Avoid non-object in FE_FREE

Even if the properties HT is empty, make sure we still leave an object in the FE_RESET result, so our type inference results stay correct.
author: Nikita Popov <nikita.ppv@gmail.com> 2020-10-12 09:38:59 +0200
committer: Nikita Popov <nikita.ppv@gmail.com> 2020-10-12 09:45:52 +0200
commit: 304141e8f8e810875ef18fabaefde6ded5929aa0 (patch)
tree: f02bde6c16a6c6430f83b317e299f3b98e7e8b06
parent: 34179ba8092a715ca95e9c5801ef8d5759fca97e (diff)
download: php-git-304141e8f8e810875ef18fabaefde6ded5929aa0.tar.gz
2 files changed, 40 insertions, 25 deletions
diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h
index 6305ef8ef4..bc7550f4ed 100644
--- a/Zend/zend_vm_def.h
+++ b/Zend/zend_vm_def.h
@@ -6327,15 +6327,18 @@ ZEND_VM_HANDLER(77, ZEND_FE_RESET_R, CONST|TMP|VAR|CV, JMP_ADDR)
 			}
 
 			properties = Z_OBJPROP_P(array_ptr);
-			if (zend_hash_num_elements(properties) == 0) {
-				ZEND_VM_C_GOTO(fe_reset_r_empty);
-			}
-
 			result = EX_VAR(opline->result.var);
 			ZVAL_COPY_VALUE(result, array_ptr);
 			if (OP1_TYPE != IS_TMP_VAR) {
 				Z_ADDREF_P(array_ptr);
 			}
+
+			if (zend_hash_num_elements(properties) == 0) {
+				Z_FE_ITER_P(result) = (uint32_t) -1;
+				FREE_OP1_IF_VAR();
+				ZEND_VM_JMP(OP_JMP_ADDR(opline, opline->op2));
+			}
+
 			Z_FE_ITER_P(result) = zend_hash_iterator_add(properties, 0);
 			FREE_OP1_IF_VAR();
 			ZEND_VM_NEXT_OPCODE_CHECK_EXCEPTION();
@@ -6353,7 +6356,6 @@ ZEND_VM_HANDLER(77, ZEND_FE_RESET_R, CONST|TMP|VAR|CV, JMP_ADDR)
 		}
 	} else {
 		zend_error(E_WARNING, "Invalid argument supplied for foreach()");
-ZEND_VM_C_LABEL(fe_reset_r_empty):
 		ZVAL_UNDEF(EX_VAR(opline->result.var));
 		Z_FE_ITER_P(EX_VAR(opline->result.var)) = (uint32_t)-1;
 		FREE_OP1();
@@ -6427,6 +6429,7 @@ ZEND_VM_COLD_CONST_HANDLER(125, ZEND_FE_RESET_RW, CONST|TMP|VAR|CV, JMP_ADDR)
 			properties = Z_OBJPROP_P(array_ptr);
 			if (zend_hash_num_elements(properties) == 0) {
 				Z_FE_ITER_P(EX_VAR(opline->result.var)) = (uint32_t) -1;
+				FREE_OP1_VAR_PTR();
 				ZEND_VM_JMP(OP_JMP_ADDR(opline, opline->op2));
 			}
 
diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h
index 770f9667c9..0e65367eb5 100644
--- a/Zend/zend_vm_execute.h
+++ b/Zend/zend_vm_execute.h
@@ -4150,15 +4150,18 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_R_SPEC_CONST_HANDLER(
 			}
 
 			properties = Z_OBJPROP_P(array_ptr);
-			if (zend_hash_num_elements(properties) == 0) {
-				goto fe_reset_r_empty;
-			}
-
 			result = EX_VAR(opline->result.var);
 			ZVAL_COPY_VALUE(result, array_ptr);
 			if (IS_CONST != IS_TMP_VAR) {
 				Z_ADDREF_P(array_ptr);
 			}
+
+			if (zend_hash_num_elements(properties) == 0) {
+				Z_FE_ITER_P(result) = (uint32_t) -1;
+
+				ZEND_VM_JMP(OP_JMP_ADDR(opline, opline->op2));
+			}
+
 			Z_FE_ITER_P(result) = zend_hash_iterator_add(properties, 0);
 
 			ZEND_VM_NEXT_OPCODE_CHECK_EXCEPTION();
@@ -4175,7 +4178,6 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_R_SPEC_CONST_HANDLER(
 		}
 	} else {
 		zend_error(E_WARNING, "Invalid argument supplied for foreach()");
-fe_reset_r_empty:
 		ZVAL_UNDEF(EX_VAR(opline->result.var));
 		Z_FE_ITER_P(EX_VAR(opline->result.var)) = (uint32_t)-1;
 
@@ -4249,6 +4251,7 @@ static ZEND_VM_COLD ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_RW_SPEC_
 			properties = Z_OBJPROP_P(array_ptr);
 			if (zend_hash_num_elements(properties) == 0) {
 				Z_FE_ITER_P(EX_VAR(opline->result.var)) = (uint32_t) -1;
+
 				ZEND_VM_JMP(OP_JMP_ADDR(opline, opline->op2));
 			}
 
@@ -18218,15 +18221,18 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_R_SPEC_TMP_HANDLER(ZE
 			}
 
 			properties = Z_OBJPROP_P(array_ptr);
-			if (zend_hash_num_elements(properties) == 0) {
-				goto fe_reset_r_empty;
-			}
-
 			result = EX_VAR(opline->result.var);
 			ZVAL_COPY_VALUE(result, array_ptr);
 			if (IS_TMP_VAR != IS_TMP_VAR) {
 				Z_ADDREF_P(array_ptr);
 			}
+
+			if (zend_hash_num_elements(properties) == 0) {
+				Z_FE_ITER_P(result) = (uint32_t) -1;
+
+				ZEND_VM_JMP(OP_JMP_ADDR(opline, opline->op2));
+			}
+
 			Z_FE_ITER_P(result) = zend_hash_iterator_add(properties, 0);
 
