result)) { + *retval = &EG(error_zval_ptr); + PZVAL_LOCK(**retval); if (type == BP_VAR_R || type == BP_VAR_IS) { - AI_USE_PTR(result->var); + AI_USE_PTR(T(result->u.var).var); } } + FREE_OP_VAR_PTR(free_op1); return; } @@ -1005,59 +983,54 @@ static void zend_fetch_dimension_address(temp_variable *result, zval **container } switch (container->type) { - zval **retval; - case IS_ARRAY: if ((type==BP_VAR_W || type==BP_VAR_RW) && container->refcount>1 && !PZVAL_IS_REF(container)) { SEPARATE_ZVAL(container_ptr); container = *container_ptr; } - if (dim == NULL) { -/* if (op2->op_type == IS_UNUSED) { -*/ zval *new_zval = &EG(uninitialized_zval); new_zval->refcount++; - if (zend_hash_next_index_insert(container->value.ht, &new_zval, sizeof(zval *), (void **) &retval) == FAILURE) { + if (zend_hash_next_index_insert(container->value.ht, &new_zval, sizeof(zval *), (void **) retval) == FAILURE) { zend_error(E_WARNING, "Cannot add element to the array as the next element is already occupied"); - retval = &EG(uninitialized_zval_ptr); + *retval = &EG(uninitialized_zval_ptr); new_zval->refcount--; } } else { - retval = zend_fetch_dimension_address_inner(container->value.ht, dim, type TSRMLS_CC); - } - if (result) { - result->var.ptr_ptr = retval; - PZVAL_LOCK(*result->var.ptr_ptr); + *retval = zend_fetch_dimension_address_inner(container->value.ht, op2, Ts, type TSRMLS_CC); } + SELECTIVE_PZVAL_LOCK(**retval, result); break; case IS_NULL: { /* for read-mode only */ - if (result) { - result->var.ptr_ptr = &EG(uninitialized_zval_ptr); - PZVAL_LOCK(*result->var.ptr_ptr); - } + zend_free_op free_op2; + + get_zval_ptr(op2, Ts, &free_op2, BP_VAR_R); + *retval = &EG(uninitialized_zval_ptr); + SELECTIVE_PZVAL_LOCK(**retval, result); + FREE_OP(free_op2); if (type==BP_VAR_W || type==BP_VAR_RW) { zend_error(E_WARNING, "Cannot use a NULL value as an array"); } break; } case IS_STRING: { + zend_free_op free_op2; + zval *offset; zval tmp; - if (dim == NULL) { -/* if (op2->op_type==IS_UNUSED) { -*/ - zend_error_noreturn(E_ERROR, "[] operator not supported for strings"); + zend_error(E_ERROR, "[] operator not supported for strings"); } - if (dim->type != IS_LONG) { - tmp = *dim; + offset = get_zval_ptr(op2, Ts, &free_op2, BP_VAR_R); + + if (offset->type != IS_LONG) { + tmp = *offset; zval_copy_ctor(&tmp); convert_to_long(&tmp); - dim = &tmp; + offset = &tmp; } switch (type) { case BP_VAR_R: @@ -1069,23 +1042,25 @@ static void zend_fetch_dimension_address(temp_variable *result, zval **container SEPARATE_ZVAL_IF_NOT_REF(container_ptr); break; } - if (result) { - container = *container_ptr; - result->str_offset.str = container; - PZVAL_LOCK(container); - result->str_offset.offset = dim->value.lval; - result->var.ptr_ptr = NULL; - if (type == BP_VAR_R || type == BP_VAR_IS) { - AI_USE_PTR(result->var); - } + container = *container_ptr; + T(result->u.var).str_offset.str = container; + PZVAL_LOCK(container); + T(result->u.var).str_offset.offset = offset->value.lval; + FREE_OP(free_op2); + *retval = NULL; + if (type == BP_VAR_R || type == BP_VAR_IS) { + AI_USE_PTR(T(result->u.var).var); } + FREE_OP_VAR_PTR(free_op1); return; } break; case IS_OBJECT: if (!Z_OBJ_HT_P(container)->read_dimension) { - zend_error_noreturn(E_ERROR, "Cannot use object as array"); + zend_error(E_ERROR, "Cannot use object as array"); } else { + zend_free_op free_op2; + zval *dim = get_zval_ptr(op2, Ts, &free_op2, BP_VAR_R); zval *overloaded_result = Z_OBJ_HT_P(container)->read_dimension(container, dim, type TSRMLS_CC); if (overloaded_result) { @@ -1094,62 +1069,83 @@ static void zend_fetch_dimension_address(temp_variable *result, zval **container case BP_VAR_W: if (overloaded_result->type != IS_OBJECT && !overloaded_result->is_ref) { - zend_error_noreturn(E_ERROR, "Objects used as arrays in post/pre increment/decrement must return values by reference"); + zend_error(E_ERROR, "Objects used as arrays in post/pre increment/decrement must return values by reference"); } break; } - retval = &overloaded_result; + *retval = &overloaded_result; } else { - retval = &EG(error_zval_ptr); + *retval = &EG(error_zval_ptr); } - if (result) { - result->var.ptr_ptr = retval; - AI_USE_PTR(result->var); - PZVAL_LOCK(*result->var.ptr_ptr); - } - return; + AI_USE_PTR(T(result->u.var).var); + FREE_OP(free_op2); + SELECTIVE_PZVAL_LOCK(**retval, result); } break; - default: { + default: { + zend_free_op free_op2; + + get_zval_ptr(op2, Ts, &free_op2, BP_VAR_R); + switch (type) { case BP_VAR_UNSET: zend_error(E_WARNING, "Cannot unset offset in a non-array variable"); /* break missing intentionally */ case BP_VAR_R: case BP_VAR_IS: - retval = &EG(uninitialized_zval_ptr); + *retval = &EG(uninitialized_zval_ptr); break; default: - retval = &EG(error_zval_ptr); + *retval = &EG(error_zval_ptr); break; } - if (result) { - result->var.ptr_ptr = retval; - PZVAL_LOCK(*result->var.ptr_ptr); - } + FREE_OP(free_op2); + SELECTIVE_PZVAL_LOCK(**retval, result); if (type==BP_VAR_W || type==BP_VAR_RW) { zend_error(E_WARNING, "Cannot use a scalar value as an array"); } } break; } - if (result && (type == BP_VAR_R || type == BP_VAR_IS)) { - AI_USE_PTR(result->var); + if (type == BP_VAR_R || type == BP_VAR_IS) { + AI_USE_PTR(T(result->u.var).var); + } + FREE_OP_VAR_PTR(free_op1); +} + + +static void zend_fetch_dimension_address_from_tmp_var(znode *result, znode *op1, znode *op2, temp_variable *Ts TSRMLS_DC) +{ + zend_free_op free_op1; + zval *container = get_zval_ptr(op1, Ts, &free_op1, BP_VAR_R); + + if (container->type != IS_ARRAY) { + if (!RETURN_VALUE_UNUSED(result)) { + T(result->u.var).var.ptr_ptr = &EG(uninitialized_zval_ptr); + PZVAL_LOCK(*T(result->u.var).var.ptr_ptr); + } + return; } + + T(result->u.var).var.ptr_ptr = zend_fetch_dimension_address_inner(container->value.ht, op2, Ts, BP_VAR_R TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(*T(result->u.var).var.ptr_ptr, result); } -static void zend_fetch_property_address(temp_variable *result, zval **container_ptr, zval *prop_ptr, int op2_type, int type TSRMLS_DC) +static void zend_fetch_property_address(znode *result, znode *op1, znode *op2, temp_variable *Ts, int type TSRMLS_DC) { + zend_free_op free_op1; + zval **container_ptr = get_obj_zval_ptr_ptr(op1, Ts, &free_op1, type); zval *container; - zval tmp; + zval ***retval = &T(result->u.var).var.ptr_ptr; container = *container_ptr; if (container == EG(error_zval_ptr)) { - if (result) { - result->var.ptr_ptr = &EG(error_zval_ptr); - PZVAL_LOCK(*result->var.ptr_ptr); + if (!RETURN_VALUE_UNUSED(result)) { + *retval = &EG(error_zval_ptr); + PZVAL_LOCK(**retval); } + FREE_OP_VAR_PTR(free_op1); return; } /* this should modify object only if it's empty */ @@ -1169,103 +1165,227 @@ static void zend_fetch_property_address(temp_variable *result, zval **container_ } if (container->type != IS_OBJECT) { - if (result) { + zend_free_op free_op2; + + get_zval_ptr(op2, Ts, &free_op2, BP_VAR_R); + FREE_OP(free_op2); + if (!RETURN_VALUE_UNUSED(result)) { if (type == BP_VAR_R || type == BP_VAR_IS) { - result->var.ptr_ptr = &EG(uninitialized_zval_ptr); + *retval = &EG(uninitialized_zval_ptr); } else { - result->var.ptr_ptr = &EG(error_zval_ptr); + *retval = &EG(error_zval_ptr); } - PZVAL_LOCK(*result->var.ptr_ptr); + PZVAL_LOCK(**retval); } + FREE_OP_VAR_PTR(free_op1); return; } - + + if ((type==BP_VAR_W || type==BP_VAR_RW) && container->refcount>1 && !PZVAL_IS_REF(container)) { SEPARATE_ZVAL(container_ptr); container = *container_ptr; } + zend_fetch_property_address_inner(container, op2, result, Ts, type TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(**retval, result); + FREE_OP_VAR_PTR(free_op1); +} - switch (op2_type) { - case IS_CONST: - /* already a constant string */ - break; - case IS_VAR: - tmp = *prop_ptr; - zval_copy_ctor(&tmp); - convert_to_string(&tmp); - prop_ptr = &tmp; - break; - case IS_TMP_VAR: - convert_to_string(prop_ptr); - break; +static void zend_fetch_property_address_read(znode *result, znode *op1, znode *op2, temp_variable *Ts, int type TSRMLS_DC) +{ + zval *container; + zval **retval; + zend_free_op free_op1; + + retval = &T(result->u.var).var.ptr; + T(result->u.var).var.ptr_ptr = retval; + + container = get_obj_zval_ptr(op1, Ts, &free_op1, type); + + if (container == EG(error_zval_ptr)) { + if (!RETURN_VALUE_UNUSED(result)) { + *retval = EG(error_zval_ptr); + PZVAL_LOCK(*retval); + AI_USE_PTR(T(result->u.var).var); + } + FREE_OP(free_op1); + return; } - if (Z_OBJ_HT_P(container)->get_property_ptr_ptr) { - zval **ptr_ptr = Z_OBJ_HT_P(container)->get_property_ptr_ptr(container, prop_ptr TSRMLS_CC); - if(NULL == ptr_ptr) { - zend_error_noreturn(E_ERROR, "Cannot access undefined property %s::$%s for object with overloaded property access", Z_OBJCE_P(container)->name, Z_STRVAL_P(prop_ptr)); + + if (container->type != IS_OBJECT) { + zend_error(E_NOTICE, "Trying to get property of non-object"); + + if (type==BP_VAR_R || type==BP_VAR_IS) { + *retval = EG(uninitialized_zval_ptr); + } else { + *retval = EG(error_zval_ptr); } - if (result) { - result->var.ptr_ptr = ptr_ptr; + } else { + zend_free_op free_op2; + zval *offset; + zval tmp; + + offset = get_zval_ptr(op2, Ts, &free_op2, BP_VAR_R); + switch (op2->op_type) { + case IS_CONST: + /* already a constant string */ + break; + case IS_VAR: + tmp = *offset; + zval_copy_ctor(&tmp); + convert_to_string(&tmp); + offset = &tmp; + break; + case IS_TMP_VAR: + convert_to_string(offset); + break; } - } else if (Z_OBJ_HT_P(container)->read_property) { - if (result) { - result->var.ptr = Z_OBJ_HT_P(container)->read_property(container, prop_ptr, BP_VAR_W TSRMLS_CC); - result->var.ptr_ptr = &result->var.ptr; + + /* here we are sure we are dealing with an object */ + *retval = Z_OBJ_HT_P(container)->read_property(container, offset, type TSRMLS_CC); + if (offset == &tmp) { + zval_dtor(offset); } - } else { - zend_error(E_WARNING, "This object doesn't support property references"); - if (result) { - result->var.ptr_ptr = &EG(error_zval_ptr); + FREE_OP(free_op2); + + if (RETURN_VALUE_UNUSED(result) && ((*retval)->refcount == 0)) { + zval_dtor(*retval); + FREE_ZVAL(*retval); + return; /* no need for locking */ } } - if (prop_ptr == &tmp) { - zval_dtor(prop_ptr); + SELECTIVE_PZVAL_LOCK(*retval, result); + AI_USE_PTR(T(result->u.var).var); + FREE_OP(free_op1); +} + +static void zend_pre_incdec_property(znode *result, znode *op1, znode *op2, temp_variable * Ts, int (*incdec_op)(zval *) TSRMLS_DC) +{ + zend_free_op free_op1, free_op2; + zval **object_ptr = get_obj_zval_ptr_ptr(op1, Ts, &free_op1, BP_VAR_W); + zval *object; + zval *property = get_zval_ptr(op2, Ts, &free_op2, BP_VAR_R); + zval **retval = &T(result->u.var).var.ptr; + int have_get_ptr = 0; + + make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ + object = *object_ptr; + + if (object->type != IS_OBJECT) { + zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); + FREE_OP(free_op2); + if (!RETURN_VALUE_UNUSED(result)) { + *retval = EG(uninitialized_zval_ptr); + PZVAL_LOCK(*retval); + } + FREE_OP_VAR_PTR(free_op1); + return; } + + /* here we are sure we are dealing with an object */ - if (result) { - PZVAL_LOCK(*result->var.ptr_ptr); - } + if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { + zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC); + if (zptr != NULL) { /* NULL means no success in getting PTR */ + SEPARATE_ZVAL_IF_NOT_REF(zptr); + + have_get_ptr = 1; + incdec_op(*zptr); + if (!RETURN_VALUE_UNUSED(result)) { + *retval = *zptr; + PZVAL_LOCK(*retval); + } + } + } + + if (!have_get_ptr) { + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_RW TSRMLS_CC); + + if (z->type == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + + if (z->refcount == 0) { + zval_dtor(z); + FREE_ZVAL(z); + } + z = value; + } + z->refcount++; + SEPARATE_ZVAL_IF_NOT_REF(&z); + incdec_op(z); + *retval = z; + Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC); + SELECTIVE_PZVAL_LOCK(*retval, result); + zval_ptr_dtor(&z); + } + + FREE_OP(free_op2); + FREE_OP_VAR_PTR(free_op1); } -static inline zend_brk_cont_element* zend_brk_cont(zval *nest_levels_zval, int array_offset, zend_op_array *op_array, temp_variable *Ts TSRMLS_DC) +static void zend_post_incdec_property(znode *result, znode *op1, znode *op2, temp_variable * Ts, int (*incdec_op)(zval *) TSRMLS_DC) { - zval tmp; - int nest_levels, original_nest_levels; - zend_brk_cont_element *jmp_to; + zend_free_op free_op1, free_op2; + zval **object_ptr = get_obj_zval_ptr_ptr(op1, Ts, &free_op1, BP_VAR_W); + zval *object; + zval *property = get_zval_ptr(op2, Ts, &free_op2, BP_VAR_R); + zval *retval = &T(result->u.var).tmp_var; + int have_get_ptr = 0; - if (nest_levels_zval->type != IS_LONG) { - tmp = *nest_levels_zval; - zval_copy_ctor(&tmp); - convert_to_long(&tmp); - nest_levels = tmp.value.lval; - } else { - nest_levels = nest_levels_zval->value.lval; + make_real_object(object_ptr TSRMLS_CC); /* this should modify object only if it's empty */ + object = *object_ptr; + + if (object->type != IS_OBJECT) { + zend_error(E_WARNING, "Attempt to increment/decrement property of non-object"); + FREE_OP(free_op2); + *retval = *EG(uninitialized_zval_ptr); + FREE_OP_VAR_PTR(free_op1); + return; } - original_nest_levels = nest_levels; - do { - if (array_offset==-1) { - zend_error_noreturn(E_ERROR, "Cannot break/continue %d level%s", original_nest_levels, (original_nest_levels == 1) ? "" : "s"); + + /* here we are sure we are dealing with an object */ + + if (Z_OBJ_HT_P(object)->get_property_ptr_ptr) { + zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC); + if (zptr != NULL) { /* NULL means no success in getting PTR */ + have_get_ptr = 1; + SEPARATE_ZVAL_IF_NOT_REF(zptr); + + *retval = **zptr; + zendi_zval_copy_ctor(*retval); + + incdec_op(*zptr); + } - jmp_to = &op_array->brk_cont_array[array_offset]; - if (nest_levels>1) { - zend_op *brk_opline = &op_array->opcodes[jmp_to->brk]; + } - switch (brk_opline->opcode) { - case ZEND_SWITCH_FREE: - zend_switch_free(brk_opline, Ts TSRMLS_CC); - break; - case ZEND_FREE: - zendi_zval_dtor(T(brk_opline->op1.u.var).tmp_var); - break; + if (!have_get_ptr) { + zval *z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_RW TSRMLS_CC); + + if (z->type == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + + if (z->refcount == 0) { + zval_dtor(z); + FREE_ZVAL(z); } + z = value; } - array_offset = jmp_to->parent; - } while (--nest_levels > 0); - return jmp_to; + *retval = *z; + zendi_zval_copy_ctor(*retval); + incdec_op(z); + z->refcount++; + Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC); + zval_ptr_dtor(&z); + } + + FREE_OP(free_op2); + FREE_OP_VAR_PTR(free_op1); } + #if ZEND_INTENSIVE_DEBUGGING #define CHECK_SYMBOL_TABLES() \ @@ -1294,7 +1414,32 @@ static int zend_check_symbol(zval **pz TSRMLS_DC) #define CHECK_SYMBOL_TABLES() #endif -ZEND_API opcode_handler_t *zend_opcode_handlers; +#define NEXT_OPCODE() \ + CHECK_SYMBOL_TABLES() \ + EX(opline)++; \ + return 0; /* CHECK_ME */ + +#define SET_OPCODE(new_op) \ + CHECK_SYMBOL_TABLES() \ + EX(opline) = new_op; + +#define INC_OPCODE() \ + if (!EG(exception)) { \ + CHECK_SYMBOL_TABLES() \ + EX(opline)++; \ + } + +#define RETURN_FROM_EXECUTE_LOOP(execute_data) \ + if (EX(op_array)->T < TEMP_VAR_STACK_LIMIT) { \ + free_alloca(EX(Ts)); \ + } else { \ + efree(EX(Ts)); \ + } \ + EG(in_execution) = EX(original_in_execution); \ + EG(current_execute_data) = EX(prev_execute_data); \ + return 1; /* CHECK_ME */ + +ZEND_API opcode_handler_t zend_opcode_handlers[512]; ZEND_API void execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC) { @@ -1304,16 +1449,6 @@ ZEND_API void execute_internal(zend_execute_data *execute_data_ptr, int return_v ZEND_API void execute(zend_op_array *op_array TSRMLS_DC) { zend_execute_data execute_data; - ZEND_VM_HELPER_VAR(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC)) - ZEND_VM_HELPER_VAR(incdec_t incdec_op) - ZEND_VM_HELPER_VAR(int prop_dim) - ZEND_VM_HELPER_VAR(int type) - -#if ZEND_VM_KIND == ZEND_VM_KIND_GOTO - if (op_array == NULL) { - goto init_labels; - } -#endif /* Initialize execute_data */ EX(fbc) = NULL; @@ -1330,9 +1465,9 @@ ZEND_API void execute(zend_op_array *op_array TSRMLS_DC) EG(in_execution) = 1; if (op_array->start_op) { - ZEND_VM_SET_OPCODE(op_array->start_op); + SET_OPCODE(op_array->start_op); } else { - ZEND_VM_SET_OPCODE(op_array->opcodes); + SET_OPCODE(op_array->opcodes); } if (op_array->uses_this && EG(This)) { @@ -1354,50 +1489,3364 @@ ZEND_API void execute(zend_op_array *op_array TSRMLS_DC) #endif while (1) { -ZEND_VM_CONTINUE_LABEL #ifdef ZEND_WIN32 if (EG(timed_out)) { zend_timeout(0); } #endif - ZEND_VM_DISPATCH() { -#if ZEND_VM_KIND == ZEND_VM_KIND_CALL + if (EX(opline)->handler(&execute_data TSRMLS_CC)) { return; -#else -# include "zend_vm_spec.h" -#endif } + } + zend_error(E_ERROR, "Arrived at end of main loop which shouldn't happen"); +} + +/* CHECK_ME */ +#undef EX +#define EX(element) execute_data->element + +int zend_add_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + add_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_sub_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + sub_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_mul_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + mul_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_div_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + div_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_mod_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + mod_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_sl_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + shift_left_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_sr_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + shift_right_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_concat_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + concat_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_is_identical_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + is_identical_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_is_not_identical_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + is_not_identical_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_is_equal_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + is_equal_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_is_not_equal_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + is_not_equal_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_is_smaller_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + is_smaller_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + +int zend_is_smaller_or_equal_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + is_smaller_or_equal_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_bw_or_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + bitwise_or_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_bw_and_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + bitwise_and_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_bw_xor_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_bool_xor_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + + boolean_xor_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_bw_not_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + + bitwise_not_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + NEXT_OPCODE(); +} + + +int zend_bool_not_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + + boolean_not_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R) TSRMLS_CC); + FREE_OP(free_op1); + NEXT_OPCODE(); +} + + +static inline int zend_binary_assign_op_obj_helper(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_op *op_data = opline+1; + zend_free_op free_op1, free_op2, free_op_data1; + zval **object_ptr = get_obj_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_W); + zval *object; + zval *property = get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zval tmp; + znode *result = &opline->result; + zval **retval = &EX_T(result->u.var).var.ptr; + int have_get_ptr = 0; + + EX_T(result->u.var).var.ptr_ptr = NULL; + make_real_object(object_ptr TSRMLS_CC); + object = *object_ptr; + + if (object->type != IS_OBJECT) { + zend_error(E_WARNING, "Attempt to assign property of non-object"); + FREE_OP(free_op2); + FREE_OP(free_op_data1); + + if (!RETURN_VALUE_UNUSED(result)) { + *retval = EG(uninitialized_zval_ptr); + PZVAL_LOCK(*retval); + } + } else { + /* here we are sure we are dealing with an object */ + switch (opline->op2.op_type) { + case IS_CONST: + /* already a constant string */ + break; + case IS_VAR: + tmp = *property; + zval_copy_ctor(&tmp); + convert_to_string(&tmp); + property = &tmp; + break; + case IS_TMP_VAR: + convert_to_string(property); + break; + } + + /* here property is a string */ + if (opline->extended_value == ZEND_ASSIGN_OBJ + && Z_OBJ_HT_P(object)->get_property_ptr_ptr) { + zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC); + if (zptr != NULL) { /* NULL means no success in getting PTR */ + SEPARATE_ZVAL_IF_NOT_REF(zptr); + + have_get_ptr = 1; + binary_op(*zptr, *zptr, value TSRMLS_CC); + if (!RETURN_VALUE_UNUSED(result)) { + *retval = *zptr; + PZVAL_LOCK(*retval); + } + } + } + + if (!have_get_ptr) { + zval *z; + + switch (opline->extended_value) { + case ZEND_ASSIGN_OBJ: + z = Z_OBJ_HT_P(object)->read_property(object, property, BP_VAR_RW TSRMLS_CC); + break; + case ZEND_ASSIGN_DIM: + z = Z_OBJ_HT_P(object)->read_dimension(object, property, BP_VAR_RW TSRMLS_CC); + break; + } + if (z->type == IS_OBJECT && Z_OBJ_HT_P(z)->get) { + zval *value = Z_OBJ_HT_P(z)->get(z TSRMLS_CC); + + if (z->refcount == 0) { + zval_dtor(z); + FREE_ZVAL(z); + } + z = value; + } + z->refcount++; + SEPARATE_ZVAL_IF_NOT_REF(&z); + binary_op(z, z, value TSRMLS_CC); + switch (opline->extended_value) { + case ZEND_ASSIGN_OBJ: + Z_OBJ_HT_P(object)->write_property(object, property, z TSRMLS_CC); + break; + case ZEND_ASSIGN_DIM: + Z_OBJ_HT_P(object)->write_dimension(object, property, z TSRMLS_CC); + break; + } + if (!RETURN_VALUE_UNUSED(result)) { + *retval = z; + PZVAL_LOCK(*retval); + } + zval_ptr_dtor(&z); + } + + if (property == &tmp) { + zval_dtor(property); + } + + FREE_OP(free_op2); + FREE_OP(free_op_data1); } - zend_error_noreturn(E_ERROR, "Arrived at end of main loop which shouldn't happen"); -#if ZEND_VM_KIND == ZEND_VM_KIND_GOTO - { - static const opcode_handler_t labels[] = {ZEND_VM_LABELS}; - init_labels: - zend_opcode_handlers = (opcode_handler_t*)labels; - return; + FREE_OP_VAR_PTR(free_op1); + /* assign_obj has two opcodes! */ + INC_OPCODE(); + NEXT_OPCODE(); +} + + +static inline int zend_binary_assign_op_helper(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2, free_op_data2; + zval **var_ptr; + zval *value; + zend_bool increment_opline = 0; + + switch (opline->extended_value) { + case ZEND_ASSIGN_OBJ: + return zend_binary_assign_op_obj_helper(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + break; + case ZEND_ASSIGN_DIM: { + zval **object_ptr = get_obj_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_W); + + (*object_ptr)->refcount++; /* undo the effect of get_obj_zval_ptr_ptr() */ + + if ((*object_ptr)->type == IS_OBJECT) { + return zend_binary_assign_op_obj_helper(binary_op, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } else { + zend_op *op_data = opline+1; + + zend_fetch_dimension_address(&op_data->op2, &opline->op1, &opline->op2, EX(Ts), BP_VAR_RW TSRMLS_CC); + value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op2, BP_VAR_R); + var_ptr = get_zval_ptr_ptr(&op_data->op2, EX(Ts), &free_op_data2, BP_VAR_RW); + increment_opline = 1; + } + } + break; + default: + value = get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + var_ptr = get_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_RW); + /* do nothing */ + break; + } + + if (!var_ptr) { + zend_error(E_ERROR, "Cannot use assign-op operators with overloaded objects nor string offsets"); + } + + if (*var_ptr == EG(error_zval_ptr)) { + if (!RETURN_VALUE_UNUSED(&opline->result)) { + EX_T(opline->result.u.var).var.ptr_ptr = &EG(uninitialized_zval_ptr); + PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr); + AI_USE_PTR(EX_T(opline->result.u.var).var); + } + FREE_OP_VAR_PTR(free_op1); + if (increment_opline) { + INC_OPCODE(); + } + NEXT_OPCODE(); + } + + SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + + if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + && Z_OBJ_HANDLER_PP(var_ptr, set)) { + /* proxy object */ + zval *objval = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); + objval->refcount++; + binary_op(objval, objval, value TSRMLS_CC); + Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, objval TSRMLS_CC); + zval_ptr_dtor(&objval); + } else { + binary_op(*var_ptr, *var_ptr, value TSRMLS_CC); + } + + if (!RETURN_VALUE_UNUSED(&opline->result)) { + EX_T(opline->result.u.var).var.ptr_ptr = var_ptr; + PZVAL_LOCK(*var_ptr); + AI_USE_PTR(EX_T(opline->result.u.var).var); + } + FREE_OP(free_op2); + + if (increment_opline) { + INC_OPCODE(); + FREE_OP_VAR_PTR(free_op_data2); + } + FREE_OP_VAR_PTR(free_op1); + NEXT_OPCODE(); +} + + +int zend_assign_add_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper(add_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_assign_sub_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper(sub_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_assign_mul_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper(mul_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_assign_div_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper(div_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_assign_mod_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper(mod_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_assign_sl_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper(shift_left_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_assign_sr_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper(shift_right_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_assign_concat_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper(concat_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_assign_bw_or_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper(bitwise_or_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_assign_bw_and_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper(bitwise_and_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_assign_bw_xor_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_binary_assign_op_helper(bitwise_xor_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + +int zend_pre_inc_obj_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_pre_incdec_property(&opline->result, &opline->op1, &opline->op2, EX(Ts), increment_function TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_pre_dec_obj_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_pre_incdec_property(&opline->result, &opline->op1, &opline->op2, EX(Ts), decrement_function TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_post_inc_obj_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_post_incdec_property(&opline->result, &opline->op1, &opline->op2, EX(Ts), increment_function TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_post_dec_obj_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_post_incdec_property(&opline->result, &opline->op1, &opline->op2, EX(Ts), decrement_function TSRMLS_CC); + NEXT_OPCODE(); +} + +typedef int (*incdec_t)(zval *); + +static inline int zend_incdec_op_helper(incdec_t incdec_op_arg, ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + zval **var_ptr = get_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_RW); + int (*incdec_op)(zval *op1) = incdec_op_arg; + + if (!var_ptr) { + zend_error(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets"); + } + if (*var_ptr == EG(error_zval_ptr)) { + if (!RETURN_VALUE_UNUSED(&opline->result)) { + EX_T(opline->result.u.var).var.ptr_ptr = &EG(uninitialized_zval_ptr); + PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr); + AI_USE_PTR(EX_T(opline->result.u.var).var); + } + FREE_OP_VAR_PTR(free_op1); + NEXT_OPCODE(); + } + + switch (opline->opcode) { + case ZEND_POST_INC: + case ZEND_POST_DEC: + EX_T(opline->result.u.var).tmp_var = **var_ptr; + zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var); + break; + } + + SEPARATE_ZVAL_IF_NOT_REF(var_ptr); + + if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get) + && Z_OBJ_HANDLER_PP(var_ptr, set)) { + /* proxy object */ + zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC); + val->refcount++; + incdec_op(val); + Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC); + zval_ptr_dtor(&val); + } else { + incdec_op(*var_ptr); + } + + switch (opline->opcode) { + case ZEND_PRE_INC: + case ZEND_PRE_DEC: + if (!RETURN_VALUE_UNUSED(&opline->result)) { + EX_T(opline->result.u.var).var.ptr_ptr = var_ptr; + PZVAL_LOCK(*var_ptr); + AI_USE_PTR(EX_T(opline->result.u.var).var); + } + break; + } + FREE_OP_VAR_PTR(free_op1); + NEXT_OPCODE(); +} + + +int zend_pre_inc_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_incdec_op_helper(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_pre_dec_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_incdec_op_helper(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_post_inc_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_incdec_op_helper(increment_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_post_dec_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_incdec_op_helper(decrement_function, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_echo_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + zval z_copy; + zval *z = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + + if (Z_TYPE_P(z) == IS_OBJECT && Z_OBJ_HT_P(z)->get_method != NULL && + zend_std_cast_object_tostring(z, &z_copy, IS_STRING, 0 TSRMLS_CC) == SUCCESS) { + zend_print_variable(&z_copy); + zval_dtor(&z_copy); + } else { + zend_print_variable(z); + } + + FREE_OP(free_op1); + NEXT_OPCODE(); +} + + +int zend_print_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + EX_T(opline->result.u.var).tmp_var.value.lval = 1; + EX_T(opline->result.u.var).tmp_var.type = IS_LONG; + + return zend_echo_handler(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_fetch_r_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_fetch_var_address(opline, EX(Ts), BP_VAR_R TSRMLS_CC); + AI_USE_PTR(EX_T(opline->result.u.var).var); + NEXT_OPCODE(); +} + + +int zend_fetch_w_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_fetch_var_address(opline, EX(Ts), BP_VAR_W TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_fetch_rw_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_fetch_var_address(opline, EX(Ts), BP_VAR_RW TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_fetch_func_arg_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) { + /* Behave like FETCH_W */ + zend_fetch_var_address(opline, EX(Ts), BP_VAR_W TSRMLS_CC); + } else { + /* Behave like FETCH_R */ + zend_fetch_var_address(opline, EX(Ts), BP_VAR_R TSRMLS_CC); + AI_USE_PTR(EX_T(opline->result.u.var).var); + } + NEXT_OPCODE(); +} + + +int zend_fetch_unset_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_res; + + zend_fetch_var_address(opline, EX(Ts), BP_VAR_R TSRMLS_CC); + PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res); + if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr); + } + PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr); + FREE_OP_VAR_PTR(free_res); + NEXT_OPCODE(); +} + + +int zend_fetch_is_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_fetch_var_address(opline, EX(Ts), BP_VAR_IS TSRMLS_CC); + AI_USE_PTR(EX_T(opline->result.u.var).var); + NEXT_OPCODE(); +} + + +int zend_fetch_dim_r_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + if (opline->extended_value == ZEND_FETCH_ADD_LOCK) { + PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr); + } + zend_fetch_dimension_address(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_fetch_dim_w_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_fetch_dimension_address(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_W TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_fetch_dim_rw_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_fetch_dimension_address(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_RW TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_fetch_dim_is_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_fetch_dimension_address(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_IS TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_fetch_dim_func_arg_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) { + /* Behave like FETCH_DIM_W */ + zend_fetch_dimension_address(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_W TSRMLS_CC); + } else { + /* Behave like FETCH_DIM_R, except for locking used for list() */ + zend_fetch_dimension_address(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC); + } + NEXT_OPCODE(); +} + + +int zend_fetch_dim_unset_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + /* Not needed in DIM_UNSET + if (opline->extended_value == ZEND_FETCH_ADD_LOCK) { + PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr); + } + */ + zend_fetch_dimension_address(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_UNSET TSRMLS_CC); + if (EX_T(opline->result.u.var).var.ptr_ptr == NULL) { + zend_error(E_ERROR, "Cannot unset string offsets"); + } else { + zend_free_op free_res; + + PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res); + if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr); + } + PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr); + FREE_OP_VAR_PTR(free_res); + } + NEXT_OPCODE(); +} + + +int zend_fetch_obj_r_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_fetch_property_address_read(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_fetch_obj_w_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + if (opline->extended_value == ZEND_FETCH_ADD_LOCK) { + PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr); + EX_T(opline->op1.u.var).var.ptr = *EX_T(opline->op1.u.var).var.ptr_ptr; + } + zend_fetch_property_address(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_W TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_fetch_obj_rw_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_fetch_property_address(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_RW TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_fetch_obj_is_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_fetch_property_address_read(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_IS TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_fetch_obj_func_arg_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + if (ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->extended_value)) { + /* Behave like FETCH_OBJ_W */ + zend_fetch_property_address(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_W TSRMLS_CC); + } else { + zend_fetch_property_address_read(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC); + } + NEXT_OPCODE(); +} + + +int zend_fetch_obj_unset_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_res; + + zend_fetch_property_address(&opline->result, &opline->op1, &opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC); + + PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res); + if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) { + SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr); + } + PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr); + FREE_OP_VAR_PTR(free_res); + NEXT_OPCODE(); +} + + +int zend_fetch_dim_tmp_var_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + zend_fetch_dimension_address_from_tmp_var(&opline->result, &opline->op1, &opline->op2, EX(Ts) TSRMLS_CC); + AI_USE_PTR(EX_T(opline->result.u.var).var); + NEXT_OPCODE(); +} + + +int zend_assign_obj_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_op *op_data = opline+1; + zend_free_op free_op1; + zval **object_ptr = get_obj_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_W); + + zend_assign_to_object(&opline->result, object_ptr, &opline->op2, &op_data->op1, EX(Ts), ZEND_ASSIGN_OBJ TSRMLS_CC); + FREE_OP_VAR_PTR(free_op1); + /* assign_obj has two opcodes! */ + INC_OPCODE(); + NEXT_OPCODE(); +} + + +int zend_assign_dim_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_op *op_data = opline+1; + zend_free_op free_op1; + zval **object_ptr; + + if (EX_T(opline->op1.u.var).var.ptr_ptr) { + /* not an array offset */ + object_ptr = get_obj_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_W); + } else { + object_ptr = NULL; + free_op1.var = NULL; + } + + if (object_ptr && (*object_ptr)->type == IS_OBJECT) { + zend_assign_to_object(&opline->result, object_ptr, &opline->op2, &op_data->op1, EX(Ts), ZEND_ASSIGN_DIM TSRMLS_CC); + } else { + zend_free_op free_op_data1; + zval *value; + + if (object_ptr) { + (*object_ptr)->refcount++; /* undo the effect of get_obj_zval_ptr_ptr() */ + } + zend_fetch_dimension_address(&op_data->op2, &opline->op1, &opline->op2, EX(Ts), BP_VAR_W TSRMLS_CC); + + value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R); + zend_assign_to_variable(&opline->result, &op_data->op2, &op_data->op1, value, (IS_TMP_FREE(free_op_data1)?IS_TMP_VAR:op_data->op1.op_type), EX(Ts) TSRMLS_CC); + FREE_OP_VAR(free_op_data1); } + FREE_OP_VAR_PTR(free_op1); + /* assign_dim has two opcodes! */ + INC_OPCODE(); + NEXT_OPCODE(); +} + + +int zend_assign_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op2; + zval *value = get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + + zend_assign_to_variable(&opline->result, &opline->op1, &opline->op2, value, (IS_TMP_FREE(free_op2)?IS_TMP_VAR:opline->op2.op_type), EX(Ts) TSRMLS_CC); + /* zend_assign_to_variable() always takes care of op2, never free it! */ + FREE_OP_VAR(free_op2); + + NEXT_OPCODE(); +} + + +int zend_assign_ref_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + zval **value_ptr_ptr = get_zval_ptr_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_W); + + zend_assign_to_variable_reference(&opline->result, get_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_W), value_ptr_ptr, EX(Ts) TSRMLS_CC); + + FREE_OP_VAR_PTR(free_op1); + FREE_OP_VAR_PTR(free_op2); + + NEXT_OPCODE(); +} + + +int zend_jmp_handler(ZEND_OPCODE_HANDLER_ARGS) +{ +#if DEBUG_ZEND>=2 + printf("Jumping to %d\n", opline->op1.u.opline_num); #endif + SET_OPCODE(EX(opline)->op1.u.jmp_addr); + return 0; /* CHECK_ME */ } -#if ZEND_VM_KIND == ZEND_VM_KIND_CALL -# undef EX -# define EX(element) execute_data->element -# include"zend_vm_spec.h" + +int zend_jmpz_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + znode *op1 = &opline->op1; + zend_free_op free_op1; + + if (!i_zend_is_true(get_zval_ptr(op1, EX(Ts), &free_op1, BP_VAR_R))) { +#if DEBUG_ZEND>=2 + printf("Conditional jmp to %d\n", opline->op2.u.opline_num); #endif + SET_OPCODE(opline->op2.u.jmp_addr); + FREE_OP(free_op1); + return 0; /* CHECK_ME */ + } + FREE_OP(free_op1); -void zend_init_opcodes_handlers() + NEXT_OPCODE(); +} + + +int zend_jmpnz_handler(ZEND_OPCODE_HANDLER_ARGS) { -#if ZEND_VM_KIND == ZEND_VM_KIND_GOTO - TSRMLS_FETCH(); - zend_execute(NULL TSRMLS_CC); -#else - static const opcode_handler_t labels[] = {ZEND_VM_LABELS}; + zend_op *opline = EX(opline); + znode *op1 = &opline->op1; + zend_free_op free_op1; + + if (zend_is_true(get_zval_ptr(op1, EX(Ts), &free_op1, BP_VAR_R))) { +#if DEBUG_ZEND>=2 + printf("Conditional jmp to %d\n", opline->op2.u.opline_num); +#endif + SET_OPCODE(opline->op2.u.jmp_addr); + FREE_OP(free_op1); + return 0; /* CHECK_ME */ + } + FREE_OP(free_op1); + + NEXT_OPCODE(); +} + + +int zend_jmpznz_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + znode *res = &opline->op1; + zend_free_op free_op1; + + if (zend_is_true(get_zval_ptr(res, EX(Ts), &free_op1, BP_VAR_R))) { +#if DEBUG_ZEND>=2 + printf("Conditional jmp on true to %d\n", opline->extended_value); +#endif + SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); + } else { +#if DEBUG_ZEND>=2 + printf("Conditional jmp on false to %d\n", opline->op2.u.opline_num); +#endif + SET_OPCODE(&EX(op_array)->opcodes[opline->op2.u.opline_num]); + } + FREE_OP(free_op1); + + return 0; /* CHECK_ME */ +} + + +int zend_jmpz_ex_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + int retval = zend_is_true(get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R)); + + FREE_OP(free_op1); + EX_T(opline->result.u.var).tmp_var.value.lval = retval; + EX_T(opline->result.u.var).tmp_var.type = IS_BOOL; + if (!retval) { +#if DEBUG_ZEND>=2 + printf("Conditional jmp to %d\n", opline->op2.u.opline_num); +#endif + SET_OPCODE(opline->op2.u.jmp_addr); + return 0; /* CHECK_ME */ + } + NEXT_OPCODE(); +} + - zend_opcode_handlers = (opcode_handler_t*)labels; +int zend_jmpnz_ex_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + int retval = zend_is_true(get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R)); + + FREE_OP(free_op1); + EX_T(opline->result.u.var).tmp_var.value.lval = retval; + EX_T(opline->result.u.var).tmp_var.type = IS_BOOL; + if (retval) { +#if DEBUG_ZEND>=2 + printf("Conditional jmp to %d\n", opline->op2.u.opline_num); #endif + SET_OPCODE(opline->op2.u.jmp_addr); + return 0; /* CHECK_ME */ + } + NEXT_OPCODE(); +} + + +int zend_free_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zendi_zval_dtor(EX_T(EX(opline)->op1.u.var).tmp_var); + NEXT_OPCODE(); +} + + +int zend_init_string_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zval *tmp = &EX_T(EX(opline)->result.u.var).tmp_var; + + tmp->value.str.val = emalloc(1); + tmp->value.str.val[0] = 0; + tmp->value.str.len = 0; + tmp->refcount = 1; + tmp->type = IS_STRING; + tmp->is_ref = 0; + NEXT_OPCODE(); +} + + +int zend_add_char_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + + add_char_to_string(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_NA), + &opline->op2.u.constant); + /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */ + NEXT_OPCODE(); +} + + +int zend_add_string_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + + add_string_to_string(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_NA), + &opline->op2.u.constant); + /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */ + NEXT_OPCODE(); +} + + +int zend_add_var_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + zval *var = get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + zval var_copy; + int use_copy; + + zend_make_printable_zval(var, &var_copy, &use_copy); + if (use_copy) { + var = &var_copy; + } + add_string_to_string( &EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_NA), + var); + if (use_copy) { + zval_dtor(var); + } + /* original comment, possibly problematic: + * FREE_OP is missing intentionally here - we're always working on the same temporary variable + * (Zeev): I don't think it's problematic, we only use variables + * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're + * string offsets or overloaded objects + */ + FREE_OP(free_op2); + + NEXT_OPCODE(); +} + + +int zend_fetch_class_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval *class_name; + zend_free_op free_op2; + + + if (opline->op2.op_type == IS_UNUSED) { + EX_T(opline->result.u.