 			ZEND_VM_NEXT_OPCODE_CHECK_EXCEPTION();
@@ -18244,7 +18250,6 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_R_SPEC_TMP_HANDLER(ZE
 		}
 	} else {
 		zend_error(E_WARNING, "Invalid argument supplied for foreach()");
-fe_reset_r_empty:
 		ZVAL_UNDEF(EX_VAR(opline->result.var));
 		Z_FE_ITER_P(EX_VAR(opline->result.var)) = (uint32_t)-1;
 		zval_ptr_dtor_nogc(free_op1);
@@ -18318,6 +18323,7 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_RW_SPEC_TMP_HANDLER(Z
 			properties = Z_OBJPROP_P(array_ptr);
 			if (zend_hash_num_elements(properties) == 0) {
 				Z_FE_ITER_P(EX_VAR(opline->result.var)) = (uint32_t) -1;
+
 				ZEND_VM_JMP(OP_JMP_ADDR(opline, opline->op2));
 			}
 
@@ -21324,15 +21330,18 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_R_SPEC_VAR_HANDLER(ZE
 			}
 
 			properties = Z_OBJPROP_P(array_ptr);
-			if (zend_hash_num_elements(properties) == 0) {
-				goto fe_reset_r_empty;
-			}
-
 			result = EX_VAR(opline->result.var);
 			ZVAL_COPY_VALUE(result, array_ptr);
 			if (IS_VAR != IS_TMP_VAR) {
 				Z_ADDREF_P(array_ptr);
 			}
+
+			if (zend_hash_num_elements(properties) == 0) {
+				Z_FE_ITER_P(result) = (uint32_t) -1;
+				zval_ptr_dtor_nogc(free_op1);
+				ZEND_VM_JMP(OP_JMP_ADDR(opline, opline->op2));
+			}
+
 			Z_FE_ITER_P(result) = zend_hash_iterator_add(properties, 0);
 			zval_ptr_dtor_nogc(free_op1);
 			ZEND_VM_NEXT_OPCODE_CHECK_EXCEPTION();
@@ -21350,7 +21359,6 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_R_SPEC_VAR_HANDLER(ZE
 		}
 	} else {
 		zend_error(E_WARNING, "Invalid argument supplied for foreach()");
-fe_reset_r_empty:
 		ZVAL_UNDEF(EX_VAR(opline->result.var));
 		Z_FE_ITER_P(EX_VAR(opline->result.var)) = (uint32_t)-1;
 		zval_ptr_dtor_nogc(free_op1);
@@ -21424,6 +21432,7 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_RW_SPEC_VAR_HANDLER(Z
 			properties = Z_OBJPROP_P(array_ptr);
 			if (zend_hash_num_elements(properties) == 0) {
 				Z_FE_ITER_P(EX_VAR(opline->result.var)) = (uint32_t) -1;
+				if (UNEXPECTED(free_op1)) {zval_ptr_dtor_nogc(free_op1);};
 				ZEND_VM_JMP(OP_JMP_ADDR(opline, opline->op2));
 			}
 
@@ -37848,15 +37857,18 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_R_SPEC_CV_HANDLER(ZEN
 			}
 
 			properties = Z_OBJPROP_P(array_ptr);
-			if (zend_hash_num_elements(properties) == 0) {
-				goto fe_reset_r_empty;
-			}
-
 			result = EX_VAR(opline->result.var);
 			ZVAL_COPY_VALUE(result, array_ptr);
 			if (IS_CV != IS_TMP_VAR) {
 				Z_ADDREF_P(array_ptr);
 			}
+
+			if (zend_hash_num_elements(properties) == 0) {
+				Z_FE_ITER_P(result) = (uint32_t) -1;
+
+				ZEND_VM_JMP(OP_JMP_ADDR(opline, opline->op2));
+			}
+
 			Z_FE_ITER_P(result) = zend_hash_iterator_add(properties, 0);
 
 			ZEND_VM_NEXT_OPCODE_CHECK_EXCEPTION();
@@ -37873,7 +37885,6 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_R_SPEC_CV_HANDLER(ZEN
 		}
 	} else {
 		zend_error(E_WARNING, "Invalid argument supplied for foreach()");
-fe_reset_r_empty:
 		ZVAL_UNDEF(EX_VAR(opline->result.var));
 		Z_FE_ITER_P(EX_VAR(opline->result.var)) = (uint32_t)-1;
 
@@ -37947,6 +37958,7 @@ static ZEND_OPCODE_HANDLER_RET ZEND_FASTCALL ZEND_FE_RESET_RW_SPEC_CV_HANDLER(ZE
 			properties = Z_OBJPROP_P(array_ptr);
 			if (zend_hash_num_elements(properties) == 0) {
 				Z_FE_ITER_P(EX_VAR(opline->result.var)) = (uint32_t) -1;
+
 				ZEND_VM_JMP(OP_JMP_ADDR(opline, opline->op2));
 			}
author	Nikita Popov <nikita.ppv@gmail.com>	2020-10-12 09:38:59 +0200
committer	Nikita Popov <nikita.ppv@gmail.com>	2020-10-12 09:45:52 +0200
commit	304141e8f8e810875ef18fabaefde6ded5929aa0 (patch)
tree	f02bde6c16a6c6430f83b317e299f3b98e7e8b06
parent	34179ba8092a715ca95e9c5801ef8d5759fca97e (diff)
download	php-git-304141e8f8e810875ef18fabaefde6ded5929aa0.tar.gz