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC); + NEXT_OPCODE(); + } + + class_name = get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + + switch (class_name->type) { + case IS_OBJECT: + EX_T(opline->result.u.var).class_entry = Z_OBJCE_P(class_name); + break; + case IS_STRING: + EX_T(opline->result.u.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), ZEND_FETCH_CLASS_DEFAULT TSRMLS_CC); + break; + default: + zend_error(E_ERROR, "Class name must be a valid object or a string"); + break; + } + + FREE_OP(free_op2); + NEXT_OPCODE(); +} + + +int zend_init_ctor_call_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + + zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(calling_scope)); + + if (opline->op1.op_type == IS_VAR) { + SELECTIVE_PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr, &opline->op1); + } + + /* We are not handling overloaded classes right now */ + EX(object) = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + + /* New always returns the object as is_ref=0, therefore, we can just increment the reference count */ + EX(object)->refcount++; /* For $this pointer */ + + EX(fbc) = EX(fbc_constructor); + + if (EX(fbc)->type == ZEND_USER_FUNCTION) { /* HACK!! */ + EX(calling_scope) = EX(fbc)->common.scope; + } else { + EX(calling_scope) = NULL; + } + + FREE_OP_VAR(free_op1); + NEXT_OPCODE(); +} + + +int zend_init_method_call_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval *function_name; + char *function_name_strval; + int function_name_strlen; + zend_free_op free_op1, free_op2; + + zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(calling_scope)); + + function_name = get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + + if (Z_TYPE_P(function_name)!=IS_STRING) { + zend_error(E_ERROR, "Method name must be a string"); + } + + function_name_strval = function_name->value.str.val; + function_name_strlen = function_name->value.str.len; + + EX(calling_scope) = EG(scope); + + EX(object) = get_obj_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + + if (EX(object) && EX(object)->type == IS_OBJECT) { + if (Z_OBJ_HT_P(EX(object))->get_method == NULL) { + zend_error(E_ERROR, "Object does not support method calls"); + } + + /* First, locate the function. */ + EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(EX(object), function_name_strval, function_name_strlen TSRMLS_CC); + if (!EX(fbc)) { + zend_error(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval); + } + } else { + zend_error(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval); + } + + if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) { + EX(object) = NULL; + } else { + if (!PZVAL_IS_REF(EX(object))) { + EX(object)->refcount++; /* For $this pointer */ + } else { + zval *this_ptr; + ALLOC_ZVAL(this_ptr); + *this_ptr = *EX(object); + INIT_PZVAL(this_ptr); + zval_copy_ctor(this_ptr); + EX(object) = this_ptr; + } + } + + if (EX(fbc)->type == ZEND_USER_FUNCTION) { + EX(calling_scope) = EX(fbc)->common.scope; + } else { + EX(calling_scope) = NULL; + } + + FREE_OP(free_op2); + FREE_OP_VAR(free_op1); + + NEXT_OPCODE(); +} + + +int zend_init_static_method_call_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval *function_name; + zend_class_entry *ce; + + zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(calling_scope)); + + ce = EX_T(opline->op1.u.var).class_entry; + if(opline->op2.op_type != IS_UNUSED) { + char *function_name_strval; + int function_name_strlen; + zend_bool is_const = (opline->op2.op_type == IS_CONST); + zend_free_op free_op2; + + if (is_const) { + function_name_strval = opline->op2.u.constant.value.str.val; + function_name_strlen = opline->op2.u.constant.value.str.len; + } else { + function_name = get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + + if (Z_TYPE_P(function_name) != IS_STRING) { + zend_error(E_ERROR, "Function name must be a string"); + } + function_name_strval = zend_str_tolower_dup(function_name->value.str.val, function_name->value.str.len); + function_name_strlen = function_name->value.str.len; + } + + EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC); + + if (!is_const) { + efree(function_name_strval); + FREE_OP(free_op2); + } + } else { + if(!ce->constructor) { + zend_error(E_ERROR, "Can not call constructor"); + } + EX(fbc) = ce->constructor; + } + + EX(calling_scope) = EX(fbc)->common.scope; + + if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) { + EX(object) = NULL; + } else { + if ((EX(object) = EG(This))) { + EX(object)->refcount++; + } + } + + NEXT_OPCODE(); +} + +int zend_init_fcall_by_name_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval *function_name; + zend_function *function; + char *function_name_strval, *lcname; + int function_name_strlen; + zend_free_op free_op2; + + zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(calling_scope)); + + if (opline->op2.op_type == IS_CONST) { + free_op2.var = 0; + function_name_strval = opline->op2.u.constant.value.str.val; + function_name_strlen = opline->op2.u.constant.value.str.len; + } else { + function_name = get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + + if (Z_TYPE_P(function_name) != IS_STRING) { + zend_error(E_ERROR, "Function name must be a string"); + } + function_name_strval = function_name->value.str.val; + function_name_strlen = function_name->value.str.len; + } + + lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen); + if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &function)==FAILURE) { + efree(lcname); + zend_error(E_ERROR, "Call to undefined function %s()", function_name_strval); + } + + efree(lcname); + FREE_OP(free_op2); + + EX(calling_scope) = function->common.scope; + EX(object) = NULL; + + EX(fbc) = function; + + NEXT_OPCODE(); +} + +int zend_do_fcall_common_helper(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval **original_return_value; + zend_class_entry *current_scope; + zval *current_this; + int return_value_used = RETURN_VALUE_USED(opline); + zend_bool should_change_scope; + + if (EX(function_state).function->common.fn_flags & ZEND_ACC_ABSTRACT) { + zend_error(E_ERROR, "Cannot call abstract method %s::%s()", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name); + NEXT_OPCODE(); /* Never reached */ + } + + zend_ptr_stack_2_push(&EG(argument_stack), (void *) opline->extended_value, NULL); + + EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr; + + if (EX(function_state).function->type == ZEND_USER_FUNCTION + || EX(function_state).function->common.scope) { + should_change_scope = 1; + current_this = EG(This); + EG(This) = EX(object); + current_scope = EG(scope); + EG(scope) = EX(calling_scope); + } else { + should_change_scope = 0; + } + + EX_T(opline->result.u.var).var.fcall_returned_reference = 0; + + if (EX(function_state).function->common.scope) { + if (!EG(This) && !(EX(function_state).function->common.fn_flags & ZEND_ACC_STATIC)) { + int severity; + char *severity_word; + if (EX(function_state).function->common.fn_flags & ZEND_ACC_ALLOW_STATIC) { + severity = E_STRICT; + severity_word = "should not"; + } else { + severity = E_ERROR; + severity_word = "cannot"; + } + zend_error(severity, "Non-static method %s::%s() %s be called statically", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name, severity_word); + } + } + if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION) { + ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr); + INIT_ZVAL(*(EX_T(opline->result.u.var).var.ptr)); + + if (EX(function_state).function->common.arg_info) { + zend_uint i=0; + zval **p; + ulong arg_count; + + p = (zval **) EG(argument_stack).top_element-2; + arg_count = (ulong) *p; + + while (arg_count>0) { + zend_verify_arg_type(EX(function_state).function, ++i, *(p-arg_count) TSRMLS_CC); + arg_count--; + } + } + if (!zend_execute_internal) { + /* saves one function call if zend_execute_internal is not used */ + ((zend_internal_function *) EX(function_state).function)->handler(opline->extended_value, EX_T(opline->result.u.var).var.ptr, EX(object), return_value_used TSRMLS_CC); + } else { + zend_execute_internal(execute_data, return_value_used TSRMLS_CC); + } + + EG(current_execute_data) = execute_data; + EX_T(opline->result.u.var).var.ptr->is_ref = 0; + EX_T(opline->result.u.var).var.ptr->refcount = 1; + if (!return_value_used) { + zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr); + } + } else if (EX(function_state).function->type == ZEND_USER_FUNCTION) { + HashTable *calling_symbol_table; + + EX_T(opline->result.u.var).var.ptr = NULL; + if (EG(symtable_cache_ptr)>=EG(symtable_cache)) { + /*printf("Cache hit! Reusing %x\n", symtable_cache[symtable_cache_ptr]);*/ + EX(function_state).function_symbol_table = *(EG(symtable_cache_ptr)--); + } else { + ALLOC_HASHTABLE(EX(function_state).function_symbol_table); + zend_hash_init(EX(function_state).function_symbol_table, 0, NULL, ZVAL_PTR_DTOR, 0); + /*printf("Cache miss! Initialized %x\n", function_state.function_symbol_table);*/ + } + calling_symbol_table = EG(active_symbol_table); + EG(active_symbol_table) = EX(function_state).function_symbol_table; + original_return_value = EG(return_value_ptr_ptr); + EG(return_value_ptr_ptr) = EX_T(opline->result.u.var).var.ptr_ptr; + EG(active_op_array) = (zend_op_array *) EX(function_state).function; + + zend_execute(EG(active_op_array) TSRMLS_CC); + EX_T(opline->result.u.var).var.fcall_returned_reference = EG(active_op_array)->return_reference; + + if (return_value_used && !EX_T(opline->result.u.var).var.ptr) { + if (!EG(exception)) { + ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr); + INIT_ZVAL(*EX_T(opline->result.u.var).var.ptr); + } + } else if (!return_value_used && EX_T(opline->result.u.var).var.ptr) { + zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr); + } + + EG(opline_ptr) = &EX(opline); + EG(active_op_array) = EX(op_array); + EG(return_value_ptr_ptr)=original_return_value; + if (EG(symtable_cache_ptr)>=EG(symtable_cache_limit)) { + zend_hash_destroy(EX(function_state).function_symbol_table); + FREE_HASHTABLE(EX(function_state).function_symbol_table); + } else { + /* clean before putting into the cache, since clean + could call dtors, which could use cached hash */ + zend_hash_clean(EX(function_state).function_symbol_table); + *(++EG(symtable_cache_ptr)) = EX(function_state).function_symbol_table; + } + EG(active_symbol_table) = calling_symbol_table; + } else { /* ZEND_OVERLOADED_FUNCTION */ + ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr); + INIT_ZVAL(*(EX_T(opline->result.u.var).var.ptr)); + + /* Not sure what should be done here if it's a static method */ + if (EX(object)) { + Z_OBJ_HT_P(EX(object))->call_method(EX(fbc)->common.function_name, opline->extended_value, EX_T(opline->result.u.var).var.ptr, EX(object), return_value_used TSRMLS_CC); + } else { + zend_error(E_ERROR, "Cannot call overloaded function for non-object"); + } + + if (EX(function_state).function->type == ZEND_OVERLOADED_FUNCTION_TEMPORARY) { + efree(EX(function_state).function->common.function_name); + } + efree(EX(fbc)); + + if (!return_value_used) { + zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr); + } else { + EX_T(opline->result.u.var).var.ptr->is_ref = 0; + EX_T(opline->result.u.var).var.ptr->refcount = 1; + } + } + + if (EG(This)) { + if (EG(exception) && EX(fbc) && EX(fbc)->common.fn_flags&ZEND_ACC_CTOR) { + EG(This)->refcount--; + if (EG(This)->refcount == 1) { + zend_object_store_ctor_failed(EG(This) TSRMLS_CC); + } + zval_ptr_dtor(&EG(This)); + } else if (should_change_scope) { + zval_ptr_dtor(&EG(This)); + } + } + + if (should_change_scope) { + EG(This) = current_this; + EG(scope) = current_scope; + } + zend_ptr_stack_3_pop(&EG(arg_types_stack), (void**)&EX(calling_scope), (void**)&EX(object), (void**)&EX(fbc)); + + EX(function_state).function = (zend_function *) EX(op_array); + EG(function_state_ptr) = &EX(function_state); + zend_ptr_stack_clear_multiple(TSRMLS_C); + + if (EG(exception)) { + zend_throw_exception_internal(NULL TSRMLS_CC); + if (return_value_used && EX_T(opline->result.u.var).var.ptr) { + zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr); + } + } + + NEXT_OPCODE(); +} + + +int zend_do_fcall_by_name_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + EX(function_state).function = EX(fbc); + return zend_do_fcall_common_helper(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_do_fcall_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + zval *fname = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + + zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(calling_scope)); + + if (zend_hash_find(EG(function_table), fname->value.str.val, fname->value.str.len+1, (void **) &EX(function_state).function)==FAILURE) { + zend_error(E_ERROR, "Unknown function: %s()\n", fname->value.str.val); + } + EX(object) = NULL; + EX(calling_scope) = EX(function_state).function->common.scope; + + FREE_OP(free_op1); + + return zend_do_fcall_common_helper(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_return_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval *retval_ptr; + zval **retval_ptr_ptr; + zend_free_op free_op1; + + if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) { + + if (opline->op1.op_type == IS_CONST || opline->op1.op_type == IS_TMP_VAR) { + /* Not supposed to happen, but we'll allow it */ + zend_error(E_STRICT, "Only variable references should be returned by reference"); + goto return_by_value; + } + + retval_ptr_ptr = get_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_W); + + if (!retval_ptr_ptr) { + zend_error(E_ERROR, "Cannot return string offsets by reference"); + } + + if (!(*retval_ptr_ptr)->is_ref) { + if (EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr + || (opline->extended_value == ZEND_RETURNS_FUNCTION && !EX_T(opline->op1.u.var).var.fcall_returned_reference)) { + zend_error(E_STRICT, "Only variable references should be returned by reference"); + PZVAL_LOCK(*retval_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */ + goto return_by_value; + } + } + + SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr); + (*retval_ptr_ptr)->refcount++; + + (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr); + FREE_OP_VAR_PTR(free_op1); + } else { +return_by_value: + + retval_ptr = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + + if (EG(ze1_compatibility_mode) && Z_TYPE_P(retval_ptr) == IS_OBJECT) { + ALLOC_ZVAL(*(EG(return_value_ptr_ptr))); + **EG(return_value_ptr_ptr) = *retval_ptr; + INIT_PZVAL(*EG(return_value_ptr_ptr)); + if (Z_OBJ_HT_P(retval_ptr)->clone_obj == NULL) { + zend_error(E_ERROR, "Trying to clone an uncloneable object of class %s", Z_OBJCE_P(retval_ptr)->name); + } + zend_error(E_STRICT, "Implicit cloning object of class '%s' because of 'zend.ze1_compatibility_mode'", Z_OBJCE_P(retval_ptr)->name); + (*EG(return_value_ptr_ptr))->value.obj = Z_OBJ_HT_P(retval_ptr)->clone_obj(retval_ptr TSRMLS_CC); + } else if (!IS_TMP_FREE(free_op1)) { /* Not a temp var */ + if (PZVAL_IS_REF(retval_ptr) && retval_ptr->refcount > 0) { + ALLOC_ZVAL(*(EG(return_value_ptr_ptr))); + **EG(return_value_ptr_ptr) = *retval_ptr; + (*EG(return_value_ptr_ptr))->is_ref = 0; + (*EG(return_value_ptr_ptr))->refcount = 1; + zval_copy_ctor(*EG(return_value_ptr_ptr)); + } else { + *EG(return_value_ptr_ptr) = retval_ptr; + retval_ptr->refcount++; + } + } else { + ALLOC_ZVAL(*(EG(return_value_ptr_ptr))); + **EG(return_value_ptr_ptr) = *retval_ptr; + (*EG(return_value_ptr_ptr))->refcount = 1; + (*EG(return_value_ptr_ptr))->is_ref = 0; + } + FREE_OP_VAR(free_op1); + } + RETURN_FROM_EXECUTE_LOOP(execute_data); +} + + +int zend_throw_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval *value; + zval *exception; + zend_free_op free_op1; + + value = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + + if (value->type != IS_OBJECT) { + zend_error(E_ERROR, "Can only throw objects"); + } + /* Not sure if a complete copy is what we want here */ + MAKE_STD_ZVAL(exception); + *exception = *value; + if (!IS_TMP_FREE(free_op1)) { + zval_copy_ctor(exception); + } + INIT_PZVAL(exception); + + zend_throw_exception_object(exception TSRMLS_CC); + FREE_OP_VAR(free_op1); + NEXT_OPCODE(); +} + + +int zend_catch_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_class_entry *ce; + + /* Check whether an exception has been thrown, if not, jump over code */ + if (EG(exception) == NULL) { + SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); + return 0; /* CHECK_ME */ + } + ce = Z_OBJCE_P(EG(exception)); + if (ce != EX_T(opline->op1.u.var).class_entry) { + if (!instanceof_function(ce, EX_T(opline->op1.u.var).class_entry TSRMLS_CC)) { + if (opline->op1.u.EA.type) { + zend_throw_exception_internal(NULL TSRMLS_CC); + NEXT_OPCODE(); + } + SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]); + return 0; /* CHECK_ME */ + } + } + + zend_hash_update(EG(active_symbol_table), opline->op2.u.constant.value.str.val, + opline->op2.u.constant.value.str.len+1, &EG(exception), sizeof(zval *), (void **) NULL); + EG(exception) = NULL; + NEXT_OPCODE(); +} + + +int zend_send_val_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + if (opline->extended_value==ZEND_DO_FCALL_BY_NAME + && ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) { + zend_error(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.u.opline_num); + } + { + zval *valptr; + zval *value; + zend_free_op free_op1; + + value = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + + ALLOC_ZVAL(valptr); + *valptr = *value; + if (!IS_TMP_FREE(free_op1)) { + zval_copy_ctor(valptr); + } + INIT_PZVAL(valptr); + zend_ptr_stack_push(&EG(argument_stack), valptr); + FREE_OP_VAR(free_op1); + } + NEXT_OPCODE(); +} + + +static inline int zend_send_by_var_helper(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval *varptr; + zend_free_op free_op1; + varptr = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + + if (varptr == &EG(uninitialized_zval)) { + ALLOC_ZVAL(varptr); + INIT_ZVAL(*varptr); + varptr->refcount = 0; + } else if (PZVAL_IS_REF(varptr)) { + zval *original_var = varptr; + + ALLOC_ZVAL(varptr); + *varptr = *original_var; + varptr->is_ref = 0; + varptr->refcount = 0; + zval_copy_ctor(varptr); + } + varptr->refcount++; + zend_ptr_stack_push(&EG(argument_stack), varptr); + FREE_OP(free_op1); /* for string offsets */ + + NEXT_OPCODE(); +} + + +int zend_send_var_no_ref_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + if (opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) { /* Had function_ptr at compile_time */ + if (!(opline->extended_value & ZEND_ARG_SEND_BY_REF)) { + return zend_send_by_var_helper(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } + } else if (!ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) { + return zend_send_by_var_helper(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } + { + zval *varptr; + zend_free_op free_op1; + varptr = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + + if (varptr != &EG(uninitialized_zval) && (PZVAL_IS_REF(varptr) || varptr->refcount == 1)) { + varptr->is_ref = 1; + varptr->refcount++; + zend_ptr_stack_push(&EG(argument_stack), varptr); + FREE_OP_VAR(free_op1); + NEXT_OPCODE(); + } + zend_error(E_ERROR, "Only variables can be passed by reference"); + } + NEXT_OPCODE(); +} + + +int zend_send_ref_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + zval **varptr_ptr; + zval *varptr; + varptr_ptr = get_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_W); + + if (!varptr_ptr) { + zend_error(E_ERROR, "Only variables can be passed by reference"); + } + + SEPARATE_ZVAL_TO_MAKE_IS_REF(varptr_ptr); + varptr = *varptr_ptr; + varptr->refcount++; + zend_ptr_stack_push(&EG(argument_stack), varptr); + + FREE_OP_VAR_PTR(free_op1); + NEXT_OPCODE(); +} + + +int zend_send_var_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + if ((opline->extended_value == ZEND_DO_FCALL_BY_NAME) + && ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) { + return zend_send_ref_handler(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); + } + return zend_send_by_var_helper(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_recv_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval **param; + zend_uint arg_num = opline->op1.u.constant.value.lval; + + if (zend_ptr_stack_get_arg(arg_num, (void **) ¶m TSRMLS_CC)==FAILURE) { + char *space; + char *class_name = get_active_class_name(&space TSRMLS_CC); + zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, NULL TSRMLS_CC); + zend_error(E_WARNING, "Missing argument %ld for %s%s%s()", opline->op1.u.constant.value.lval, class_name, space, get_active_function_name(TSRMLS_C)); + if (opline->result.op_type == IS_VAR) { + PZVAL_UNLOCK_FREE(*EX_T(opline->result.u.var).var.ptr_ptr); + } + } else { + zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, *param TSRMLS_CC); + if (PZVAL_IS_REF(*param)) { + zend_free_op free_res; + + zend_assign_to_variable_reference(NULL, get_zval_ptr_ptr(&opline->result, EX(Ts), &free_res, BP_VAR_W), param, NULL TSRMLS_CC); + FREE_OP_VAR_PTR(free_res); + } else { + zend_assign_to_variable(NULL, &opline->result, NULL, *param, IS_VAR, EX(Ts) TSRMLS_CC); + } + } + + NEXT_OPCODE(); +} + + +int zend_recv_init_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval **param, *assignment_value; + zend_uint arg_num = opline->op1.u.constant.value.lval; + + if (zend_ptr_stack_get_arg(arg_num, (void **) ¶m TSRMLS_CC)==FAILURE) { + if (opline->op2.u.constant.type == IS_CONSTANT || opline->op2.u.constant.type==IS_CONSTANT_ARRAY) { + zval *default_value; + + ALLOC_ZVAL(default_value); + *default_value = opline->op2.u.constant; + if (opline->op2.u.constant.type==IS_CONSTANT_ARRAY) { + zval_copy_ctor(default_value); + } + default_value->refcount=1; + zval_update_constant(&default_value, 0 TSRMLS_CC); + default_value->refcount=0; + default_value->is_ref=0; + param = &default_value; + assignment_value = default_value; + } else { + param = NULL; + assignment_value = &opline->op2.u.constant; + } + zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, assignment_value TSRMLS_CC); + zend_assign_to_variable(NULL, &opline->result, NULL, assignment_value, IS_VAR, EX(Ts) TSRMLS_CC); + } else { + assignment_value = *param; + zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, assignment_value TSRMLS_CC); + if (PZVAL_IS_REF(assignment_value)) { + zend_free_op free_res; + + zend_assign_to_variable_reference(NULL, get_zval_ptr_ptr(&opline->result, EX(Ts), &free_res, BP_VAR_W), param, NULL TSRMLS_CC); + FREE_OP_VAR_PTR(free_res); + } else { + zend_assign_to_variable(NULL, &opline->result, NULL, assignment_value, IS_VAR, EX(Ts) TSRMLS_CC); + } + } + + NEXT_OPCODE(); +} + + +int zend_bool_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + + /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */ + EX_T(opline->result.u.var).tmp_var.value.lval = zend_is_true(get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R)); + EX_T(opline->result.u.var).tmp_var.type = IS_BOOL; + FREE_OP(free_op1); + + NEXT_OPCODE(); +} + + +static inline int zend_brk_cont_helper(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op2; + zval *nest_levels_zval = get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + zval tmp; + int array_offset, nest_levels, original_nest_levels; + zend_brk_cont_element *jmp_to; + + if (nest_levels_zval->type != IS_LONG) { + tmp = *nest_levels_zval; + zval_copy_ctor(&tmp); + convert_to_long(&tmp); + nest_levels = tmp.value.lval; + } else { + nest_levels = nest_levels_zval->value.lval; + } + original_nest_levels = nest_levels; + array_offset = opline->op1.u.opline_num; + do { + if (array_offset==-1) { + zend_error(E_ERROR, "Cannot break/continue %d level%s", original_nest_levels, (original_nest_levels == 1) ? "" : "s"); + } + jmp_to = &EX(op_array)->brk_cont_array[array_offset]; + if (nest_levels>1) { + zend_op *brk_opline = &EX(op_array)->opcodes[jmp_to->brk]; + + switch (brk_opline->opcode) { + case ZEND_SWITCH_FREE: + zend_switch_free(brk_opline, EX(Ts) TSRMLS_CC); + break; + case ZEND_FREE: + zendi_zval_dtor(EX_T(brk_opline->op1.u.var).tmp_var); + break; + } + } + array_offset = jmp_to->parent; + } while (--nest_levels > 0); + + if (opline->opcode == ZEND_BRK) { + SET_OPCODE(EX(op_array)->opcodes+jmp_to->brk); + } else { + SET_OPCODE(EX(op_array)->opcodes+jmp_to->cont); + } + FREE_OP(free_op2); + return 0; /* CHECK_ME */ +} + + +int zend_brk_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_brk_cont_helper(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_cont_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_brk_cont_helper(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_case_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + int switch_expr_is_overloaded=0; + zend_free_op free_op1, free_op2; + + if (opline->op1.op_type==IS_VAR) { + if (EX_T(opline->op1.u.var).var.ptr_ptr) { + PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr); + } else { + switch_expr_is_overloaded = 1; + EX_T(opline->op1.u.var).str_offset.str->refcount++; + } + } + is_equal_function(&EX_T(opline->result.u.var).tmp_var, + get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R), + get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R) TSRMLS_CC); + + FREE_OP(free_op2); + if (switch_expr_is_overloaded) { + /* We only free op1 if this is a string offset, + * Since if it is a TMP_VAR, it'll be reused by + * other CASE opcodes (whereas string offsets + * are allocated at each get_zval_ptr()) + */ + FREE_OP(free_op1); + EX_T(opline->op1.u.var).var.ptr_ptr = NULL; + AI_USE_PTR(EX_T(opline->op1.u.var).var); + } + NEXT_OPCODE(); +} + + +int zend_switch_free_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_switch_free(EX(opline), EX(Ts) TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_new_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + if (EX_T(opline->op1.u.var).class_entry->ce_flags & (ZEND_ACC_INTERFACE|ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) { + char *class_type; + + if (EX_T(opline->op1.u.var).class_entry->ce_flags & ZEND_ACC_INTERFACE) { + class_type = "interface"; + } else { + class_type = "abstract class"; + } + zend_error(E_ERROR, "Cannot instantiate %s %s", class_type, EX_T(opline->op1.u.var).class_entry->name); + } + EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr; + ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr); + object_init_ex(EX_T(opline->result.u.var).var.ptr, EX_T(opline->op1.u.var).class_entry); + EX_T(opline->result.u.var).var.ptr->refcount=1; + EX_T(opline->result.u.var).var.ptr->is_ref=0; + + NEXT_OPCODE(); +} + + +int zend_clone_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + zval *obj = get_obj_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + zend_class_entry *ce; + zend_function *clone; + zend_object_clone_obj_t clone_call; + + if (!obj || Z_TYPE_P(obj) != IS_OBJECT) { + zend_error(E_WARNING, "__clone method called on non-object"); + EX_T(opline->result.u.var).var.ptr = EG(error_zval_ptr); + EX_T(opline->result.u.var).var.ptr->refcount++; + FREE_OP_VAR(free_op1); + NEXT_OPCODE(); + } + + ce = Z_OBJCE_P(obj); + clone = ce ? ce->clone : NULL; + clone_call = Z_OBJ_HT_P(obj)->clone_obj; + if (!clone_call) { + zend_error(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name); + EX_T(opline->result.u.var).var.ptr = EG(error_zval_ptr); + EX_T(opline->result.u.var).var.ptr->refcount++; + } + + if (ce && clone) { + if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) { + /* Ensure that if we're calling a private function, we're allowed to do so. + */ + if (ce != EG(scope)) { + zend_error(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + } + } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) { + /* Ensure that if we're calling a protected function, we're allowed to do so. + */ + if (!zend_check_protected(clone->common.scope, EG(scope))) { + zend_error(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : ""); + } + } + } + + EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr; + ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr); + EX_T(opline->result.u.var).var.ptr->value.obj = clone_call(obj TSRMLS_CC); + if (EG(exception)) { + FREE_ZVAL(EX_T(opline->result.u.var).var.ptr); + } else { + EX_T(opline->result.u.var).var.ptr->type = IS_OBJECT; + EX_T(opline->result.u.var).var.ptr->refcount=1; + EX_T(opline->result.u.var).var.ptr->is_ref=1; + } + FREE_OP_VAR(free_op1); + NEXT_OPCODE(); +} + + +int zend_fetch_constant_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_class_entry *ce = NULL; + zval **value; + + if (opline->op1.op_type == IS_UNUSED) { +/* This seems to be a reminant of namespaces + if (EG(scope)) { + ce = EG(scope); + if (zend_hash_find(&ce->constants_table, opline->op2.u.constant.value.str.val, opline->op2.u.constant.value.str.len+1, (void **) &value) == SUCCESS) { + zval_update_constant(value, (void *) 1 TSRMLS_CC); + EX_T(opline->result.u.var).tmp_var = **value; + zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var); + NEXT_OPCODE(); + } + } +*/ + if (!zend_get_constant(opline->op2.u.constant.value.str.val, opline->op2.u.constant.value.str.len, &EX_T(opline->result.u.var).tmp_var TSRMLS_CC)) { + zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", + opline->op2.u.constant.value.str.val, + opline->op2.u.constant.value.str.val); + EX_T(opline->result.u.var).tmp_var = opline->op2.u.constant; + zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var); + } + NEXT_OPCODE(); + } + + ce = EX_T(opline->op1.u.var).class_entry; + + if (zend_hash_find(&ce->constants_table, opline->op2.u.constant.value.str.val, opline->op2.u.constant.value.str.len+1, (void **) &value) == SUCCESS) { + zval_update_constant(value, (void *) 1 TSRMLS_CC); + EX_T(opline->result.u.var).tmp_var = **value; + zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var); + } else { + zend_error(E_ERROR, "Undefined class constant '%s'", opline->op2.u.constant.value.str.val); + } + + NEXT_OPCODE(); +} + + +static inline int zend_init_add_array_helper(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + zval *array_ptr = &EX_T(opline->result.u.var).tmp_var; + zval *expr_ptr, **expr_ptr_ptr = NULL; + zval *offset=get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + + if (opline->extended_value) { + expr_ptr_ptr=get_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + expr_ptr = *expr_ptr_ptr; + } else { + expr_ptr=get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + } + + if (opline->opcode == ZEND_INIT_ARRAY) { + array_init(array_ptr); + if (!expr_ptr) { + NEXT_OPCODE(); + } + } + if (!opline->extended_value && IS_TMP_FREE(free_op1)) { /* temporary variable */ + zval *new_expr; + + ALLOC_ZVAL(new_expr); + *new_expr = *expr_ptr; + expr_ptr = new_expr; + INIT_PZVAL(expr_ptr); + } else { + if (opline->extended_value) { + SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr); + expr_ptr = *expr_ptr_ptr; + expr_ptr->refcount++; + } else if (PZVAL_IS_REF(expr_ptr)) { + zval *new_expr; + + ALLOC_ZVAL(new_expr); + *new_expr = *expr_ptr; + expr_ptr = new_expr; + zendi_zval_copy_ctor(*expr_ptr); + INIT_PZVAL(expr_ptr); + } else { + expr_ptr->refcount++; + } + } + if (offset) { + switch (offset->type) { + case IS_DOUBLE: + zend_hash_index_update(array_ptr->value.ht, (long) offset->value.dval, &expr_ptr, sizeof(zval *), NULL); + break; + case IS_LONG: + case IS_BOOL: + zend_hash_index_update(array_ptr->value.ht, offset->value.lval, &expr_ptr, sizeof(zval *), NULL); + break; + case IS_STRING: + zend_symtable_update(array_ptr->value.ht, offset->value.str.val, offset->value.str.len+1, &expr_ptr, sizeof(zval *), NULL); + break; + case IS_NULL: + zend_hash_update(array_ptr->value.ht, "", sizeof(""), &expr_ptr, sizeof(zval *), NULL); + break; + default: + zend_error(E_WARNING, "Illegal offset type"); + zval_ptr_dtor(&expr_ptr); + /* do nothing */ + break; + } + FREE_OP(free_op2); + } else { + zend_hash_next_index_insert(array_ptr->value.ht, &expr_ptr, sizeof(zval *), NULL); + } + if (opline->extended_value) { + FREE_OP_VAR_PTR(free_op1); + } else { + FREE_OP_VAR(free_op1); + } + NEXT_OPCODE(); +} + + +int zend_init_array_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_init_add_array_helper(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_add_array_element_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_init_add_array_helper(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_cast_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + zval *expr = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + zval *result = &EX_T(opline->result.u.var).tmp_var; + + *result = *expr; + if (!IS_TMP_FREE(free_op1)) { + zendi_zval_copy_ctor(*result); + } + switch (opline->extended_value) { + case IS_NULL: + convert_to_null(result); + break; + case IS_BOOL: + convert_to_boolean(result); + break; + case IS_LONG: + convert_to_long(result); + break; + case IS_DOUBLE: + convert_to_double(result); + break; + case IS_STRING: { + zval var_copy; + int use_copy; + + zend_make_printable_zval(result, &var_copy, &use_copy); + if (use_copy) { + zval_dtor(result); + *result = var_copy; + } + break; + } + case IS_ARRAY: + convert_to_array(result); + break; + case IS_OBJECT: + convert_to_object(result); + break; + } + FREE_OP_VAR(free_op1); + NEXT_OPCODE(); +} + + +int zend_include_or_eval_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_op_array *new_op_array=NULL; + zval **original_return_value = EG(return_value_ptr_ptr); + int return_value_used; + zend_free_op free_op1; + zval *inc_filename = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + zval tmp_inc_filename; + zend_bool failure_retval=0; + + if (inc_filename->type!=IS_STRING) { + tmp_inc_filename = *inc_filename; + zval_copy_ctor(&tmp_inc_filename); + convert_to_string(&tmp_inc_filename); + inc_filename = &tmp_inc_filename; + } + + return_value_used = RETURN_VALUE_USED(opline); + + switch (opline->op2.u.constant.value.lval) { + case ZEND_INCLUDE_ONCE: + case ZEND_REQUIRE_ONCE: { + int dummy = 1; + zend_file_handle file_handle; + + if (SUCCESS == zend_stream_open(inc_filename->value.str.val, &file_handle TSRMLS_CC)) { + + if (!file_handle.opened_path) { + file_handle.opened_path = estrndup(inc_filename->value.str.val, inc_filename->value.str.len); + } + + if (zend_hash_add(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1, (void *)&dummy, sizeof(int), NULL)==SUCCESS) { + new_op_array = zend_compile_file(&file_handle, (opline->op2.u.constant.value.lval==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC); + zend_destroy_file_handle(&file_handle TSRMLS_CC); + } else { + zend_file_handle_dtor(&file_handle); + failure_retval=1; + } + } else { + if (opline->op2.u.constant.value.lval==ZEND_INCLUDE_ONCE) { + zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, inc_filename->value.str.val); + } else { + zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, inc_filename->value.str.val); + } + } + break; + } + break; + case ZEND_INCLUDE: + case ZEND_REQUIRE: + new_op_array = compile_filename(opline->op2.u.constant.value.lval, inc_filename TSRMLS_CC); + break; + case ZEND_EVAL: { + char *eval_desc = zend_make_compiled_string_description("eval()'d code" TSRMLS_CC); + + new_op_array = compile_string(inc_filename, eval_desc TSRMLS_CC); + efree(eval_desc); + } + break; + EMPTY_SWITCH_DEFAULT_CASE() + } + if (inc_filename==&tmp_inc_filename) { + zval_dtor(&tmp_inc_filename); + } + FREE_OP(free_op1); + EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr; + if (new_op_array) { + zval *saved_object; + zend_function *saved_function; + + EG(return_value_ptr_ptr) = EX_T(opline->result.u.var).var.ptr_ptr; + EG(active_op_array) = new_op_array; + EX_T(opline->result.u.var).var.ptr = NULL; + + saved_object = EX(object); + saved_function = EX(function_state).function; + + EX(function_state).function = (zend_function *) new_op_array; + EX(object) = NULL; + + zend_execute(new_op_array TSRMLS_CC); + + EX(function_state).function = saved_function; + EX(object) = saved_object; + + if (!return_value_used) { + if (EX_T(opline->result.u.var).var.ptr) { + zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr); + } + } else { /* return value is used */ + if (!EX_T(opline->result.u.var).var.ptr) { /* there was no return statement */ + ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr); + INIT_PZVAL(EX_T(opline->result.u.var).var.ptr); + EX_T(opline->result.u.var).var.ptr->value.lval = 1; + EX_T(opline->result.u.var).var.ptr->type = IS_BOOL; + } + } + + EG(opline_ptr) = &EX(opline); + EG(active_op_array) = EX(op_array); + EG(function_state_ptr) = &EX(function_state); + destroy_op_array(new_op_array TSRMLS_CC); + efree(new_op_array); + if (EG(exception)) { + zend_throw_exception_internal(NULL TSRMLS_CC); + } + } else { + if (return_value_used) { + ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr); + INIT_ZVAL(*EX_T(opline->result.u.var).var.ptr); + EX_T(opline->result.u.var).var.ptr->value.lval = failure_retval; + EX_T(opline->result.u.var).var.ptr->type = IS_BOOL; + } + } + EG(return_value_ptr_ptr) = original_return_value; + NEXT_OPCODE(); +} + + +int zend_unset_var_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval tmp, *varname; + HashTable *target_symbol_table; + zend_free_op free_op1; + + varname = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + + if (varname->type != IS_STRING) { + tmp = *varname; + zval_copy_ctor(&tmp); + convert_to_string(&tmp); + varname = &tmp; + } + + if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) { + zend_std_unset_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname) TSRMLS_CC); + } else { + target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC); + zend_hash_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1); + } + + if (varname == &tmp) { + zval_dtor(&tmp); + } + FREE_OP(free_op1); + NEXT_OPCODE(); +} + + + +int zend_unset_dim_obj_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + zval **container = get_obj_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + zval *offset = get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + long index; + + if (container) { + HashTable *ht; + + if (opline->extended_value == ZEND_UNSET_DIM) { + switch (Z_TYPE_PP(container)) { + case IS_ARRAY: + ht = Z_ARRVAL_PP(container); + break; + case IS_OBJECT: + ht = NULL; + if (!Z_OBJ_HT_P(*container)->unset_dimension) { + zend_error(E_ERROR, "Cannot use object as array"); + } + Z_OBJ_HT_P(*container)->unset_dimension(*container, offset TSRMLS_CC); + break; + case IS_STRING: + zend_error(E_ERROR, "Cannot unset string offsets"); + return 0; /* bailed out before */ + default: + ht = NULL; + break; + } + } else { /* ZEND_UNSET_OBJ */ + ht = NULL; + if (Z_TYPE_PP(container) == IS_OBJECT) { + Z_OBJ_HT_P(*container)->unset_property(*container, offset TSRMLS_CC); + } + } + if (ht) { + switch (offset->type) { + case IS_DOUBLE: + case IS_RESOURCE: + case IS_BOOL: + case IS_LONG: + if (offset->type == IS_DOUBLE) { + index = (long) offset->value.dval; + } else { + index = offset->value.lval; + } + + zend_hash_index_del(ht, index); + break; + case IS_STRING: + zend_symtable_del(ht, offset->value.str.val, offset->value.str.len+1); + break; + case IS_NULL: + zend_hash_del(ht, "", sizeof("")); + break; + default: + zend_error(E_WARNING, "Illegal offset type in unset"); + break; + } + } + } else { + /* overloaded element */ + } + FREE_OP(free_op2); + FREE_OP_VAR_PTR(free_op1); + + NEXT_OPCODE(); +} + + +int zend_fe_reset_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + zval *array_ptr, **array_ptr_ptr; + HashTable *fe_ht; + zend_object_iterator *iter = NULL; + zend_class_entry *ce = NULL; + + if (opline->extended_value) { + array_ptr_ptr = get_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + if (array_ptr_ptr == NULL) { + MAKE_STD_ZVAL(array_ptr); + } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) { + ce = Z_OBJCE_PP(array_ptr_ptr); + if (!ce || ce->get_iterator == NULL) { + SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr); + (*array_ptr_ptr)->refcount++; + } + array_ptr = *array_ptr_ptr; + } else { + SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr); + array_ptr = *array_ptr_ptr; + array_ptr->refcount++; + } + } else { + array_ptr = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + if (IS_TMP_FREE(free_op1)) { /* IS_TMP_VAR */ + zval *tmp; + + ALLOC_ZVAL(tmp); + *tmp = *array_ptr; + INIT_PZVAL(tmp); + array_ptr = tmp; + } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) { + ce = Z_OBJCE_P(array_ptr); + } else { + array_ptr->refcount++; + } + } + + if (ce && ce->get_iterator) { + iter = ce->get_iterator(ce, array_ptr TSRMLS_CC); + + if (iter) { + array_ptr = zend_iterator_wrap(iter TSRMLS_CC); + } else { + array_ptr->refcount++; + } + } + + PZVAL_LOCK(array_ptr); + EX_T(opline->result.u.var).var.ptr = array_ptr; + EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr; + + if (iter) { + iter->index = 0; + if (iter->funcs->rewind) { + iter->funcs->rewind(iter TSRMLS_CC); + } + } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) { + /* probably redundant */ + zend_hash_internal_pointer_reset(fe_ht); + } else { + zend_error(E_WARNING, "Invalid argument supplied for foreach()"); + + opline++; + SET_OPCODE(EX(op_array)->opcodes+opline->op2.u.opline_num); + if (opline->extended_value) { + FREE_OP_VAR_PTR(free_op1); + } else { + FREE_OP_VAR(free_op1); + } + return 0; + } + + if (opline->extended_value) { + FREE_OP_VAR_PTR(free_op1); + } else { + FREE_OP_VAR(free_op1); + } + NEXT_OPCODE(); +} + + +int zend_fe_fetch_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + zval *array = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + zval **value, *key; + char *str_key; + uint str_key_len; + ulong int_key; + HashTable *fe_ht; + zend_object_iterator *iter = NULL; + int key_type; + zend_bool use_key = opline->extended_value & ZEND_FE_FETCH_WITH_KEY; + + PZVAL_LOCK(array); + + switch (zend_iterator_unwrap(array, &iter TSRMLS_CC)) { + default: + case ZEND_ITER_INVALID: + zend_error(E_WARNING, "Invalid argument supplied for foreach()"); + SET_OPCODE(EX(op_array)->opcodes+opline->op2.u.opline_num); + return 0; /* CHECK_ME */ + + case ZEND_ITER_PLAIN_OBJECT: { + char *class_name, *prop_name; + zend_object *zobj = zend_objects_get_address(array TSRMLS_CC); + + fe_ht = HASH_OF(array); + do { + if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) { + /* reached end of iteration */ + SET_OPCODE(EX(op_array)->opcodes+opline->op2.u.opline_num); + return 0; /* CHECK_ME */ + } + key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL); + + zend_hash_move_forward(fe_ht); + } while (key_type != HASH_KEY_IS_STRING || zend_check_property_access(zobj, str_key TSRMLS_CC) != SUCCESS); + if (use_key) { + zend_unmangle_property_name(str_key, &class_name, &prop_name); + str_key_len = strlen(prop_name); + str_key = estrndup(prop_name, str_key_len); + str_key_len++; + } + break; + } + + case ZEND_ITER_PLAIN_ARRAY: + fe_ht = HASH_OF(array); + if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) { + /* reached end of iteration */ + SET_OPCODE(EX(op_array)->opcodes+opline->op2.u.opline_num); + return 0; /* CHECK_ME */ + } + if (use_key) { + key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 1, NULL); + } + zend_hash_move_forward(fe_ht); + break; + + case ZEND_ITER_OBJECT: + /* !iter happens from exception */ + if (iter && iter->index++) { + /* This could cause an endless loop if index becomes zero again. + * In case that ever happens we need an additional flag. */ + iter->funcs->move_forward(iter TSRMLS_CC); + } + if (!iter || iter->funcs->valid(iter TSRMLS_CC) == FAILURE) { + /* reached end of iteration */ + SET_OPCODE(EX(op_array)->opcodes+opline->op2.u.opline_num); + return 0; /* CHECK_ME */ + } + iter->funcs->get_current_data(iter, &value TSRMLS_CC); + if (!value) { + /* failure in get_current_data */ + SET_OPCODE(EX(op_array)->opcodes+opline->op2.u.opline_num); + return 0; /* CHECK_ME */ + } + if (use_key) { + if (iter->funcs->get_current_key) { + key_type = iter->funcs->get_current_key(iter, &str_key, &str_key_len, &int_key TSRMLS_CC); + } else { + key_type = HASH_KEY_IS_LONG; + int_key = iter->index; + } + } + + break; + } + + if (opline->extended_value & ZEND_FE_FETCH_BYREF) { + SEPARATE_ZVAL_IF_NOT_REF(value); + (*value)->is_ref = 1; + } + + if (!use_key) { + if (opline->extended_value & ZEND_FE_FETCH_BYREF) { + EX_T(opline->result.u.var).var.ptr_ptr = value; + (*value)->refcount++; + } else { + zval *result = &EX_T(opline->result.u.var).tmp_var; + + *result = **value; + zval_copy_ctor(result); + } + } else { + zval *result = &EX_T(opline->result.u.var).tmp_var; + + (*value)->refcount++; + + array_init(result); + + zend_hash_index_update(result->value.ht, 0, value, sizeof(zval *), NULL); + + ALLOC_ZVAL(key); + INIT_PZVAL(key); + + switch (key_type) { + case HASH_KEY_IS_STRING: + key->value.str.val = str_key; + key->value.str.len = str_key_len-1; + key->type = IS_STRING; + break; + case HASH_KEY_IS_LONG: + key->value.lval = int_key; + key->type = IS_LONG; + break; + EMPTY_SWITCH_DEFAULT_CASE() + } + zend_hash_index_update(result->value.ht, 1, &key, sizeof(zval *), NULL); + } + + NEXT_OPCODE(); +} + + +int zend_jmp_no_ctor_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval *object_zval; + zend_function *constructor; + zend_free_op free_op1; + + if (opline->op1.op_type == IS_VAR) { + PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr); + } + + object_zval = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + constructor = Z_OBJ_HT_P(object_zval)->get_constructor(object_zval TSRMLS_CC); + + EX(fbc_constructor) = NULL; + if (constructor == NULL) { + if(opline->op1.u.EA.type & EXT_TYPE_UNUSED) { + zval_ptr_dtor(EX_T(opline->op1.u.var).var.ptr_ptr); + } + SET_OPCODE(EX(op_array)->opcodes + opline->op2.u.opline_num); + return 0; /* CHECK_ME */ + } else { + EX(fbc_constructor) = constructor; + } + + NEXT_OPCODE(); +} + + +int zend_isset_isempty_var_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + zval tmp, *varname = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + zval **value; + zend_bool isset = 1; + HashTable *target_symbol_table; + + if (varname->type != IS_STRING) { + tmp = *varname; + zval_copy_ctor(&tmp); + convert_to_string(&tmp); + varname = &tmp; + } + + if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) { + value = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1 TSRMLS_CC); + if (!value) { + isset = 0; + } + } else { + target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC); + if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) { + isset = 0; + } + } + + EX_T(opline->result.u.var).tmp_var.type = IS_BOOL; + + switch (opline->extended_value) { + case ZEND_ISSET: + if (isset && Z_TYPE_PP(value) == IS_NULL) { + EX_T(opline->result.u.var).tmp_var.value.lval = 0; + } else { + EX_T(opline->result.u.var).tmp_var.value.lval = isset; + } + break; + case ZEND_ISEMPTY: + if (!isset || !zend_is_true(*value)) { + EX_T(opline->result.u.var).tmp_var.value.lval = 1; + } else { + EX_T(opline->result.u.var).tmp_var.value.lval = 0; + } + break; + } + + if (varname == &tmp) { + zval_dtor(&tmp); + } + FREE_OP(free_op1); + + NEXT_OPCODE(); +} + + +static int zend_isset_isempty_dim_prop_obj_handler(int prop_dim, ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1, free_op2; + zval **container = get_obj_zval_ptr_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + zval *offset = get_zval_ptr(&opline->op2, EX(Ts), &free_op2, BP_VAR_R); + zval **value = NULL; + int result = 0; + long index; + + if (container) { + if ((*container)->type == IS_ARRAY) { + HashTable *ht; + int isset = 0; + + ht = (*container)->value.ht; + + switch (offset->type) { + case IS_DOUBLE: + case IS_RESOURCE: + case IS_BOOL: + case IS_LONG: + if (offset->type == IS_DOUBLE) { + index = (long) offset->value.dval; + } else { + index = offset->value.lval; + } + if (zend_hash_index_find(ht, index, (void **) &value) == SUCCESS) { + isset = 1; + } + break; + case IS_STRING: + if (zend_symtable_find(ht, offset->value.str.val, offset->value.str.len+1, (void **) &value) == SUCCESS) { + isset = 1; + } + break; + case IS_NULL: + if (zend_hash_find(ht, "", sizeof(""), (void **) &value) == SUCCESS) { + isset = 1; + } + break; + default: + zend_error(E_WARNING, "Illegal offset type in unset"); + + break; + } + + switch (opline->extended_value) { + case ZEND_ISSET: + if (isset && Z_TYPE_PP(value) == IS_NULL) { + result = 0; + } else { + result = isset; + } + break; + case ZEND_ISEMPTY: + if (!isset || !zend_is_true(*value)) { + result = 0; + } else { + result = 1; + } + break; + } + } else if ((*container)->type == IS_OBJECT) { + if (prop_dim) { + result = Z_OBJ_HT_P(*container)->has_property(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC); + } else { + result = Z_OBJ_HT_P(*container)->has_dimension(*container, offset, (opline->extended_value == ZEND_ISEMPTY) TSRMLS_CC); + } + } else if ((*container)->type == IS_STRING) { /* string offsets */ + switch (opline->extended_value) { + case ZEND_ISSET: + if (offset->value.lval < Z_STRLEN_PP(container)) { + result = 1; + } + break; + case ZEND_ISEMPTY: + if (offset->value.lval < Z_STRLEN_PP(container) && Z_STRVAL_PP(container)[offset->value.lval] != '0') { + result = 1; + } + break; + } + } + } + + EX_T(opline->result.u.var).tmp_var.type = IS_BOOL; + + switch (opline->extended_value) { + case ZEND_ISSET: + EX_T(opline->result.u.var).tmp_var.value.lval = result; + break; + case ZEND_ISEMPTY: + EX_T(opline->result.u.var).tmp_var.value.lval = !result; + break; + } + + FREE_OP(free_op2); + FREE_OP_VAR_PTR(free_op1); + + NEXT_OPCODE(); +} + + +int zend_isset_isempty_dim_obj_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_isset_isempty_dim_prop_obj_handler(0, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + + +int zend_isset_isempty_prop_obj_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + return zend_isset_isempty_dim_prop_obj_handler(1, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU); +} + +int zend_exit_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + if (opline->op1.op_type != IS_UNUSED) { + zval *ptr; + zend_free_op free_op1; + + ptr = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + if (Z_TYPE_P(ptr) == IS_LONG) { + EG(exit_status) = Z_LVAL_P(ptr); + } else { + zend_print_variable(ptr); + } + FREE_OP(free_op1); + } + zend_bailout(); + NEXT_OPCODE(); +} + + +int zend_begin_silence_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + EX_T(opline->result.u.var).tmp_var.value.lval = EG(error_reporting); + EX_T(opline->result.u.var).tmp_var.type = IS_LONG; /* shouldn't be necessary */ + zend_alter_ini_entry("error_reporting", sizeof("error_reporting"), "0", 1, ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME); + NEXT_OPCODE(); +} + + +int zend_raise_abstract_error_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_error(E_ERROR, "Cannot call abstract method %s::%s()", EG(scope)->name, EX(op_array)->function_name); + NEXT_OPCODE(); /* Never reached */ +} + + +int zend_end_silence_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zval restored_error_reporting; + + if (!EG(error_reporting)) { + restored_error_reporting.type = IS_LONG; + restored_error_reporting.value.lval = EX_T(opline->op1.u.var).tmp_var.value.lval; + convert_to_string(&restored_error_reporting); + zend_alter_ini_entry("error_reporting", sizeof("error_reporting"), Z_STRVAL(restored_error_reporting), Z_STRLEN(restored_error_reporting), ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME); + zendi_zval_dtor(restored_error_reporting); + } + NEXT_OPCODE(); +} + + +int zend_qm_assign_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + zval *value = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + + EX_T(opline->result.u.var).tmp_var = *value; + if (!IS_TMP_FREE(free_op1)) { + zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var); + } + FREE_OP_VAR(free_op1); + NEXT_OPCODE(); +} + + +int zend_ext_stmt_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + if (!EG(no_extensions)) { + zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_statement_handler, EX(op_array) TSRMLS_CC); + } + NEXT_OPCODE(); +} + + +int zend_ext_fcall_begin_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + if (!EG(no_extensions)) { + zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_begin_handler, EX(op_array) TSRMLS_CC); + } + NEXT_OPCODE(); +} + + +int zend_ext_fcall_end_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + if (!EG(no_extensions)) { + zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_end_handler, EX(op_array) TSRMLS_CC); + } + NEXT_OPCODE(); +} + + +int zend_declare_class_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + EX_T(opline->result.u.var).class_entry = do_bind_class(opline, EG(class_table), 0 TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_declare_inherited_class_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + EX_T(opline->result.u.var).class_entry = do_bind_inherited_class(opline, EG(class_table), EX_T(opline->extended_value).class_entry, 0 TSRMLS_CC); + NEXT_OPCODE(); +} + + +int zend_declare_function_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + do_bind_function(EX(opline), EG(function_table), 0); + NEXT_OPCODE(); +} + + +int zend_ticks_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + + if (++EG(ticks_count)>=opline->op1.u.constant.value.lval) { + EG(ticks_count)=0; + if (zend_ticks_function) { + zend_ticks_function(opline->op1.u.constant.value.lval); + } + } + NEXT_OPCODE(); +} + + +int zend_instanceof_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_free_op free_op1; + zval *expr = get_zval_ptr(&opline->op1, EX(Ts), &free_op1, BP_VAR_R); + zend_bool result; + + if (Z_TYPE_P(expr) == IS_OBJECT) { + result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.u.var).class_entry TSRMLS_CC); + } else { + result = 0; + } + ZVAL_BOOL(&EX_T(opline->result.u.var).tmp_var, result); + FREE_OP(free_op1); + NEXT_OPCODE(); +} + + +int zend_ext_nop_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + NEXT_OPCODE(); +} + + +int zend_nop_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + NEXT_OPCODE(); +} + +int zend_add_interface_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_op *opline = EX(opline); + zend_class_entry *ce = EX_T(opline->op1.u.var).class_entry; + zend_class_entry *iface = EX_T(opline->op2.u.var).class_entry; + + if (!(iface->ce_flags & ZEND_ACC_INTERFACE)) { + zend_error(E_ERROR, "%s cannot implement %s - it is not an interface", ce->name, iface->name); + } + + ce->interfaces[opline->extended_value] = iface; + + zend_do_implement_interface(ce, iface TSRMLS_CC); + + NEXT_OPCODE(); +} + + +int zend_handle_exception_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_uint op_num = EG(opline_before_exception)-EG(active_op_array)->opcodes; + int i; + int encapsulating_block=-1; + zval **stack_zval_pp; + + stack_zval_pp = (zval **) EG(argument_stack).top_element - 1; + while (*stack_zval_pp != NULL) { + zval_ptr_dtor(stack_zval_pp); + EG(argument_stack).top_element--; + stack_zval_pp--; + } + + for (i=0; i<EG(active_op_array)->last_try_catch; i++) { + if (EG(active_op_array)->try_catch_array[i].try_op > op_num) { + /* further blocks will not be relevant... */ + break; + } + if (op_num >= EG(active_op_array)->try_catch_array[i].try_op + && op_num < EG(active_op_array)->try_catch_array[i].catch_op) { + encapsulating_block = i; + } + } + + if (encapsulating_block == -1) { + RETURN_FROM_EXECUTE_LOOP(execute_data); + } else { + SET_OPCODE(&EX(op_array)->opcodes[EG(active_op_array)->try_catch_array[encapsulating_block].catch_op]); + return 0; + } +} + + +int zend_verify_abstract_class_handler(ZEND_OPCODE_HANDLER_ARGS) +{ + zend_verify_abstract_class(EX_T(EX(opline)->op1.u.var).class_entry TSRMLS_CC); + NEXT_OPCODE(); +} + + +void zend_init_opcodes_handlers() +{ + memset(zend_opcode_handlers, sizeof(zend_opcode_handlers), 0); + zend_opcode_handlers[ZEND_NOP] = zend_nop_handler; + zend_opcode_handlers[ZEND_ADD] = zend_add_handler; + zend_opcode_handlers[ZEND_SUB] = zend_sub_handler; + zend_opcode_handlers[ZEND_MUL] = zend_mul_handler; + zend_opcode_handlers[ZEND_DIV] = zend_div_handler; + zend_opcode_handlers[ZEND_MOD] = zend_mod_handler; + zend_opcode_handlers[ZEND_SL] = zend_sl_handler; + zend_opcode_handlers[ZEND_SR] = zend_sr_handler; + zend_opcode_handlers[ZEND_CONCAT] = zend_concat_handler; + zend_opcode_handlers[ZEND_BW_OR] = zend_bw_or_handler; + zend_opcode_handlers[ZEND_BW_AND] = zend_bw_and_handler; + zend_opcode_handlers[ZEND_BW_XOR] = zend_bw_xor_handler; + zend_opcode_handlers[ZEND_BW_NOT] = zend_bw_not_handler; + zend_opcode_handlers[ZEND_BOOL_NOT] = zend_bool_not_handler; + zend_opcode_handlers[ZEND_BOOL_XOR] = zend_bool_xor_handler; + zend_opcode_handlers[ZEND_IS_IDENTICAL] = zend_is_identical_handler; + zend_opcode_handlers[ZEND_IS_NOT_IDENTICAL] = zend_is_not_identical_handler; + zend_opcode_handlers[ZEND_IS_EQUAL] = zend_is_equal_handler; + zend_opcode_handlers[ZEND_IS_NOT_EQUAL] = zend_is_not_equal_handler; + zend_opcode_handlers[ZEND_IS_SMALLER] = zend_is_smaller_handler; + zend_opcode_handlers[ZEND_IS_SMALLER_OR_EQUAL] = zend_is_smaller_or_equal_handler; + zend_opcode_handlers[ZEND_CAST] = zend_cast_handler; + zend_opcode_handlers[ZEND_QM_ASSIGN] = zend_qm_assign_handler; + + zend_opcode_handlers[ZEND_ASSIGN_ADD] = zend_assign_add_handler; + zend_opcode_handlers[ZEND_ASSIGN_SUB] = zend_assign_sub_handler; + zend_opcode_handlers[ZEND_ASSIGN_MUL] = zend_assign_mul_handler; + zend_opcode_handlers[ZEND_ASSIGN_DIV] = zend_assign_div_handler; + zend_opcode_handlers[ZEND_ASSIGN_MOD] = zend_assign_mod_handler; + zend_opcode_handlers[ZEND_ASSIGN_SL] = zend_assign_sl_handler; + zend_opcode_handlers[ZEND_ASSIGN_SR] = zend_assign_sr_handler; + zend_opcode_handlers[ZEND_ASSIGN_CONCAT] = zend_assign_concat_handler; + zend_opcode_handlers[ZEND_ASSIGN_BW_OR] = zend_assign_bw_or_handler; + zend_opcode_handlers[ZEND_ASSIGN_BW_AND] = zend_assign_bw_and_handler; + zend_opcode_handlers[ZEND_ASSIGN_BW_XOR] = zend_assign_bw_xor_handler; + + zend_opcode_handlers[ZEND_PRE_INC] = zend_pre_inc_handler; + zend_opcode_handlers[ZEND_PRE_DEC] = zend_pre_dec_handler; + zend_opcode_handlers[ZEND_POST_INC] = zend_post_inc_handler; + zend_opcode_handlers[ZEND_POST_DEC] = zend_post_dec_handler; + + zend_opcode_handlers[ZEND_ASSIGN] = zend_assign_handler; + zend_opcode_handlers[ZEND_ASSIGN_REF] = zend_assign_ref_handler; + + zend_opcode_handlers[ZEND_ECHO] = zend_echo_handler; + zend_opcode_handlers[ZEND_PRINT] = zend_print_handler; + + zend_opcode_handlers[ZEND_JMP] = zend_jmp_handler; + zend_opcode_handlers[ZEND_JMPZ] = zend_jmpz_handler; + zend_opcode_handlers[ZEND_JMPNZ] = zend_jmpnz_handler; + zend_opcode_handlers[ZEND_JMPZNZ] = zend_jmpznz_handler; + zend_opcode_handlers[ZEND_JMPZ_EX] = zend_jmpz_ex_handler; + zend_opcode_handlers[ZEND_JMPNZ_EX] = zend_jmpnz_ex_handler; + zend_opcode_handlers[ZEND_CASE] = zend_case_handler; + zend_opcode_handlers[ZEND_SWITCH_FREE] = zend_switch_free_handler; + zend_opcode_handlers[ZEND_BRK] = zend_brk_handler; + zend_opcode_handlers[ZEND_CONT] = zend_cont_handler; + zend_opcode_handlers[ZEND_BOOL] = zend_bool_handler; + + zend_opcode_handlers[ZEND_INIT_STRING] = zend_init_string_handler; + zend_opcode_handlers[ZEND_ADD_CHAR] = zend_add_char_handler; + zend_opcode_handlers[ZEND_ADD_STRING] = zend_add_string_handler; + zend_opcode_handlers[ZEND_ADD_VAR] = zend_add_var_handler; + + zend_opcode_handlers[ZEND_BEGIN_SILENCE] = zend_begin_silence_handler; + zend_opcode_handlers[ZEND_END_SILENCE] = zend_end_silence_handler; + + zend_opcode_handlers[ZEND_INIT_FCALL_BY_NAME] = zend_init_fcall_by_name_handler; + zend_opcode_handlers[ZEND_DO_FCALL] = zend_do_fcall_handler; + zend_opcode_handlers[ZEND_DO_FCALL_BY_NAME] = zend_do_fcall_by_name_handler; + zend_opcode_handlers[ZEND_RETURN] = zend_return_handler; + + zend_opcode_handlers[ZEND_RECV] = zend_recv_handler; + zend_opcode_handlers[ZEND_RECV_INIT] = zend_recv_init_handler; + + zend_opcode_handlers[ZEND_SEND_VAL] = zend_send_val_handler; + zend_opcode_handlers[ZEND_SEND_VAR] = zend_send_var_handler; + zend_opcode_handlers[ZEND_SEND_REF] = zend_send_ref_handler; + + zend_opcode_handlers[ZEND_NEW] = zend_new_handler; + zend_opcode_handlers[ZEND_JMP_NO_CTOR] = zend_jmp_no_ctor_handler; + zend_opcode_handlers[ZEND_FREE] = zend_free_handler; + + zend_opcode_handlers[ZEND_INIT_ARRAY] = zend_init_array_handler; + zend_opcode_handlers[ZEND_ADD_ARRAY_ELEMENT] = zend_add_array_element_handler; + + zend_opcode_handlers[ZEND_INCLUDE_OR_EVAL] = zend_include_or_eval_handler; + + zend_opcode_handlers[ZEND_UNSET_VAR] = zend_unset_var_handler; + zend_opcode_handlers[ZEND_UNSET_DIM_OBJ] = zend_unset_dim_obj_handler; + + zend_opcode_handlers[ZEND_FE_RESET] = zend_fe_reset_handler; + zend_opcode_handlers[ZEND_FE_FETCH] = zend_fe_fetch_handler; + + zend_opcode_handlers[ZEND_EXIT] = zend_exit_handler; + + zend_opcode_handlers[ZEND_FETCH_R] = zend_fetch_r_handler; + zend_opcode_handlers[ZEND_FETCH_DIM_R] = zend_fetch_dim_r_handler; + zend_opcode_handlers[ZEND_FETCH_OBJ_R] = zend_fetch_obj_r_handler; + zend_opcode_handlers[ZEND_FETCH_W] = zend_fetch_w_handler; + zend_opcode_handlers[ZEND_FETCH_DIM_W] = zend_fetch_dim_w_handler; + zend_opcode_handlers[ZEND_FETCH_OBJ_W] = zend_fetch_obj_w_handler; + zend_opcode_handlers[ZEND_FETCH_RW] = zend_fetch_rw_handler; + zend_opcode_handlers[ZEND_FETCH_DIM_RW] = zend_fetch_dim_rw_handler; + zend_opcode_handlers[ZEND_FETCH_OBJ_RW] = zend_fetch_obj_rw_handler; + zend_opcode_handlers[ZEND_FETCH_IS] = zend_fetch_is_handler; + zend_opcode_handlers[ZEND_FETCH_DIM_IS] = zend_fetch_dim_is_handler; + zend_opcode_handlers[ZEND_FETCH_OBJ_IS] = zend_fetch_obj_is_handler; + zend_opcode_handlers[ZEND_FETCH_FUNC_ARG] = zend_fetch_func_arg_handler; + zend_opcode_handlers[ZEND_FETCH_DIM_FUNC_ARG] = zend_fetch_dim_func_arg_handler; + zend_opcode_handlers[ZEND_FETCH_OBJ_FUNC_ARG] = zend_fetch_obj_func_arg_handler; + zend_opcode_handlers[ZEND_FETCH_UNSET] = zend_fetch_unset_handler; + zend_opcode_handlers[ZEND_FETCH_DIM_UNSET] = zend_fetch_dim_unset_handler; + zend_opcode_handlers[ZEND_FETCH_OBJ_UNSET] = zend_fetch_obj_unset_handler; + + zend_opcode_handlers[ZEND_FETCH_DIM_TMP_VAR] = zend_fetch_dim_tmp_var_handler; + zend_opcode_handlers[ZEND_FETCH_CONSTANT] = zend_fetch_constant_handler; + + zend_opcode_handlers[ZEND_EXT_STMT] = zend_ext_stmt_handler; + zend_opcode_handlers[ZEND_EXT_FCALL_BEGIN] = zend_ext_fcall_begin_handler; + zend_opcode_handlers[ZEND_EXT_FCALL_END] = zend_ext_fcall_end_handler; + zend_opcode_handlers[ZEND_EXT_NOP] = zend_ext_nop_handler; + + zend_opcode_handlers[ZEND_TICKS] = zend_ticks_handler; + + zend_opcode_handlers[ZEND_SEND_VAR_NO_REF] = zend_send_var_no_ref_handler; + + zend_opcode_handlers[ZEND_CATCH] = zend_catch_handler; + zend_opcode_handlers[ZEND_THROW] = zend_throw_handler; + + zend_opcode_handlers[ZEND_FETCH_CLASS] = zend_fetch_class_handler; + + zend_opcode_handlers[ZEND_CLONE] = zend_clone_handler; + + zend_opcode_handlers[ZEND_INIT_CTOR_CALL] = zend_init_ctor_call_handler; + zend_opcode_handlers[ZEND_INIT_METHOD_CALL] = zend_init_method_call_handler; + zend_opcode_handlers[ZEND_INIT_STATIC_METHOD_CALL] = zend_init_static_method_call_handler; + + zend_opcode_handlers[ZEND_ISSET_ISEMPTY_VAR] = zend_isset_isempty_var_handler; + zend_opcode_handlers[ZEND_ISSET_ISEMPTY_DIM_OBJ] = zend_isset_isempty_dim_obj_handler; + zend_opcode_handlers[ZEND_ISSET_ISEMPTY_PROP_OBJ] = zend_isset_isempty_prop_obj_handler; + + zend_opcode_handlers[ZEND_PRE_INC_OBJ] = zend_pre_inc_obj_handler; + zend_opcode_handlers[ZEND_PRE_DEC_OBJ] = zend_pre_dec_obj_handler; + zend_opcode_handlers[ZEND_POST_INC_OBJ] = zend_post_inc_obj_handler; + zend_opcode_handlers[ZEND_POST_DEC_OBJ] = zend_post_dec_obj_handler; + + zend_opcode_handlers[ZEND_ASSIGN_OBJ] = zend_assign_obj_handler; + zend_opcode_handlers[ZEND_OP_DATA] = NULL; + + zend_opcode_handlers[ZEND_INSTANCEOF] = zend_instanceof_handler; + + zend_opcode_handlers[ZEND_DECLARE_CLASS] = zend_declare_class_handler; + zend_opcode_handlers[ZEND_DECLARE_INHERITED_CLASS] = zend_declare_inherited_class_handler; + zend_opcode_handlers[ZEND_DECLARE_FUNCTION] = zend_declare_function_handler; + + zend_opcode_handlers[ZEND_RAISE_ABSTRACT_ERROR] = zend_raise_abstract_error_handler; + + zend_opcode_handlers[ZEND_ADD_INTERFACE] = zend_add_interface_handler; + zend_opcode_handlers[ZEND_VERIFY_ABSTRACT_CLASS] = zend_verify_abstract_class_handler; + + zend_opcode_handlers[ZEND_ASSIGN_DIM] = zend_assign_dim_handler; + + zend_opcode_handlers[ZEND_HANDLE_EXCEPTION] = zend_handle_exception_handler; + } /* diff --git a/Zend/zend_execute.h b/Zend/zend_execute.h index f4621fe223..2ff6ba25eb 100644 --- a/Zend/zend_execute.h +++ b/Zend/zend_execute.h @@ -167,6 +167,8 @@ void zend_shutdown_timeout_thread(); #define active_opline (*EG(opline_ptr)) +void zend_assign_to_variable_reference(znode *result, zval **variable_ptr_ptr, zval **value_ptr_ptr, temp_variable *Ts TSRMLS_DC); + /* The following tries to resolve the classname of a zval of type object. * Since it is slow it should be only used in error messages. */ diff --git a/Zend/zend_execute_API.c b/Zend/zend_execute_API.c index 7201fe852d..f3864cfca6 100644 --- a/Zend/zend_execute_API.c +++ b/Zend/zend_execute_API.c @@ -30,7 +30,6 @@ #include "zend_constants.h" #include "zend_extensions.h" #include "zend_exceptions.h" -#include "zend_vm.h" #ifdef HAVE_SYS_TIME_H #include <sys/time.h> #endif @@ -1074,7 +1073,7 @@ void execute_new_code(TSRMLS_D) opline->op2.u.constant.is_ref = 1; opline->op2.u.constant.refcount = 2; } - ZEND_VM_SET_OPCODE_HANDLER(opline); + opline->handler = zend_opcode_handlers[opline->opcode]; opline++; } diff --git a/Zend/zend_extensions.h b/Zend/zend_extensions.h index 236072b0de..a54d9fa21d 100644 --- a/Zend/zend_extensions.h +++ b/Zend/zend_extensions.h @@ -25,9 +25,9 @@ #include "zend_compile.h" /* The first number is the engine version and the rest is the date. - * This way engine 2 API no. is always greater than engine 1 API no. + * This way engine 2 API no. is always greater than engine 1 API no.. */ -#define ZEND_EXTENSION_API_NO 220040909 +#define ZEND_EXTENSION_API_NO 220040718 typedef struct _zend_extension_version_info { int zend_extension_api_no; diff --git a/Zend/zend_opcode.c b/Zend/zend_opcode.c index 0c47ceaa50..e5c8faba95 100644 --- a/Zend/zend_opcode.c +++ b/Zend/zend_opcode.c @@ -27,8 +27,6 @@ #include "zend_extensions.h" #include "zend_API.h" -#include "zend_vm.h" - static void zend_extension_op_array_ctor_handler(zend_extension *extension, zend_op_array *op_array TSRMLS_DC) { if (extension->op_array_ctor) { @@ -363,7 +361,7 @@ int pass_two(zend_op_array *op_array TSRMLS_DC) opline->op2.u.jmp_addr = &op_array->opcodes[opline->op2.u.opline_num]; break; } - ZEND_VM_SET_OPCODE_HANDLER(opline); + opline->handler = zend_opcode_handlers[opline->opcode]; opline++; } |